iCloud Keychain vs LastPass: Should You Look for an Alternative
Most people recycle their weak passwords whenever they want to sign up at a new site or even when they have to change phones. Not only that, they end up repeating the same passwords across platforms and services.
The most common practices for a password include name, birthdate, or a combination of both, which sure is a recipe of a disaster waiting to happen. That’s why Investing in a password manager has become essential now. By default, Apple offers iCloud Keychain function, which acts as an all-in-one password manager across the Apple ecosystem.
Now, that doesn’t mean you shouldn’t look for alternatives. The App Store is filled with a plethora of excellent third-party password managers. On top of that, Apple has added auto sign-in functionality for third-party password managers, which only made them more powerful against Apple’s default solution.
In this post, we are going to compare the default iCloud Keychain to one of the best options available in the market, LastPass.
The iCloud Keychain is a part of iCloud functionality which comes with iOS package and takes about 14GB of space. LastPass consumes around 140MB of storage.
Download LastPass for iOS
As always, Apple has kept it simple with the default UI. Unlike other built-in apps, iCloud Keychain isn’t available as a separate app. It’s a service buried right into the Settings app.
Head to Settings > Passwords & Accounts > Websites & App Passwords to access the iCloud Keychain data.
From there, you can see the passwords and website/app names categorized alphabetically.
The search bar is at the top with ‘+’ button and edit function. One can jump to any website name with a quick scroll bar on the right.
LastPass is adopting the iOS design guidelines with a bottom tab bar and few options at the top.
By default, it takes you to Vault section which adjusts the passwords on section basis such as Bank, Mail ID, Finance, Booking Sites, Online Storage, Social, etc. It’s neat, but the top Search function is the fastest way to find an item.
You can access various Security options, Settings menu from the bottom bar while the top bar is containing Secure Notes, Form Fill option with the ability to add new items.
Adding a New Item
As always, adding a new item is easy on both apps. Tap on ‘+’ icon on any app, and you are presented with blanks to fill.
iCloud Keychain only offers Website name, Username, and Password sections to fill up.
LastPass gives custom website fill-up options such as Email, Password, secure note, generate a strong password, auto login, and more.
iCloud Keychain data is stored on iCloud and it comes with standard iCloud security measurements.
LastPass syncs and stores all the data on its dedicated servers. The company suffered a huge setback due to this practice. I wish they would allow consumers to store data on third-party cloud storage as well.
Both the apps offer Face ID protection.
This is one of the important aspects of choosing a password manager. After all, you would want to access all the data on more than one device. And in that regard, LastPass wins by a mile over iCloud Keychain.
LastPass is accessible on every platform you can think of. It’s available on iOS, Android, Windows, Mac, Web, and supports the majority of browsers as an extension.
As usual, the story with iCloud Keychain rhythms with every other Apple software, meaning it’s only available within Apple’s ecosystem.
With the introduction of iOS 12, Apple has opened auto-fill functionality for third-party password managers.
By default, it’s switched on for iCloud Keychain, but you can change it in the Settings app. Head to Settings > Password & Accounts > Autofill > and select LastPass from the list.
Now wherever you visit a website or app login page, a small prompt will show up to let you add login details from the chosen password manager. Any new login info will be directly added in the password manager.
The biggest highlight of the iCloud Keychain is the ease of use. You wouldn’t even notice the app adding info in the Keychain and using it whenever needed.
LastPass hits back with advanced features such as security audit which shows weak/repeated passwords, secure notes, password sharing, browser integration, and more.
Here is where things get interesting. The basic functionalities of LastPass remain free. For premium features such as password sharing, priority support, the app costs $42/year.
iCloud Keychain is free to use, but the added data counts against the free 5GB of iCloud storage. You can buy the additional storage at as low as $1/month.
Do You Need to Switch?
The answer is straightforward here. If you are heavily invested in Apple’s ecosystem and have no intention of jumping ship soon, then iCloud Keychain is the way to go. LastPass strikes back with superior cross-platform functionality and advanced options out of the box.
Next up: Enpass password manager is also an excellent alternative to both iCloud and LastPass. With the v5.0, the app has received a huge update. Read the post below to find out more about it.
The above article may contain affiliate links which help support Guiding Tech. However, it does not affect our editorial integrity. The content remains unbiased and authentic.
Apple’s native iOS password manager may be getting an overhaul later this year with the presumed release of iOS 14 that will make it more competitive with third-party options like 1Password and LastPass, reports 9to5Mac.
Right now, iCloud Keychain can store your passwords and help autofill them on the iPhone, where copying and pasting long strings of letters and numbers or manually doing so has been a headache since the advent of the mobile touchscreen. But it doesn’t have reminders for changing those passwords like competitors do, and it doesn’t support two-factor authentication (2FA) options. That means users are still stuck using potentially insecure methods like SMS or email in the event that they do have 2FA set up.
According to 9to5Mac, which says the new features are part of an early build of the upcoming OS release, Apple will be adding both password changing recommendations and 2FA support. It’s not clear if that means Apple will offer its own authenticator feature, like Google’s Authenticator, Authy, or the dedicated versions from both 1Password and LastPass. But 9to5Mac says the goal is to remove reliance on SMS and email as secondary verification options, given the rise of SIM hacking and other more commonplace methods for bypassing weaker 2FA.
This could be good news for people eager to avoid pricey subscription services; both 1Password and LastPass charge upwards of $35 for annual access to more security-focused features like 2FA support. And for those who just like deeper integration with Apple services, seeing a more robust iCloud Keychain is a step in the right direction.
We’ve added an FAQ section and details about BitWarden’s new emergency access feature. Our picks have not changed.
February 5, 2021
Everyone should be using a password manager. It’s the most important thing you can do—alongside two-factor authentication—to keep your online data safe. We’ve evaluated dozens of paid and free password managers and tested four, and we think 1Password offers the best combination of features, compatibility, security, and ease of use. You don’t have to pay for a good password manager, but if you can, 1Password is worth the $36 per year.
1Password has easy-to-use, polished apps that will work on Windows PCs, Macs, Chromebooks, iPhones, iPads, Android devices, and the major Web browsers. Its Watchtower feature helps you identify and change weak, reused, or compromised passwords, and 1Password walks you through correcting these problems in clear, easy-to-follow language. 1Password protects your passwords with strong encryption and good security practices, and although the default security setting requires you to reenter your master password or unlock the app with your fingerprint or face more often than most people will want to put up with, that’s an easy setting to change.
The free version of Bitwarden gets the basics right and doesn’t cost a thing, but it lacks a few features that make 1Password such a standout option, including password checkups, breach reports, and 1 GB of encrypted storage. Plus, Bitwarden isn’t as polished overall and lacks the in-app guidance of 1Password, which makes it harder for beginners to get the hang of. But the free version of Bitwarden offers the core features you need in a password manager, including the ability to sync as many passwords as you want between as many devices as you own, support for software two-factor authentication, and sharing between two people with separate logins. Bitwarden works on the same devices as 1Password, so you can use it with any computer, phone, tablet, or browser. You can easily upgrade to Bitwarden Premium for $10 a year, or export your passwords to 1Password, if you do want paid features later.
Regardless of the password manager you use, it’s important to protect your data with a strong master password—we have advice for how to do that below.
Everything we recommend
Why you should trust us
Wirecutter has been testing and recommending password managers since 2016.
Andrew Cunningham spent more than six years testing, reviewing, and otherwise writing about computers, phones, operating systems, apps, and other gadgets for AnandTech and Ars Technica, and has done the same at Wirecutter since 2017. He has been building, upgrading, and fixing PCs for more than 15 years, and he spent five of those years in IT departments buying and repairing laptops and desktops as well as helping people buy the best hardware and software for their needs.
Thorin Klosowski has spent a decade writing about technology, with a focus on software for many of those years. He has written about privacy and security for the bulk of that time and tested countless password managers.
Why you need a password manager
Passwords are as annoying as they are necessary, and a good password manager will keep you secure while making it easier to juggle the sheer number of passwords you need to be a person on the Internet. It’s one of the most important things you can do to protect yourself online, aside from using two-factor authentication and keeping your operating system and Web browser up to date. If any of your passwords are weak and easy to guess, if you reuse any of your passwords across multiple sites, or if the sites you use are ever hacked and your account is compromised, you risk losing access to your accounts and your data. In fact, if you reuse passwords, chances are good that your password is already out there on an easy-to-find database. You can even check to see if your email address or password has been involved in a data breach.
Password managers generate strong new passwords when you create accounts or change a password, and they store all of your passwords—and, in many cases, your credit card numbers, addresses, bank accounts, and other information—in one place, protecting them with a single strong master password. If you remember your master password, your password manager can remember everything else, filling in your username and password for you whenever you log in to a site on your phone or computer.
