Best Password Manager in 2023
It’s never a good idea to use the same password for every account. But remembering dozens of complex and unique codes for every website and service is a serious headache. Keeping a master list of all your passwords is just asking for trouble, so if you want a safe and convenient way to remember them all, you’ll want to invest in a password management service. And to help you find one you can trust, we’ve rounded up the best password managers of 2023 below.
A weak password is just as easy for criminals to hack as it is for you to remember. Once your password has been compromised, you’re vulnerable to credential stuffing attacks, which can result in many of your online accounts being breached. At that point, you may as well tweet out all of your online login credentials to the world.
A password manager is an online service that provides an encrypted vault where you can store the login credentials for all of your online accounts so you don’t have to remember them. You only need to remember a single master password to access the encrypted vault — from which you can access all of the other passwords you have stored. Password manager services usually offer user-friendly web interfaces, apps or browser extensions where you can access your encrypted vault using your master password.
The best password managers are cross-platform-compatible and can automatically sync your entire vault across all of your devices. This means that once you’ve entered your passwords into the password manager on one device, they’ll automatically show up on all your other devices on which you’ve installed the app — whether you’re using Windows, MacOS, Linux, iOS, Android or a browser extension. Keep in mind that, by their nature, password managers are extremely attractive targets for cybercriminals, so it’s important that you choose one with a track record for security and transparency.
Why you need a password manager
NordPass estimates that the average internet user has between 70 and 80 passwords. It’s virtually impossible to remember each individual complex password that you should be creating for each account, which means you need another mechanism to keep track of them all.
Using a password manager is a far more effective and convenient mechanism for keeping track of your passwords. You can use one to create strong, unique passwords that are exponentially more difficult to hack than something like Fido1986. And if you’re unsure of how to create a strong password, a good password manager will always include a strong password generator feature that will create them for you. A password manager can even help guard against phishing attacks because if the password manager doesn’t recognize the URL on which you’re entering your login credentials (i.e. if you’re on a phishing site), its autofill function won’t offer to fill the credentials.
And password managers have benefits beyond just storing passwords. You can use your password manager to securely store other items including credit card numbers (to autofill in online stores), identification documents, travel documents, medical records, PIN codes, bank account numbers and secure notes. Many of the top password managers also offer additional features like cloud storage and attachments, password health reports, data breach notifications and dark web monitoring (which alerts you if any of your personal information has been detected on the dark web). You can also use your password manager to securely share passwords and other items with family members, friends or other trusted contacts.
Best password managers in 2023
Bitwarden
Best overall password manager
Bitwarden is a solid choice if you want a well-rounded premium password manager that’s secure, transparent, budget friendly and easy to use — or if you want a legitimately unlimited password management solution for free.
1Password
Best premium password manager
1Password is the password manager for you if you’re looking for a solution that’s a breeze to use on all your devices and includes some really handy extras. Its Travel Mode feature makes 1Password an ideal choice for anyone traveling on business, students studying abroad, journalists or digital nomads.
NordPass
Best password manager for large file attachments
NordPass is the password management solution developed by Nord Security, the folks behind the popular virtual private network NordVPN (one of CNET’s top VPN picks). Nord’s password manager is relatively new, but has upgraded its offering in the past year with a slew of features that has brought it up to speed with its peers and has helped it earn a spot among our top password manager picks. If you’re already a NordVPN user, or otherwise already in the Nord Security ecosystem and you’re looking for a top-notch password manager, then NordPass is a no-brainer.
Keeper
Best password manager for offline vault access
Keeper is a solid option for anyone who wants a family plan with generous amounts of cloud storage and continuous dark web monitoring or anyone who may need offline access to their vaults while traveling or in areas with spotty internet.
Dashlane
Best password manager for large families
Dashlane is a capable password manager that’s easy to use and has a decent set of features, but it’s probably best suited for individual users or larger families/groups of friends willing to split the price of an expensive family plan. There is a free plan on offer that lets you store an unlimited number of passwords, but it’s limited to a single device — which may work for you if you only have one computer or mobile device. But if you want to sync multiple devices with Dashlane’s free plan, you’re out of luck.
Other password managers I tested
Enpass
Enpass is unique in that it allows you to store your vault in a location of your choosing. It doesn’t have centralized servers that store your data. You can either store your vault on your devices themselves, or in your own personal cloud storage like Dropbox or iCloud. Unless you’re storing it on your own device, you’ll need to trust the third-party cloud service you’re using just like you’d need to trust any other password manager with your vault. But with your vault stored locally on your device, you can access your vault items while offline or in areas of limited internet access.
Enpass is a great option for anyone who wants complete control over the storage of their password manager vaults and anyone who may be jaded by the way LastPass has failed to secure user vaults. If that’s you, and you don’t mind using an app that’s a bit outdated and clunky but still fully functional, then give Enpass a look. There’s a ton of options for customizations as well, so it’s a solid option for the more techy crowd or anyone who likes to tinker around. Enpass costs $24 per year for individuals or $36 for the first year (then $48 per year) for a family plan that includes six licenses. You can also purchase a lifetime individual plan for $100.
KeePass
KeePass is completely open source and completely free. It’s a powerful password manager, but geared primarily toward the techie crowd. The interface is outdated and cumbersome to navigate compared to what other password managers offer. KeePass is optimized for use on Windows machines, but unofficial ports for other platforms including MacOS, Linux, Android and iOS are available for download on the site. But if you have a great deal of technical know-how and want a free password manager that’s open source and highly customizable, then KeePass may be an option for you.
