A Review of Password Managers

username_password_screen.jpg

This is a continuation of our password manager series. If you’re wondering whether or not you should use a password manager, check out our previous article at https://netcloak.io/blog/2018/9/23/password-managers-are-they-worth-it.

A highly regarded tip that a lot of security professionals recommend is: never reuse your passwords. For example, if your password for a service (such as your internet provider payment site) becomes compromised, then your other online accounts (such as Twitter, a credit card loan, even your bank accounts) might be in trouble as well. So what can you do?  The answer seems simple, just create a new password for each service you use. However, this presents another issue, trying to follow this advice is hard as you end up having to memorize lots of different passwords. From our experience, we’ve caught people writing their passwords on sticky notes because there were just too many of them.

This is where password managers can help. In its simplest form, a password manager will store your username and password for various sites. All you need to do is remember a single password to access the rest. Depending on the password manager you use, it may be able to fill in the username and password fields for you. If not, you should be able to copy and paste the password to whatever account you’re trying to access. This drastically makes password management easier.

Let’s take a look a 3 free password managers.

Encryptr

https://spideroak.com/encryptr/

Pros:

  • No email needed to create an account.

  • Cloud-based, so all your devices with Encryptr installed will sync.

  • No browser integration. In order to use the username and passwords for a website, you will need to copy and paste each entry onto the website.

  • Has mobile and desktop compatibility.

  • Has a search feature to help you find an entry.

  • Simplistic design.

Cons:

  • Doesn't clear the clipboard, as far as we’ve tested. This means that the password you copied will remain copied until you copy something else. If you accidentally pasted your clipboard to a word document, your password would show.

  • You cannot host your own server to manage/store all your passwords. You will have to be connected to the internet to access your passwords.

  • No simple way to organize all your passwords.

KeePass

https://keepass.info/

Pros:

  • You do not need to be online to use KeePass to get your passwords.

  • Lots of features.

  • Very portable to other devices.

  • Open source which means any issues or concerns can be vetted by the community.

  • Easy to organize passwords into groups.

  • Have been around since 2006.

Cons:

  • Interface can be intimidating to use.

  • There is no simple way to sync the database across multiple devices.

  • No official Mac, Android, or iOS builds. Therefore you have to rely on unofficial builds to get your passwords.

  • No easy browser integration and setup.

Bitwarden

https://bitwarden.com/#download

Pros:

  • Need an email address to create an account if you don’t want host your own passwords.

  • Simple browser integration.

  • Mobile app accessibility.

  • Can self host server.

  • Open source for those who want to verify the code.

Cons:

  • No true offline access. If you are logged in to the app or service before you go offline, you can still access your passwords. Otherwise, you are out of luck.

Stay connected with NetCloak for more security tips to help you stay safe online. Come join us at https://netcloak.io.