Most Web browsers already offer to save and auto-fill your passwords for you, and browsers such as Chrome and Safari even offer to generate strong passwords when you need them. Using Google Smart Lock or Apple's Keychain is certainly better than reusing weak passwords. But password managers go above and beyond—a good one alerts you to weak and reused passwords, lets you know when you should change a password because a service you use has been hacked, and allows for the sharing of passwords and other information between family members and friends. It should also have good mobile apps so you can easily use your passwords on your iOS and Android devices, and desktop apps that work outside your browser so you can use it in other apps or to store software product keys and other information.
How we picked
Most password managers share the same basic features—they generate and store passwords. For this guide, we're focusing on the password managers that work best for individuals, rather than ones that can be deployed and managed by businesses. To separate the great ones from the merely okay ones, we used the following criteria:
- Good protection for your passwords: You’re trusting your password manager with your entire digital existence, and your password manager should store your data securely. A good password manager needs to use strong encryption to protect your data on your computer, on your password manager’s server, and when your data is moving between the two. We also checked to see whether each of the password managers we tested had been subjected to a third-party security audit.
- Unlimited password storage: Any paid password manager should be able to store an unlimited number of passwords and other records, and enough free ones offer unlimited storage that you shouldn’t settle for less.
- Sync between devices (and no limits on the number of devices you can use): You probably have more than one device that you use every day, between your home computer, your work computer, your phone, and your laptop; a good password manager should offer cloud syncing so that your passwords are accessible anywhere on an unlimited number of devices.
- Compatibility: A great password manager runs on just about anything, regardless of what hardware and software you and your family use. We looked at three different kinds of compatibility.
- Desktop and laptop compatibility: A password manager should have a Windows and macOS app you can use to browse, add, and edit your information. We noted Linux compatibility but didn’t require it. Support for ChromeOS is generally covered by Chrome browser extensions.
- Web browser compatibility: We tested only those password managers that offered browser extensions for Chrome, Firefox, and Safari at a bare minimum; these are the three most commonly used browsers in North America as of this writing. The extensions are responsible for auto-filling passwords and other forms, as well as for generating and saving new passwords when you change one or make a new account. We checked for (but didn’t require) compatibility with Microsoft’s Internet Explorer and Edge browsers, as well as Opera.
- iOS and Android compatibility: A password manager should have apps for both iOS and Android that are easy to use and capable of auto-filling passwords in browser windows and within apps. The apps should walk you through the process of setting them up and giving them the permissions they need to work.
- Ease of setup and use: A password manager should make it easy to transition from using browser-based password autofill (or nothing at all), and to set up all the apps and browser extensions required. And once you’ve set your password manager up, it should be easy (not annoying) to use when you need it.
- Tools to fix your security problems: Once your data is in your password manager, it should be able to identify weak, reused, and compromised passwords, and it should give you clear and easy-to-follow directions for changing them.
- Support for biometric logins: If your phone, tablet, or laptop has a fingerprint reader or face-scanning camera, you should be able to unlock your password manager with that, rather than a password or PIN, for convenience’s sake.
- Price: Paid password managers usually cost between $20 and $60 per year for one person to use, though decent ones are available for free and top-tier options like 1Password cost a little less than $40 a year. Password managers that offer family plans usually cover four or five people for another dollar or two per month, so they’re a good deal even if your family has only two people. Although password managers usually advertise a monthly subscription price, those prices are typically billed yearly.
- Password sharing: A good password manager should make it easy to securely share login data with someone else you trust, for accounts that multiple people may need to be able to access—for example, sites for paying your family’s bills, or shared email and social media accounts for a small business. This feature is common in paid password managers but rare in free ones.
- Added features: Your password manager should be, first and foremost, a good password manager. But the best ones also offer other, password-adjacent tools for improving your security, such as a generator for two-factor authentication codes or secure online storage for passport scans and other sensitive files. Most of them also offer to auto-fill non-password things like contact information and credit card numbers.
How we tested
After searching and consulting sites such as PCMag and CNET, we assembled a list of around 40 free and paid password managers. We dismissed most of them because they weren’t compatible with all of the operating systems and browsers we wanted. We also disqualified quite a few free options that imposed limits on the number of devices you could use or the number of passwords you could store.
Of the eight password managers that survived this first round, only four met all of our other criteria: 1Password, LastPass, Dashlane, and Bitwarden. We installed each of these password managers on a Windows PC, a Mac, an iPhone, an iPad, and an Android phone and used them for at least a week; for LastPass and Bitwarden, we noted the differences between their free and paid tiers. We also read other reviews of password managers from sites such as Tom’s Guide and Wired.
The best password manager: 1Password
1Password offers the best combination of compatibility, ease of use, features, and price of any paid password manager we tested. It has polished apps that work on just about any computer, tablet, phone, or Web browser. Its Watchtower feature helps you identify and change weak, reused, or compromised passwords, and 1Password walks you through correcting those problems in clear, easy-to-follow language. 1Password protects your passwords with strong encryption and good security practices, and although the default security setting locks 1Password more frequently than we think most people will want to put up with, that’s an easy setting to change. 1Password costs $36 a year for individuals or $60 a year for families of two to five—on the high end of average, for paid password managers—though it does offer free accounts for politicians and activists as well as journalists.
1Password is compatible with all the operating systems and browsers that most people use: Standalone apps for Windows, macOS, iOS, and Android all allow you to view and edit all the items in your vault, and the iOS and Android apps can replace those operating systems’ more rudimentary password-saving features (though you’ll need to use the desktop apps or the Web interface at my.1password.com to view and act on security suggestions). 1Password’s desktop apps for Windows and Mac are also far superior to Bitwarden’s, which require the Web app for features beyond password generation and search.
1Password’s browser support is comprehensive too, if a bit confusing. The normal 1Password browser extension works with Chrome, Firefox, Safari, Opera, and Microsoft Edge but requires the 1Password 7 app to be installed on your computer for you to use it.1 But if you use Chrome (or Chrome OS), Firefox, or Opera, you can instead download 1Password X, which does the same things but doesn’t require the desktop app to be installed.
1Password’s user interface is otherwise easy to understand, even for people who are new to a password manager, and you can quickly view and change saved passwords and other information. Your default “vault” stores login information, credit card numbers, and data for auto-filling forms. And if sorting items alphabetically or by tag isn’t good enough, you can create any number of vaults to organize your information (if you want to store logins for your personal accounts and work accounts separately, for example). This is especially important for 1Password Families or Business accounts, where you might want to share the contents of one vault with other 1Password users while keeping other vaults private.
1Password’s Watchtower feature—which is both a dedicated section of the app and a collective name for all the ways in which 1Password tries to protect your logins—identifies weak and reused passwords, old passwords, passwords for websites that don’t use the secure HTTPS protocol, passwords for sites that have been hacked, passwords that are about to expire, and accounts for which two-factor authentication is available but has not been enabled.2 In all cases, the app offers straightforward directions for solving the problem.
All versions of 1Password support logging in with your face or fingerprint, depending on what biometric authentication options your computer, phone, or tablet offers. We recommend using this feature on iOS and Android especially, where typing in a long master password multiple times a day will cost you time and annoy you. Both apps can replace iOS and Android’s built-in password autofill features, and can work in apps as well as on websites.
|Price (one person)||Family plan|
|1Password||$36/year||$60/year for up to five people|
|LastPass Premium||$36/year||$48/year for up to six people|
|Dashlane Premium||$60/year||$90/year for up to five people|
|Bitwarden Premium||$10/year||It’s complicated|
|RoboForm Everywhere||$24/year||$48/year for up to five people|
|Enpass Premium||$12 each for Windows, macOS, iOS, Android||None|
|Sticky Password Premium||$30/year||$30/year per person|
(“Premium for teams” plan)
Prices current as of October 19, 2020. Taxes not included.
1Password costs $36 a year for one person or $60 a year for families (regardless of whether your family has as few as two or as many as five people); it’s more expensive than some of our other finalists. LastPass Premium costs the same amount for individuals but only $48 for families of up to six. Bitwarden’s free plan has sharing with one other person built in, but if you want to share with more people than that, you need to sign up for a family plan for $12 a year. The family plan is different from Bitwarden’s premium plan, though, which costs $10 a year per person and most notably adds password-strength checkups and monitoring.
When you set up a 1Password family plan, you put your passwords and other information in your shared vault instead of your personal vault to give everyone else on your plan access. “Family organizers,” including the 1Password account that created your family’s account plus anyone they designate as a “family organizer,” can recover the accounts of other family members if they forget their master password or secret key, which is useful for kids or less technically inclined folks.
1Password includes a few features for the privacy-conscious. By default, all of your information is backed up onto 1Password’s servers; it’s protected under end-to-end 256-bit AES encryption, which means that no one but you can read it on 1Password’s servers (including 1Password employees) or when the data is in transit between 1Password’s servers and your device. (For details, you can read more about 1Password’s security model.) This is the option most people should take. But it’s also possible to create separate vaults that 1Password stores on your device locally with the same encryption, keeping your data off 1Password’s servers entirely.