Apple iCloud Keychain
Apple’s built-in password manager for Macs and iOS devices is probably already familiar to most Apple users. It’s a secure and convenient password manager solution that’s included with your Apple ID at no additional cost. It includes basic features like storing and autofilling your passwords and other items like credit card numbers and passkeys. And with the release of iOS 17 this fall, Apple will allow you to share passwords and passkeys with trusted contacts. You’ll be able to create sharing groups and choose a set of accounts to share with others, with the option to remove anyone in the group at any time. Still, Apple’s iCloud Keychain lacks the full breadth of options offered by other premium password manager solutions. You can set up iCloud Keychain on a Windows machine as well, but you’ll need to initiate the process from your Apple device. So it’s really only a viable (albeit very basic) password manager solution if you already own an Apple device.
See iCloud Keychain details at Apple
ExpressVPN Keys
ExpressVPN, CNET’s Editors’ Choice best overall VPN, is getting into the game with a new password management solution called Keys. The password manager is currently in beta and only available to a select number of ExpressVPN users, but will be rolled out more broadly and included with all ExpressVPN accounts at a later date. Though it’s still in beta, Keys is already a feature-rich password manager that’s intuitive and user-friendly. Keys offers many of the features that other top password managers offer, including a customizable password generator, password health reports, 2FA, auto-sync and autofill. Express also just added an authenticator feature to Keys, which can generate six-digit time-based one-time passwords (TOTP) that rotate every 30 seconds. The TOTP feature is only available to select Android users at this time, but will be rolled out universally in the near future, Express said.
Keys will be available as a browser extension on Chrome, Edge, Opera, Brave and Vivaldi, and included on ExpressVPN’s iOS and Android apps. Once Keys is rolled out to all users, it will be an ideal password manager choice for ExpressVPN users. I’m impressed with the service so far, and it’s evident the Express team is working continuously to improve the offering and add new features. But at this point, it doesn’t belong among the top picks because it’s still in beta and not available to all ExpressVPN users yet, let alone to folks who don’t use ExpressVPN. Once it is rolled out broadly to all ExpressVPN users, it would be nice to see Keys also made available to non-users as well, à la NordPass.
What about LastPass?
LastPass is one of the most well-known and popular password managers on the market, with more than 33 million personal users and 100,000 business users, according to the company. However, in light of its lengthy history of security incidents — including the data breach at the end of 2022 in which an “unauthorized party” stole customer account information and sensitive vault data — CNET cannot in good conscience recommend LastPass to our readers.
Even considering that LastPass has completed its investigation into the incident and has prioritized “investments in security, privacy and operational best practices” in the wake of the breach, the password manager remains off CNET’s list at this time. The alarming nature of that latest data breach has severely undermined trust in the company’s security tool for individual consumers and businesses.
That said, CNET will be conducting a thorough re-review of the service in the future, after which we will reevaluate whether LastPass has earned an opportunity to appear on our list of best password managers again. In the meantime, you can turn to any of the password managers featured above.
Password manager FAQ
How do I set up a password manager?
Most password manager setups are simple and straightforward. Typically, once you’ve decided on a password manager and signed up for the service you’ll be prompted to create a master password. Your master password should be a strong password or passphrase that you can remember, but haven’t used for any other logins. The master password is the one password you need to access your password manager vault. The next step is to download the app or browser extension to the devices you plan to use the service on. You can also opt to use the web-based user interface if you prefer (if offered by the service you choose).
Can a password manager be hacked?
Password managers are extremely attractive targets for cybercriminals — and yes, they can be hacked, as we’ve seen with LastPass. However, all of the password managers listed above (including LastPass) operate on a zero-knowledge approach to password management, meaning that not even the company storing your vault data has the ability to decrypt the information contained within. Only the user can decrypt and access their own vault. Similarly, the password managers featured above do not have access to your master password.
What makes for a secure password?
A strong password should ideally be a minimum of eight characters, including upper and lower case letters, numbers and symbols. You can also create passphrases that consist of randomly strung-together words. The best password managers offer customizable password generators that you can use to create truly random passwords and passphrases based on the criteria you select. The longer and more complex the password or passphrase, the better.
Can I use a free password manager?
There are a few legitimate free password manager options for anyone who wants to securely store their passwords without paying a dime. Bitwarden is CNET’s recommendation for the best free password manager, thanks to it including a broad feature set and allowing for an unlimited number of vault items on an unlimited number of devices at no cost. NordPass is another password manager that offers a legitimate free plan that is almost as good as Bitwarden’s. If you’re more technically inclined, you can opt for KeePass, which is completely free and unlimited, but not as easy to use as many others.
More computer advice
- Best VPN Services
- Best Identity Monitoring Services
- Best Web Hosting Providers
- Best WordPress Hosting for 2023
- Best Website Builder for 2023: Squarespace, Wix and More Compared
- Best Antivirus Software for 2023
- Best Credit Monitoring Services in 2023
- The Best LastPass Alternative in 2023
- Best Gear for Video Chats From Home: Webcams, Lights, Mics and More
- Best Android VPNs for 2023
- 7 Must-Have Ergonomic Upgrades for Your Home Office
- Best Mac VPN for 2023
- Best Cheap VPN for 2023