“Family organizers” can recover the accounts of other family members if they forget their master password or secret key, which is useful for kids or less technically inclined folks.
If you prefer to use a local vault and you want to avoid 1Password’s subscription fees, standalone licenses are available for macOS and Windows. You can get them by downloading and opening the 1Password app, clicking Purchase 1Password in the menu, and clicking the tiny Need a license? hyperlink in the window that pops up. But most people shouldn’t bother with this—a standalone 1Password license for Windows or Mac costs $50, and you can’t use a Windows license to run the Mac version of 1Password or vice versa. You can’t use the more powerful 1Password X extension in Firefox or Chrome, and if (or when) the next major version of 1Password is released, you’d have to buy a new license all over again (whereas subscribers can upgrade automatically).
How to Get the Most Out of 1Password
Everyone should use a password manager. Our expert walks you through how to set up and take advantage of the features in our favorite, 1Password.
Other handy 1Password features include 1 GB of secure online storage for sensitive files, such as scans of sensitive documents, and Travel Mode, which allows you to temporarily remove selected vaults from your device if you’re worried about protecting your data while traveling abroad or crossing borders. 1Password integrates with Privacy, a service for creating one-time use credit cards, which is useful when shopping online at sites you’re not confident in or for testing out subscription services you don’t want to auto-renew.
No password manager has a foolproof introduction that teaches you everything you need to know, but 1Password’s extensive support articles—which usually have large screenshots or video tutorials—make it a solid choice for people new to password managers. It’s easier to learn than most free options, including Bitwarden, which doesn’t walk you through the setup process or include visuals in its how-to guides.
Flaws but not dealbreakers
By default, the 1Password app and browser extension lock your account after your computer is idle for 10 minutes. In the desktop and mobile apps, this isn’t a huge deal, since you can use your fingerprint or face to unlock the app (if your device supports that) without typing your master password in again. But because the browser extensions require you to type your master password every time, we quickly grew annoyed with the default setting; other password managers we tested typically lock their browser extensions when the browser is closed, without tying the action to a specific time limit. We recommend using 1Password’s settings to increase the time limit from 10 minutes to a more forgiving time interval such as an hour or two, though you can set it to any interval you like—the app doesn’t have a limit. It’s good security for a password manager to lock itself periodically, but people also don’t want to use something that they find more irritating than helpful.
You can use a 1Password Families account to recover accounts for other family members, but individual accounts can’t be recovered (or accessed by others in the case of an emergency) without a manually printed Emergency Kit that includes all of their account details. If you need to get into someone’s 1Password account, you either need to be a “family organizer” or hope that they put their Emergency Kit printout in the fireproof safe.
And although 1Password offers a 14-day trial, it doesn’t have a free version that you can use indefinitely. 1Password’s features are worth paying for, but Bitwarden and LastPass both show that it’s possible to offer a free password manager that leaves off a few features without feeling too restrictive.
The best free password manager: Bitwarden
If you don’t want to pay for a password manager, if the added features in 1Password aren’t appealing to you, or if you’d like to self-host your password manager to avoid putting data online, use Bitwarden. The free version of Bitwarden is missing a few features of 1Password, including comprehensive password checkups, security-key support, and 1 GB of encrypted storage. But it has all the important features of a password manager: You can sync with as many devices as you want and store unlimited passwords, and the free account allows you to share password collections with one other person. And Bitwarden has the same wide-ranging compatibility as 1Password, so you can use it with just about any device. Bitwarden’s security protocol is similar to 1Password’s, so even if Bitwarden’s servers are compromised, your passwords are safe. Bitwarden doesn’t participate in the same kind of repeated security audits as 1Password, but is still audited every other year. If you’ve never used a password manager before, Bitwarden doesn’t teach you the basics as well as 1Password, nor does it provide as much colorful, easy-to-read documentation.
|Password limits||Cloud sync/|
|Password sharing||Weak password auditing|
|Bitwarden Free||None||Yes||Sharing for two users||No|
|LastPass Free||None||Yes||Share individual passwords with one other account||Yes|
|Dashlane Free||50 passwords||No||Share with five accounts||Yes|
Note: 1Password doesn’t offer a free tier beyond its 14-day trial.
Bitwarden supports the same operating systems and browsers as 1Password, including Windows (download), macOS (download), iOS, and Android. Bitwarden and 1Password both support logging in with your face or fingerprint, whichever your device supports. Browser extensions for Chrome, Firefox, Safari (download), and Opera make it easy to auto-fill usernames and passwords no matter which browser you use. Unlike those for 1Password, the Bitwarden extensions don’t require the desktop app in order to work.
Functionally, the Bitwarden extensions and desktop apps do the minimum we ask of a password manager: They store and generate passwords. They’re not as polished as 1Password’s apps, they don’t alert you about weak passwords when you log in (you can click an icon in the extension to check when you visit a login page, though), and they don’t support Bitwarden’s premium password-audit features (you need to use the Web app for those). Free accounts also don’t get any password reports aside from a data-breach report, which checks Have I Been Pwned? for your email address. To scan your accounts for breaches, reused passwords, exposed passwords, and unsecured websites, you need to visit the Bitwarden website and have a $10-per-year premium account. By contrast, 1Password’s audit notes and suggestions are visible throughout its apps and don’t require you to visit the website. 1Password also alerts you from the extension when you log in with a weak password.
The biggest features you’re likely to miss are password audits, emergency access (which allows you to grant one person access to your account in case of emergency), priority tech support, and the 1 GB of secure storage, all which add a very reasonable $10 per year if you’re interested. If you’re new to password managers and you want to try Bitwarden, we think the service is worth the $10 for at least one year so you can improve any weak passwords you have right now. Unlike most free password managers, Bitwarden allows you to share a collection of passwords (basically a folder, similar to 1Password’s vault) with one other Bitwarden user for free, though you’ll have to pay if you need to share with more people. This feature is handy if you want to share certain logins with a partner or roommate, whether that’s for banking access or just your video streaming account.
|Bitwarden Free||Free||Sharing between two people||None|
|Bitwarden Premium||$10 per year per person||Sharing between two people||1 GB encrypted file storage, emergency access, two-step login with security keys, password hygiene and health reports, TOTP authenticator, priority customer support|
|Bitwarden family plan||$12 per year||Sharing between five people||None|
Bitwarden is the only password manager we tested that separates its premium features from its family plans, which makes its pricing tricky to comprehend—both Bitwarden Free and Bitwarden Premium accounts can be included in family plans. Bitwarden Premium adds more features, while the Bitwarden family plan adds the ability to share between more than two people. If you want to share between more than two people and you also want the additional features, you need to pay for both upgrades. Once you’re prepared to pay for five premium accounts and a family plan, however, it makes more sense to get a 1Password family plan for about the same price instead.
Neither the free nor the premium version of Bitwarden is great for anyone who is new to password managers. Bitwarden’s documentation has improved over the years, even introducing video tutorials, but 1Password still does a more comprehensive job onboarding people who’ve never used a password manager before. If you’ve never used a password manager before, 1Password is easier to learn how to use.
Making a good master password
The main benefit of using a password manager is that you need to remember only one password, instead of dozens, to access all of your accounts. But the one password you do need to keep track of—your master password—needs to be a good one.
1Password has good advice on how to make a master password, and surprisingly, the company doesn’t recommend long strings of random lowercase and uppercase letters, numbers, and symbols. Instead, you should focus on making a long but memorable password, perhaps composed of multiple random words with dashes, periods, or some other easy-to-remember punctuation in between. 1Password’s password generator is a handy way to make one of these passwords regardless of the software you use.
The argument for making a memorable but unique password is that you can memorize it yourself without making it easy for others to guess; you should try to memorize your master password if at all possible. But in case of emergencies, you should also write it down on a physical piece of paper and put it somewhere safe—storing it digitally, especially using a cloud service like Dropbox, Google Drive, iCloud, or OneDrive, risks exposing it to hackers, which would defeat the purpose. 1Password even gives you a handy Emergency Kit printout on which you can write your account information, your secret key, and your password, along with a QR code you can scan when you set 1Password up on a new phone, tablet, or computer.
Of course, your master password shouldn’t be the only thing protecting your account. You can also protect your account in 1Password, LastPass, and many other password managers by using optional two-factor authentication, and we recommend doing this. Using an app such as Authy, you can generate a continuously changing six-digit verification code on your phone, which you then use along with your master password when you log in to your account on new devices. Because it requires something you know (your master password) and something you have (your phone), two-factor authentication makes it much more difficult for hackers or other nefarious people to access your information, even if they somehow get your password.
Why can’t you just use your browser?
Most Web browsers offer to save your passwords for you, and some—including newer versions of Google Chrome, Firefox and Safari—even offer to generate new ones for you, just like a password manager. They can even alert you to password reuse and breaches.
Using your browser’s password storage is far better than doing nothing; most major browsers support some kind of syncing across devices, offer encryption and two-factor authentication for password data, and can fill in other forms for you. But using a real password manager instead has multiple benefits: They can work across multiple operating systems and browsers depending on what you prefer (for example, if you use Chrome on your desktop but Safari on your iPhone), and they offer to generate strong passwords regardless of your browser. Good password managers include mechanisms for easily sharing passwords with family members and friends when they want to log in to a site you all need access to. And because the ones we recommend include standalone apps as well as browser extensions, you can easily use a password manager to store other data, such as software product keys, addresses, bank accounts, and credit card numbers (some browsers also offer to do these things for you; others don’t).
Using your browser’s password storage is better than doing nothing, but using a real password manager instead has multiple benefits.
If you have been using your browser’s built-in password saving mechanism, 1Password and Bitwarden can both import saved passwords from Chrome and other browsers so you don’t need to start from scratch.
Is it safe to trust a password manager with all your passwords?
Protecting all of your passwords with a strong master password is convenient, but what happens if your password manager’s servers are compromised and your data is stolen?
Both 1Password and Bitwarden are transparent about their security models and what they’re doing to keep your data safe even in the event of a hack. Both use 256-bit AES encryption to make your data unreadable to anyone without your master password, whether it’s stored on your personal phone or computer, on 1Password or Bitwarden’s servers, or in transit between the two. Both also claim to have a “zero-knowledge” security model, where no one working for 1Password or Bitwarden can ever actually see your master password, so none of them (and no one who has broken into their systems) could decrypt your data and see it even if they had access to it. 1Password routinely subjects itself to third-party security audits to make sure that its systems are secure and that it follows security best practices.3 Bitwarden does security audits every other year, and completed its most recent audit in 2020. Both 1Password and Bitwarden also interact with security researchers through public bug-bounty programs.
If you’re going to store sensitive data on someone else’s servers, you do need to take a small leap of faith—we’re confident that 1Password and Bitwarden offer the right combination of security, privacy, and convenience for most people, but we’re also trusting that their systems are as secure as the companies claim them to be. Your alternatives are to use a password manager that stores data only locally on your computer or one that syncs to a server you control; the first option makes a password manager a lot less convenient, and the second is more trouble than most people prefer to go to. If that’s what you want, Bitwarden is your best bet.
Other notable password managers
LastPass Free was previously our free pick in this guide, but most of its standout free features, like password syncing between devices and its security dashboard, have been relegated to the premium plan. The company that owns LastPass, LogMeIn, was acquired in 2019 by two private-equity firms, which makes us concerned about the future of LastPass. Since Bitwarden does just about everything LastPass does with potentially cheaper family and premium plans, all while remaining open-source, we think it’s the better option right now. If you’re setting up a password manager for the first time, however, we recommend 1Password for its superior apps and the more visible and actionable security suggestions you get from its Watchtower feature.
Dashlane Premium is almost as polished as 1Password, and its first-time setup process is even better at onboarding password-manager newcomers than 1Password’s process—it walks you through importing passwords from a browser step-by-step, letting you manually select which browsers and sites you do and don’t want it to pull from. It has user-friendly apps that alert you to security problems and can help you fix them. Dashlane also has a free version, but it’s limited to one device and 50 passwords, and most people have multiple devices and more passwords. At $60 a year, Dashlane’s most popular plan is expensive; the $90 a year family plan that covers up to five people is a better deal, but that’s still $30 per year more expensive than 1Password’s family plan. And although Dashlane Premium includes a VPN, it’s provided by AnchorFree, maker of HotSpot Shield, a VPN that has been accused of deceptive trade practices.
Keeper and NordPass have many of the same paid features as 1Password, but we found both apps less intuitive to use than 1Password. NordPass also lacks support for security keys, a feature that should be standard in any paid password manager.
Avast Passwords, Enpass, RoboForm, and Sticky Password all made it through our first round of research since they supported all of the operating systems and browsers we wanted and were reasonably priced. But we didn’t test them because they lacked minor features that 1Password, LastPass, Dashlane, and Bitwarden all had. Enpass, RoboForm, and Sticky Password don’t monitor for hacked passwords. Avast doesn’t have a system for sharing passwords with family members or friends. Enpass’s password-sharing system requires sharing a master password for the vault you’d like to share, and it requires a third-party service for syncing between devices. RoboForm and Sticky Password haven’t been through a third-party security audit. They all seem fine, but you can do better than “fine.”
We dismissed most password managers for not supporting one or more of our desired operating systems or browsers. That list includes Ascendo DataVault Password Manager, Avira Password Manager Pro, Blur, Encryptr, eWallet, F-Secure Key, KeePass (an open-source app that relies on third-party apps for most non-Windows platforms), McAfee True Key, mSecure, oneSafe, Password Safe, Revelation, SplashID Pro, and Symantec Norton Password Manager.
Myki stores passwords directly on your phone, and your phone talks directly to other devices to sync data rather than relying on a cloud service. It’s an interesting option for protecting security and privacy, but most people are better off with the convenience of true cloud syncing over having to manually back up their vault in case they lose their phone.
Frequently asked questions
Is a password manager safe and secure?
Password managers normally store your information on a company’s server, but the most reputable products (including our picks) encrypt that data so that no one without your master password can ever access your information, including the people who work at the company. Our picks also go through regular third-party security audits.
When storing your data on someone else’s server, there’s always some risk that the data might be compromised in some way. But you’re taking a much bigger risk when you use weak, easily-guessed passwords, or when you reuse the same password on multiple sites—common problems that password managers are designed to fix. For most people, the tradeoff is worth it.
Doesn’t pre-filling passwords mean anyone at my computer can log into my accounts?
Only if you unlock your password manager and then walk away from your computer. Password managers are generally designed to “lock” after a period of inactivity, requiring your master password before they’ll work again.
You can also avoid this by locking your computer whenever you walk away from it. You can do this by putting your computer to sleep, or with the Windows+L (on Windows) or Control+Shift+Power (on MacBooks) keyboard shortcuts.
Can I access my passwords on a public computer?
Yes. 1Password and Bitwarden both have web apps that you can log into from anywhere—they don’t support the same convenient auto-fill capabilities as the browser extensions, but they do provide easy access to your passwords and any other information you have stored. Remember to log out of them when you’re done using the public computer.
Does a password manager work on my phone and can I sign into apps?
Yes, and yes. Most password managers with iOS and Android apps can autofill usernames and passwords on both websites and in apps, replacing (or augmenting) the built-in autofill features in those operating systems. Here are directions for setting this up in 1Password in iOS and Android, and directions for Bitwarden in iOS and Android.
What if I forget my master password?
A good password manager is designed so that a person who doesn’t know your master password will never be able to get into your account and access your data—and that includes yourself. Make sure you write down your master password (actually write it down, with pen and paper) and store it somewhere safe to prevent this from happening.
If you have forgotten your master password, your options depend on which password manager you’re using. In Bitwarden, you need to delete your entire account and start again from scratch. 1Password gives you a couple of other options, including resetting your master password from another family member’s account. If you do need to start from scratch, the process is annoying and time-consuming, but isn’t the end of the world—you’ll need to reset every password on every site you use, but once this is done, you’ll be back where you started.
Can I share passwords with a family member?
Yes. To protect your data, you should never share passwords via email, text message, or any other app on your phone or computer; most password managers include some kind of secure sharing capability that you should use instead.
A 1Password family plan allows family members to share different vaults, so you can share some logins (for paying bills or managing finances, for example) but not others (for personal email or sites you use for work). Bitwarden offers the same features for less money, though it’s less user-friendly; you’ll need to set up an “organization” to create and share password vaults. A two-person organization is free, and larger organizations cost $3 per month per person.
What Is Two-Factor Authentication (2FA)?, Authy, January 31, 2018
Neil J. Rubenking, The Best Password Managers for 2020, PCMag, December 26, 2019
David Gewirtz, The best password managers for 2020, CNET, December 27, 2019
Sarah Brown, What if 1Password gets hacked?, 1Password Blog, August 28, 2018
LastPass Security History, LastPass, November 2, 2018
Bitwarden Completes Third-party Security Audit, Bitwarden Blog, November 12, 2018
About your guides
Andrew Cunningham is a senior staff writer on Wirecutter's tech team. He has been writing about laptops, phones, routers, and other tech since 2011. Before that he spent five years in IT fixing computers and helping people buy the best tech for their needs. He also co-hosts the book podcast Overdue and the TV podcast Appointment Television.
Thorin Klosowski is the editor of privacy and security topics at Wirecutter. He has been writing about technology for over a decade, with an emphasis on learning by doing—which is to say, breaking things as often as possible to see how they work. For better or worse, he applies that same DIY approach to his reporting.
Back Up and Secure Your Digital Life
by Haley Perry
From password managers to backup software, here are the apps and services everyone needs to protect themselves from security breaches and data loss.
Why We Love 1Password
by James Austin
1Password remembers all of your online logins so that you don’t have to.
How to Get the Most Out of 1Password
by Thorin Klosowski
Everyone should use a password manager. Our expert walks you through how to set up and take advantage of the features in our favorite, 1Password.
The Best Password Manager for iPhone
Store and use strong passwords on your Apple device.
Get LastPass Free
Why you need a password manager for your iPhone
Like most people, you probably have dozens and dozens of online accounts to manage everything from your finances to your social life. All those accounts come with passwords to remember and keep safe. And when it comes to practicing good online security, you should be using a different, strong password for every account.
A password manager gives you one secure place to store every account login. Passwords are autofilled for you, and new ones are generated on the spot when you sign up for a new account. A password manager is a smart way to organize your passwords and protect yourself online.
Should you use the iCloud Keychain password manager?
If you’re using an Apple iOS smartphone or tablet, you may have noticed that the iCloud Keychain is the built-in password manager for saving and filling logins for different websites. The built-in password manager saves you time and the hassle of remembering every password.
When it comes to protecting yourself online, you need more. You deserve to protect your data – and your money – with the best password manager. You need features that make your security stronger, with one safe place to manage your online life. You will never have to click the eye icon again when entering your password!
Is iCloud Keychain a good password manager?
For anyone using an iPhone, iPad, or Mac computers, it does seem like a convenient option that saves you time and the hassle of remembering every password. But saving and filling passwords is pretty much the only thing Keychain can do; it’s short on features to help you protect yourself online.
A standalone password manager like LastPass gives you the convenience of syncing passwords and other stored data to almost any device, regardless of OS and browser. LastPass also gives you extra security with options like two-factor authentication (including FaceID) and password alerts. When it comes to your personal information, you deserve strong protection. With the option to store addresses, credit cards, notes and other items, a password manager like LastPass also keeps the information you need every day just a few clicks away.
LastPass does more than save passwords
Generate stronger passwords.
With a built-in password generator, LastPass makes it easy to create a random password for every account so you’re always protected from hacking.
LastPass doesn't lock you in. With seamless sync, offline access, and an app for almost every device, you’ll always have your passwords no matter what device or browser you use. Any changes you make on your Android device will sync to your desktop browser extension and vice versa.
Get actionable security tips
From alerts about data breaches to an audit of your passwords, LastPass tells you when action is needed to update your accounts so you can stay on top of your security.
Built for peace of mind.
LastPass is designed to keep your information private, secure, and hidden (even from us).
Your data is encrypted before it leaves your device, so only you can unlock your vault. Manage passwords in your vault by organizing your sites into folders.
Private master password
The master password is your private key to your vault; it’s never stored or sent to LastPass.
Add more security to your vault by requiring a code or notification to your phone. A strong password combined with a two-factor verification protocol provides the most protection.
How to disable your iCloud Keychain and switch to LastPass
LastPass will store your Apple account password so you can sign onto any Apple device or platform.
- First download and log in to LastPass.
- In Safari, open up Preferences and click Passwords.
- Copy-paste any stored logins to new entries in the LastPass vault.
- Once you’ve transferred your existing credentials, open System Preferences and click iCloud, then uncheck Keychain. You’ll be prompted to enter your Apple ID and complete the instructions.
Cross-platform password managementDownload and use LastPass Free across one device type—computer or mobile—or upgrade to Premium or Families for unlimited access across all devices.
Get LastPass Chrome for the most robust feature set of any password manager option.
Access your personal data on the go with LastPass for Android. Browser and in-app autofill allow for a seamless mobile experience.
iPhoneKeep your accounts at your fingertips with LastPass for iPhone. Our iOS app now supports in-app autofill for one-touch login.
MacView, edit, and manage your LastPass Vault from your desktop with our Mac App.
WindowsManage your logins and personal data in your LastPass Vault directly from your Windows computer.
Save keystrokes and stay secure online with our Safari password manager.
Never type another password in your browser with LastPass Microsoft Edge extension.
Streamlined access to your favorite accounts and save time at checkout with LastPass for Opera.
And many moreView the full list of compatible LastPass browsers and devices here.
Additional LastPass Offerings
LastPass is trusted by industry experts worldwide
You deserve the best in security. LastPass keeps your information private, secure, and hidden (even from us).
Businesses Use LastPass
People Trust LastPass
Average Rating on the Chrome Web StoreBased on 27,600 Reviews
Vs manager lastpass password apple
Working remotely has become routine for many of us, which means that it's more essential than ever to secure your online accounts with strong passwords. But it can be a challenge to memorize dozens and dozens of passwords, and it's downright dangerous to use the same old password over and over.
If you find yourself consistently getting locked out of one online account or another because you're drawing a blank when you try to log in, it's time to consider a password manager, which can help you seamlessly oversee and handle all your login credentials while maintaining password security. They're also handy for autofilling forms and syncing your data across Windows PCs and Macs, iPhones, iPads, Android phones and more.
A password manager is essentially an encrypted digital vault that stores secure password login information you use to access apps and accounts on your mobile device, websites and other services. In addition to keeping your identity, credentials and sensitive data safe, the best password manager also has a password generator to create strong, unique passwords and ensure you aren't using the same password in multiple places (password generation really comes in clutch when you can't come up with yet another unique password on the fly for the latest must-have iOS app). With all the recent news of security breaches and identity theft, having a unique password for each location can go a long way to ensuring that if one site gets hacked, your stolen password can't be used on other sites. You're basically using multiple passwords to create your own security features.
Read more:The guide to password security (and why you should care)
Plus, with a manager, you don't have to remember the various pieces of login information, such as shipping addresses and credit card information. With just one master password, or in some cases a PIN or your fingerprint, you can autofill a form or password field. Some also feature online storage and an encrypted vault for storing documents.
All our best password manager picks come in free versions, which typically let you securely store passwords for one device -- although our pick for the best free manager can currently be used for syncing across multiple devices -- and all handle hardware authentication through YubiKey. Our best password security manager picks also feature subscription options that let you sync your secure password login information across devices, share credentials with trusted family and friends, and get access to secure online storage. And if transparency is important to you, several of our picks are open-source projects. We also look at what a password manager is, its security features and the basics of how to use one.
Now playing:Watch this: Inside a password-free future
Note that these password manager services are independently chosen by our editors. We'll be updating this story periodically as new options become available. In light of our top choice's recent pricing change, we may be reconsidering the order in the near future, and will update this story accordingly.
Bitwarden: Best free password managerSarah Tew/CNET
- Open-source, secure and transparent
- Free version can be used across unlimited devices
- Premium subscriptions start at $10 per year
- Works with: Windows, MacOS, Linux, Android, iPhone and iPad. Browser extensions for Chrome, Firefox, Safari, Edge, Opera, Vivaldi, Brave and Tor.
Bitwarden leads the list of the best password managers for 2021 thanks to both its open-source roots and its unbeatable -- and unlimited -- free version. This lean encryption software can generate, store and automatically fill your passwords across all of your devices and popular browsers -- including Brave and Tor -- with competitive security strength.
Its free version lacks some of the bells and whistles of our other picks, but its premium versions are just as feature-rich. Just like its closest competitors, a Bitwarden premium subscription allows you to share passwords, logins, memberships and other items with trusted family and friends, use multifactor authentication through YubiKey and get 1 gigabyte of encrypted storage. Although it has fewer features than the premium version, Bitwarden's free version also offers a one-to-one texting feature called Bitwarden Send which allows you to securely share login information with another person.
If you're looking for a user-friendly free service with an excellent security reputation, it's hard to pass up Bitwarden, which made it into CNET's Cheapskate Hall of Fame as the best free password manager. Plus it has a password sharing feature so you can share all your login info with another person. For $10 a year, you can add 1GB of encrypted file storage. And for $12 a year, five family members or friends can share login information. Both subscription tiers come with a 30-day money back guarantee.
Read our Bitwarden review.
LastPass: Best paid password managerSarah Tew/CNET
- Offers free version
- Base price beyond free: $36 per year
- Works with: Windows, MacOS, Linux, Android, iPhone and iPad. Browser extensions for Chrome, Firefox, Safari, Internet Explorer, Edge and Opera.
The free version of LastPass once made it stand out as the best password manager in this category by giving you the ability to store passwords, user login info and credentials and sync all of it wherever you want across both your mobile devices or your browsers. And while you can currently view and manage passwords across mobile and desktop devices, as of March 16, you'll have to choose to use the free version for either mobile or desktop.
That means if you choose mobile, you'll be able to access your LastPass account across your phones, tablets or smartwatches, but not on your laptop or desktop app -- unless you upgrade to Premium, for $36 a year, or Families, for $48 a year.
The Premium version of the password manager also allows you to share passwords, logins, memberships and other items with trusted family and friends, use multifactor authentication through YubiKey and get 1 gigabyte of encrypted storage. Meanwhile, the Families plan gives you six individual accounts, shared folders and a dashboard for managing the family accounts and keeping an eye on your account's security.
No, LastPass isn't flawless: A vulnerability privately reported in September 2019 was a scary flaw that could potentially compromise passwords. But the company patched it before it was known to be exploited in the wild. It was one of several vulnerabilities that have been discovered in LastPass over the years.
More recently, however, privacy and security concerns emerged around LastPass' Android app when a privacy advocacy project discovered seven web trackers within the mobile app.
In light of these concerns and LastPass' new restrictions on its free-tier service, we're reevaluating LastPass' rank in our list of top password managers.
Read our LastPass review.
Read more: LastPass vs. 1Password: How the two popular password managers stack up in 2021
1Password: Best paid password manager for multiple platformsJason Cipriani/CNET
- Offers trial version
- Base price: $35.88 per year
- Works with: Windows, MacOS, Linux, Chrome OS, Android, iPhone and iPad. Browser extensions for Chrome, Firefox, Safari, Edge and Opera.
If you're looking for a trusted password manager app to keep your login information private and secure, 1Password is the best password manager for the task, letting you access your accounts and services with one master password. It's available for all major device platforms.
This nicely designed password manager lacks a free version, but you can check it out for 14 days before signing up. (Alas, that's down from the earlier 30-day trial period.) An individual subscription runs $36 a year and comes with 1GB of document storage and optional two-factor authentication through Yubikey for additional security. A travel mode lets you remove your 1Password sensitive data from your device when you travel and then restore it with one easy click when you return, so that it's not vulnerable to border checks.
Biometric authentication can be used to access your password vault on Mac and iOS operating systems, you can use Touch ID to unlock 1Password, and on iOS devices you can use Face ID as well. For $60 a year, you can cover a family of five and access password sharing, credit card information and anything else among the group with a single password manager app. Each person gets their own password vault, and it's easy to control who you share information with and what they can do with it.
You can also create separate guest accounts for password sharing to share Wi-Fi connection passwords, for example, or home alarm codes with guests.
Read more:The best web hosting providers
Other free and paid options worth considering
Bitwarden, LastPass and 1Password are solid, affordable (or free) password keepers, and in a straw poll of CNET staffers, they were about neck-and-neck in use. But if you find none of our three recommended password managers works quite how you want, a handful of other apps are worth considering. These all have free versions available.
- Offers limited free version (50 passwords on one device)
- Base price beyond free: $59.88 per year
- Works with: Windows, MacOS, Android, iPhone and iPad. Browser extensions for Chrome, Firefox, Safari, Internet Explorer, Edge and Opera.
Dashlane provides a simple and secure way to manage your passwords and keep other login information stored. Just for managing passwords, we like it as much as our picks, but the free Dashlane app limits you to one device and 50 passwords. The $60 Premium subscription is similar to plans from 1Password and LastPass. The $120 Premium Plus annual subscription adds credit and ID-theft monitoring.
- Offers limited free version (unlimited passwords on one device)
- Base price beyond free: $35
- Works with: Windows, MacOS, Linux, Android, iPhone and iPad. Browser extensions for Chrome, Firefox, Safari, Internet Explorer, Edge and Opera.
Keeper is another secure password manager that helps you manage login info on Windows, MacOS, Android and iOS devices. A free version gives you unlimited password storage on one device. The step-up version costs $35 a year and lets you sync passwords across multiple device options. For around $45 a year, you can get 10GB of secure file storage.
- It's free
- Donations accepted
- Works with: Windows, MacOS, Linux, Chrome OS, Android, iPhone and iPad, BlackBerry, Windows Phone and Palm OS. Access via the web plus popular browser extensions. (Except for the official Windows version, KeePass for other platforms are unofficial ports.)
KeePass, another open-source software password manager, started on Windows and has been ported using the same code base to other platforms, including MacOS, Android and iOS. On the plus side, it's totally free and endorsed by the Electronic Frontier Foundation. On the other hand, it's really for advanced users only: Its user interface takes a bit of fiddling to get all the independently built versions of KeePass to work together.
What about NordPass and Norton Password Manager?
There's been a shift in the market for VPN and antivirus software in recent months. Many of the companies behind these software packages are expanding them to become wider software suites. For instance: NordVPN now offers NordPass, a dedicated password manager, and Norton now offers a Norton Password Manager as part of its antivirus and identity theft packages. We haven't specifically reviewed these password storage managers, if only because they don't yet appear to have a feature set or pricing option that beats any of our preferred options above. If and when that changes, we'll check them out in more detail.
Password manager basics
Still need more info on what password managers are, and why they're better than the alternatives? Read on.
How does a password manager work?
To get started, a password manager will record the username and password you use when you first sign in to a website or service. Then the next time you visit the website, it will autofill forms with your saved password login information. For those websites and services that don't allow automatic filling, a password manager lets you copy the password to paste into the password field.
If you're stuck picking a good password, a manager can generate a strong password for you and watch that you aren't reusing it across multiple services. And if you use more than one device, you want a manager that is available across all your devices and browsers, so you can access your passwords and login information -- including credit-card and shipping information -- from anywhere through the manager app or its browser extension. Some provide secure storage so you can store other items too, such as documents or an electronic copy of your passport or will.
Take note: Many password managers keep the master password you use to unlock the manager locally and not on a remote server. Or if it's on a server, it's encrypted and not readable by the company.
This ensures your account stays secure in case of a data breach. It also means that if you forget your master password, there may not be a way to recover your account through the company. Because of that, a few password managers offer DIY kits to help you recover your account on your own. Worst-case scenario, you start over with a new password manager account and then reset and save passwords for all your accounts and apps.
Read more: This is how we might finally replace passwords
What makes for a secure password?
When trying to avoid a weak password, a good password should be a long string of capital and lowercase letters, numbers, punctuation and other nonalphanumeric characters -- something that's difficult for others to guess, but a snap for a password manager to keep track of. And despite what you may have heard, once you select a good complex password or passphrase, you don't really need to change it periodically.
Can I use a web browser to manage my passwords and login information?
You can certainly use Chrome, Safari or Firefox to manage your passwords, addresses and other login data. You can even set up a master password to unlock your credentials within a browser. And while using an online browser's password tool is certainly better than not using a password keeper at all, you can't easily access your passwords and other login info outside of the browser or share login info with others you trust.
What about iCloud Keychain?
Through iCloud Keychain, you can access your Safari website usernames and passwords, credit card information and Wi-Fi network information from your Mac and iOS devices. This cloud storage option is great if you live in Apple's world. But if you venture outside the Apple operating system and have a Windows or Android device or use the Google Chrome or Firefox browser, iCloud Keychain comes up short.
David Gewirtz contributed to this story.
If you subscribe to only one CNET newsletter, this is it. Get editors' top picks of the day's most interesting reviews, news stories and videos.
More computer advice
I recommend regularly that people use some sort of password-management system that lets them set hard-to-crack passwords (whether short and complicated or long and easy to remember) uniquely for every site and service, and also lets them fill in those passwords everywhere they need to.
Lowell Nelson emailed me a few weeks ago wondering why I’m so hot on third-party options, like 1Password, Dashlane, and LastPass, when Apple has a robust, multiplatform solution of its own that includes synchronization: Keychain. (Keychain more specifically describes the OS X part, while iCloud Keychain allows synchronization across devices and use with iOS.)
It’s a terrific question, and I prefer not telling people to buy into a paid service (whether a one-time fee or a subscription) unless the utility of that utility is so high that it outweighs the cost.
Let’s look through the details. Since I have tested and studied 1Password and LastPass extensively, I use them as the basis of comparison. You should be able to find answers to each of the points below in the FAQs or feature descriptions for any sufficiently robust alternative.
While Apple’s Keychain, 1Password, and LastPass can all store other sorts of data securely, passwords are the most reliable element that can used across a whole ecosystem and across platforms.
How secure is your data?
A password “safe” needs to keep the passwords, well, safe, in three major areas:
Data at rest on a device. Passwords should be secure on a device against anyone but the owner gaining access.
Data stored on servers. It should be difficult or impossible for an attacker to access and decrypt cloud-stored passwords.
Data in transit while being synchronized or to and from Web-based access. Strong encryption should prevent a snooper from unscrambling new entries, retrievals, and updates, as well as interactive sessions.
Keychain and iCloud Keychain are pretty dang robust in these regards. OS X and iOS have to be unlocked to fill Keychain entries, and OS X’s Keychain Access app requires an administrative or user password to unlock and view passwords. With Touch ID or a passcode in iOS and FileVault 2 in OS X, passwords are highly secure as well when you’re shut down (OS X) or locked (iOS). iCloud Keychain uses device-based encryption which prevents Apple from being able to (or being compelled to) decrypt your passwords.
1Password and LastPass use an “expensive” passphrase encryption method for your locally stored databases, so that even if someone gets ahold of them, a cracker can only brute-force password attempts at a very, very slow rate. LastPass tested this unintentionally after a hack: no reports emerged of any password vaults being unlocked.
LastPass syncs everything through its servers, but encrypts with keys known only to users. 1Password syncs via Dropbox and other cloud-based services (relying on their security and encryption-at-rest methods) as well as through its add-on subscriptions for sharing with family or team members, but it locks everything with user-owned keys.
LastPass and the team or family options for 1Password also give you access via a Web browser, and use browser-based decryption instead of native client software; the companies don’t possess your keys. However, there is a weakness in relying on the browser. Malware and other browser-based exploits make browsers much more vulnerable relative to the level of security available through native apps and cloud sync. Safari flaws in iOS and OS X are discovered regularly (though very few are seen in the wild), and you might be tempted to access your passwords from an unfamiliar machine running another OS.
How easy is the system to use?
A password system has to be easily invokable. If it’s not, you won’t use it consistently, because that’s human nature. Worse, if you’re installing it for someone else to improve their security, they may be unlikely to use it at all if it’s not a constant reminder and superbly straightforward.
Keychain is used largely by Apple as a way to remember passwords for specific fields on webpages, and to store passwords for an automatic retrieval and bypass in its software (like AirPort Admin in OS) or with third-party software that uses Apple’s Keychain hooks. In mobile and desktop Safari, Keychain works very well, from suggesting a strong password, to storing it, to making it possible to pull it back up or use other stored alternatives.
But while it’s broadly useful in OS X, as more developers have adopted it and there’s Keychain Access for direct lookups and retrieval, in iOS you have to drill down to Settings > Safari > Passwords to view, edit, or (swipe all the way to the bottom) add passwords. Further, you can’t invoke Keychain in Apple’s non-Web login dialogs, making it useless for common purposes. And while you can make up a password when you need one, it’s awkward to get to and can only be retrieved easily on a corresponding Web page.
Apple’s addition of extensions starting in iOS 8 allows 1Password, LastPass, and other tools to be invoked in Safari and other apps. Many iOS apps I use are tied directly into 1Password’s API that allows direct invocation. In the worst case, I can switch to LastPass or 1Password to find the password, copy it, and then switch back to the app and paste it in.
You can also use the app to create strong passwords that are retained on creation, synced automatically, and copied to the clipboard to use in other apps.
The cross-platform situation is much worse. Apple doesn’t make iCloud Keychain available outside its own operating systems. 1Password and LastPass (and other apps) are available across a broad variety of major platforms, plus they have browser-based access (by default with LastPass and as a subscription option with 1Password).
iCloud Keychain has no mechanism of sharing with other people—part of the ongoing narrative I’ve been discussing for years about how Apple doesn’t designs its systems from the ground up to recognize that people work in groups and as families. (Let’s not get started on the issues with Family Sharing.)
Most password systems have some mechanism to share secrets with others who have accounts. 1Password allows direct transmission without a subscription or, more recently, selectively shared access among members of business and family groups. LastPass, because items are centrally stored, has offered this for years.
Choosing between them
If you’re almost entirely using passwords only on websites, only using iOS and OS X, and don’t mind memorizing and typing in passwords demanded by Apple for its services, Keychain with iCloud Keychain fits the bill. If not all those conditions match, a password-management system is worth the investment.
Update: An earlier version of this story said iOS didn’t provide access to stored passwords or a way to create new ones. It does; it’s just buried in Settings.
- Funny happy hump day quotes
- 2017 gmc acadia tail light
- 2018 ski doo mxz 600
- Light bulbs with silver coating
- Wwe cage battle board game
- New super saiyan 4 form
- Upper oso campground santa barbara
- Honda union city, tn
Although Apple includes its own iCloud Keychain password management tool with iOS devices, there are a lot of benefits to upgrading to a third-party service. In addition to gaining expanded features and better security, dedicated password managers come with great customizability, allowing you to choose how and where you store your passwords.
Pulling from our best password managers guide, we’ve compiled a list of the five best password managers for iOS. We’ll talk a bit about each and why it’s a great choice for iOS, as well as why it’s a great choice in general.
However, the quickest way to secure your iOS passwords is with 1Password. Although we have other options that rival it in one way or another, 1Password consistently comes out on top in terms of features, price, security and user-friendliness. You can get a 14-day trial to see how you like it, though there are options like Dashlane that offer a limited free plan, as well.
The Best Password Manager for iOS
1Password is our go-to recommendation when anyone asks about the best password manager money can buy. It’s perfectly suited for iOS, as well, with a no-nonsense interface, excellent autofill and a long list of features. The price is pretty cheap, too, though 1Password doesn’t offer a free version.
A personal account runs around $3 per month and comes with unlimited storage and multi-device sync. On iOS, personal users have access to other 1Password features, as well, including 1Password Watchtower. This feature allows you to quickly see old, reused and weak passwords across your accounts.
1Password also integrates with the Apple Watch, so you can quickly see information from your vaults. That includes one-time passwords for two-factor authentication, credit card numbers, bank account details and WiFi credentials. As long as you have an Apple Watch, you can pull up this information without needing to pull out your phone.
When you have your iPhone or iPad out, the experience is excellent. 1Password’s latest version was built from the ground up for iOS 12, offering full support for biometric authentication through Face ID and fingerprint scanning, as well as seamless autofill on entries. If you’re looking for a feature-rich, secure password manager on iOS, it doesn’t get much better than 1Password.
Other Reasons We Like 1Password
1Password’s iOS experience may be excellent, but it doesn’t make the top of this list if it weren’t for its excellent security. Like other password managers, 1Password requires a master password that it has zero knowledge of. However, it also requires a secret key based on your device.
This two-secret-key model means that even if someone has your master password, they also need access to one of your authorized devices you use to unlock your account. The device key is generated backed on hardware and software specifications and is stored in an encrypted format locally on your device.
Outside of security, 1Password has a long list of unique features. Our favorite is travel mode, which allows you to remove all the data from your mobile device while you’re traveling and store it in your vault. If you, say, lose your phone, your personal data isn’t at risk. Of course, once you arrive at your destination, your data is only a tap away.
With your subscription, you also have access to 1Password X, the browser-exclusive version of 1Password. If you’re interested, 1Password offers a free 14-day trial for new users. You can always read our 1Password review to learn more, as well.
- Browser version
- Travel mode
- Unique security model
Dashlane constantly trades blows with 1Password when it comes to the best password manager around (you can see how closely matched the two are in our Dashlane vs 1Password comparison). Regardless of which takes the first spot, one thing is clear: Dashlane might be the best password manager for iOS.
We’re only ranking it second because of its price. Dashlane is $2 more expensive per month than 1Password. However, it justifies the higher cost with an expanded list of features, including a virtual private network and dark web monitoring, two features that 1Password doesn’t offer (also see our guide to the best VPN for the dark web).
For the price, the extra goodies are excellent, especially considering that you can access them on your iOS device. Dashlane displays dark web reports through the identity dashboard, which also shows recent data breaches and your overall password health. If you subscribe to the $10-per-month Premium Plus subscription, you can also monitor your credit on this page.
In many ways, Dashlane is like an identity theft protection/password manager combo, and for that, the extra cost is more than justified. With excellent ease of use, extensive features and seamless autofill on iOS, Dashlane is a great choice. That said, you can save a few bones with 1Password.
Other Reasons We Like Dashlane
Like 1Password, Dashlane uses a unique security model, one that actually requires its own U.S. patent. In a 2016 study of the model by MIT, it concluded that Dashlane is nearly uncrackable, utilizing a two-secret-key model in the same vein as 1Password. Again, a device key and your password are needed to unlock your account.
The security is excellent, but Dashlane’s list of goodies is what sells the sizzle. You can protect yourself online in multiple ways with a single subscription, with Dashlane offering password management, identity theft protection and a VPN. The last two aren’t as good as our best identity theft protection and best VPN picks, but as bundled extras, they are nice to see.
That’s not to mention Dashlane’s quality-of-life improvements. For instance, it includes an automatic password changer, which will update your logins across websites with a single click. Although there are some critical sites missing from the supported list, Dashlane supports a good chunk of services you’ll encounter, including Reddit.
Overall, Dashlane focuses more on features and comes with a price to match. If you’re looking for a basic password manager, Dashlane is a solid tool, though it really comes into its own when you utilize the extras. You can learn more about those in our Dashlane review or sign up for a free account to see how you like it.
- Limited free plan
- Dark web monitoring
Bitwarden is a free, open-source password manager that has no business being as good as it is. Although it’s not the only free option on iOS, Bitwarden isn’t cut from the same cloth as other open-source tools (read our KeePass review to see what we mean). Despite being offered free of charge, Bitwarden feels like a fully realized commercial product.
The iOS application is clean and easy to get around, and it comes with all of the features of the desktop version. Furthermore, Bitwarden includes unlimited storage and multi-device sync, meaning you can import your passwords with the desktop version and access them from your mobile device.
Like 1Password and Dashlane, autofill is a breeze with Bitwarden, so long as your device supports iOS 12. Out of the box, Bitwarden already works with Safari and Chrome, no matter what website you’re on. For local apps, Bitwarden’s autofill also works with hundreds of supported services.
You get a lot for free, but there are still some limitations that Bitwarden imposes. For example, free users can only share passwords with up to two other users. That said, Bitwarden offers a premium subscription for only $10 per user, which includes encrypted file storage, additional 2FA options and priority customer service.
Other Reasons We Like Bitwarden
Bitwarden’s open-source nature comes with a list of benefits, the most interesting of which is self-hosting. Although multi-device sync through Bitwarden’s cloud is included for free, you can use your own password server, too. Bitwarden’s server infrastructure stack is publically available for use with Docker.
Using your own server, you can sync your passwords across devices without worrying about any security issues that may come up when syncing with a third party. You’ll need some basic networking know-how, but as long as you’re comfortable pasting a few command line prompts in, it’s not hard to do.
Just because Bitwarden is free doesn’t mean it’s a slouch in terms of security, either. With publicly audited code and a bug bounty program, Bitwarden is one of the most secure password managers around. Like our first two picks, it utilizes end-to-end AES-256 encryption, which you learn about in our description of encryption.
Bitwarden may not have the bells and whistles of 1Password and Dashlane, but for the low cost of free, it’s hard to complain. You can learn more in our Bitwarden review or sign up for an account to see how you take to it.
- Open source
- Inexpensive premium option
LastPass topped Bitwarden in our best free password manager guide, mostly on the back of its features. It’s an excellent free password manager, and that experience translates well to iOS. LastPass is all about ease of use, seamlessly mirroring the browser experience on your mobile device.
Through the iOS app, you can view, edit and add entries. The list of supported entries is lengthy, too. LastPass supports basics like your passwords and credit cards, as well as passport information, bank information and more. Each of these entries supports notes and file attachments, which you can create or upload through the iOS app.
Its iOS 12 integration is excellent, too. LastPass supports Touch ID and Face ID for authentication, and even integrates with the Apple Watch. Although the integration isn’t as expansive as 1Password, you can use LastPass Authenticator with your Apple Watch, which made our list of the best 2FA apps. Read our 1Password vs LastPass piece.
Still, we rate LastPass fourth because of the data breach it suffered in 2015. Although no user accounts were compromised as a result, the attackers still made off with a database full of encrypted data. The breach shouldn’t scare you off — if anything, it shows how secure LastPass is — but it’s still something to consider.
Other Reasons We Like LastPass
LastPass nails the user experience much more than other password managers. It’s a browser-based tool, meaning there’s no local application to fuss around with on desktop. That comes with some benefits, the most important of which is access across platforms. No matter what OS your computer is running, you can access your logins as long as a browser is available.
LastPass is also free, making it an easy sell for those who are on the fence about a password manager. The free plan is excellent, packed with multi-device sync and unlimited password storage. Many password managers skip multi-device sync on their free plans (read our RememBear review for an example of that), making LastPass all the more attractive (read our KeePass vs LastPass comparison).
As a consequence, a premium subscription doesn’t seem worth it. Paying gets you a few extra features, but most of the core functionality is included with the free plan. LastPass does, however, offer excellent business subscriptions, which is why it earned a nod in our best password manager for small business guide.
LastPass is a solid password manager with a surprisingly generous personal plan. That said, it doesn’t feel as robust as 1Password or Dashlane on the paid end of things. You can read more about it in our LastPass review or create your own account to take it for a spin.
- Free plan available
- Easy to use
- Browser based
Rounding out our list is Keeper, which ranks fifth mainly because of its price. Although it’s expensive at around $5 per month for the full package, Keeper includes a lot of functionality and a beautiful interface on iOS. It’s also highly customizable, allowing you to store just about any entry type you want.
Out of the box, Keeper supports passwords, credit cards and identities, though you can expand that list with custom fields. Although Keeper doesn’t have custom entry types in the same way as 1Password, you can build out the templates provided through custom fields. In addition to those, you can attach files and add notes to your entries.
Like our other entries, Keeper supports 2FA with the Apple Watch, but you can authenticate in other ways, too. Through Keeper DNA, you can utilize your internet-of-things (IoT) devices, like Amazon’s Alexa, to verify your identity. With that, you don’t need to enter a second factor each time you log in, all while receiving the security benefits of 2FA.
Although Keeper is expensive if you purchase all of its add-ons, the password manager itself is cheap at $30 per year. However, we still recommend going with the Max Bundle. For the same price as Dashlane per month, it includes dark web monitoring, unlimited password storage and the KeeperChat application (read our Dashlane vs Keeper comparison).
Other Reasons We Like Keeper
Speaking of which, KeeperChat is a major reason to have Keeper as your password manager. It’s an end-to-end encrypted messaging app, ensuring your messages stay between you and whoever you’re sending them to. It comes with a slew of features that your normal texting app doesn’t have, too.
Those include message retraction, message self-destruct, a private media gallery and 20GB of encrypted file storage. As is the case with any encrypted messaging app, both you and the recipient will need KeeperChat for it to work.
Although it can be a hassle for personal users, KeeperChat works well with families, which is why Keeper earned a spot in our best password manager for families guide.
Outside of the iOS experience, Keeper has a great browser experience, too (it made our list of the best password manager extensions, in fact). With it, you can automatically fill password fields, autocapture new logins and manage your current entries. Of course, the extension syncs with your mobile devices so you can have your logins on the go.
From its excellent user interface to its breadth of features, Keeper does a lot right, especially if you can flip the bill for its Max Bundle. You can learn more about it in our Keeper review or sign up for a 30-day trial to see how you like it.
- Excellent features
- Highly secure
Choosing the Best Password Manager for iOS
Although there are plenty of iOS password managers available, it’s not as simple as picking one at random and calling it a day. Despite being around for quite a few years, Apple only officially started supporting third-party password managers in 2018 with the release of iOS 12. With the new software update, iOS supports autofill from non-Apple password managers.
That’s where we started when creating our best password manager for iOS list. Of course, any quality password manager should be good no matter what platform you’re on.
However, we paid close attention to password managers that integrate with Apple’s ecosystem, including support for autofill with iOS 12 and 13, as well as integration with other Apple products, such as the Apple Watch.
We also paid attention to the general mobile experience. For instance, KeePass is a solid password manager on desktop, despite being a bit clunky to use. It’s available on iOS, but only as an unofficial port. Considering how focused iOS is on ease of use, clunky mobile experiences don’t exactly fit the platform.
The mobile experience includes the password manager app itself, but also how the tool functions when you’re using your iPhone or iPad. For this, we considered biometric authentication with Face ID and Touch ID, as well as support for application autofill outside of your browser.
Breaking Down Security
Password managers are no good if they can’t, well, keep your passwords secure. When creating our best password manager for iOS list, we vetted every option for AES-256 encryption and zero-knowledge model. With these two in tow, your logins won’t be at risk, even if the password manager suffers a data breach.
Like Apple, we’re going to let the security work its magic in the background. All of the options below will keep your logins secure, so you shouldn’t worry about that. However, we focus more on the user experience, price and features in this guide. If you’re interested in security, be sure to read our corresponding review for each entry.
Is Apple’s Password Manager Safe?
Apple’s own iCloud Keychain is a solid password manager, much better than Chrome’s built-in option. Built around Apple’s secure iCloud service — which you can learn about in our iCloud Drive review — Keychain offers a convenient and free way to store passwords on the go. However, it only works well if you’re a part of the Apple ecosystem.
Like other Apple products, Keychain doesn’t play nicely with other pieces of software. It works with iOS devices and Safari, but that’s about it. There aren’t browser extensions for Chrome, Firefox or Microsoft Edge. You can’t use Keychain on Windows, either, leaving those who like multiple operating systems in the dust.
Still, Keychain is secure, much more so than other bundled password managers. As long as you’re content using exclusively Apple software, it’s a fine solution when it comes to keeping your logins safe. However, it’s missing a handful of features that other options include.
For example, there isn’t a password generator, though Keychain will suggest strong passwords when signing up for an account (you can also read our guide on how to set up a strong password). Similarly, Keychain lacks any sort of sharing functionality and doesn’t allow you to extensively edit entries.
In practice, Keychain works like a browser password manager. Although more secure than its counterparts, it lacks the functionality to go toe-to-toe with tools like 1Password and Dashlane. If you’re looking for a few extra goodies, the cost associated with a third-party password manager is worth it.
1Password is the best password manager for iOS, though it’s followed closely by Dashlane. If you’re in the market for a paid password manager, it’s hard to go wrong with either. That said, 1Password is the cheaper option, which is why it takes the cake when it comes to iOS password management.
Bitwarden is a solid alternative for budget-focused customers, as is LastPass. That said, neither of those options hit the mark in terms of features or security, like 1Password or Dashlane do. Keeper gets close, and at a slightly cheaper price, to boot.
What password manager are you using on your iOS device? Why did you pick it? Let us know in the comments below. Thanks for reading our guide on the best password manager for iOS.
Let us know if you liked the post. That’s the only way we can improve.