Regardless of whether we want to start the computer, read our e-mails, do banking or buy products online: we have to log into our user account and enter a password. Passwords are used to protect our sensitive data and information. It is more important, too use secure passwords and to protect them.
Unfortunately, really strong passwords are difficult to remember, but entering them all the time takes time and effort. Especially when you log into online services with passwords on your smartphone or tablet. To solve all of these problems you have to Password manager as its own software established and are becoming increasingly popular.
Now, however, a user has numerous password managers to choose from. How do you recognize the best password manager? What functions should such software have? What should you pay attention to when choosing? Here you can find our big one Password manager test and the best providers in comparison.
Why should I use password managers?
E-mail, online banking, internet shopping, streaming services, the tax office, crypto exchange, ... - we can only access practically all useful online services by entering our user data and password. We have got used to it, but because the number of services used is increasing, many of us have had an overview of ours for a long time countless passwords verloren.
Unfortunately, there are many dangers to our passwords on the Internet. Hackers want to steal our passwords, for example to steal funds or otherwise cause damage. Because simple passwords like the Favorites of the Germans “123456”, “password” or “master”, can be simply guessed or easily cracked using a so-called brute force attack, we absolutely have to complex and therefore secure passwords use. Such passwords should contain special characters, upper and lower case letters and numbers. In addition, each password should be unique, so you would have to remember a new - imperceptible - password for each additional online service.
- But this brings with it a new problem: You can't remember secure passwords.
Because we are constantly surfing the Internet and log into more than 10 accounts every day, these secure passwords must be entered as easily and quickly as possible function. Otherwise we will lose valuable time and, above all, our patience. And because we surf the web more on smartphones than on PCs, but sometimes also on tablets, we should ideally have these passwords available and be able to enter them on all devices in seconds. These problems bring with them a long list of requirements that can be solved with a password manager.
Arranged in individual databases and directories, you have a quick overview of all passwords and can copy and paste them into the clipboard. Or you can even fill in the passwords in the browser insert automatically to let.
Types of password managers
There are two different ways how password managers can help you manage and use your passwords. One possibility is the cross-device synchronization of passwords, the second possibility is the local saving of passwords in a database file on your computer.
- The cross-device synchronization offers you more convenience, but also requires more trust in the manufacturer of the password manager. In order for the provider to be able to synchronize the encrypted password database across all of your devices, it uses its secure cloud storage. So the encrypted password file goes through the manufacturer's cloud server.
- The second type of password manager works through a Encrypted password database stored on the local PC or devicethat never leaves your device. This gives you additional security, but prevents synchronization across multiple devices. So you have to "atone" with ease - you cannot use the encrypted password database from the PC on the smartphone and vice versa.
How to use a password manager
Perhaps you've never used a password manager and are now inquiring about such software for the first time. How it works may be a bit unclear at the beginning, so we'll briefly discuss how a password manager works.
The first thing a password manager does is to keep your passwords safe. You want to be able to access your passwords for individual accounts at any time, but you absolutely have to prevent someone else from seeing or cracking these passwords. How does a password program secure your passwords?
- The answer is one Combination of encryption and master password.
When you start a password manager for the first time, you will create a new password database. This is a single file. This file will contain all of your saved passwords (and associated login data or notes); However, so that nobody can infer your passwords from this file alone, all passwords contained are saved multiple encrypted with an encryption protocol. Most of the time, encryption is carried out with the Advanced Encryption Standard (AES), which uses a 256-bit key.
In the future you will either open the database file directly from the file manager, or simply open the password manager itself, enter your master password and be able to call up individual passwords immediately and by copying to the clipboard in the respective browser window (or app on the smartphone).
Common mistakes when choosing passwords
If passwords are cracked, it is bitter. However, the fact that it is usually the user's own fault is particularly bitter (sometimes passwords are stolen from the provider). Passwords are often replaced by a so-called Bruteforce attack cracked.
- Brute force (German "brute force") describes an attack in which a hacker lets a programmed bot try random strings of characters as a password. If the attack is carried out long enough and an unlimited number of login attempts are possible, the password will eventually be guessed.
- Password is too short: The shorter the password, the faster it can be guessed. A password should have at least 8 characters, but preferably 12 or 16 characters, depending on the possibility. With some providers, passwords cannot be longer than 8 characters.
- Password contains normal terms: Most bruteforce bots use a dictionary file because this way, frequently used words can be tried out as a possible password more quickly. So only use random sequences of letters to make cracking the password much more difficult.
- Password does not contain any special characters: Bots always test for letters and maybe also numbers, but not for special characters. If you use one or more special characters in your password (e.g. $,%, &, ...), you make cracking your password practically impossible because it would take too many attempts to log in.
- The same password is used several times: Unfortunately, most users use one password on several, and possibly almost all, of their online services. If such a password is cracked once or obtained through phishing, a hacker can gain access to dozens of online services. That is why you should use a separate, complex password for each online service!
When testing the password manager, we focused on the assessment in 3 dimensions.
- Safety: How securely are your passwords protected in the password manager and how difficult is it for outsiders to gain access to the passwords?
- Ease of use: How easy and intuitive is it to use the password manager? Can you find all the important settings and functions in the shortest possible time? How fast can you copy passwords and use them in the browser?
- Features: Most of the functions of a password manager are absolute musts, but some are characterized by practical additional functions. Here we consider whether a password manager offers all the necessary functions and how it may stand out from other providers.
How secure is your password manager?
Security is of course the top requirement of a password manager, your passwords must be stored securely and encrypted. There are several measures with which this protection can be ensured.
First of all, how is your password database encrypted? Ideally with 256-bit, the Advanced Encryption Standard is the most proven here.
Here it is important to us that you can only use complex, difficult-to-crack master passwords. If you know your master password, you can access all saved passwords! In this respect, a password program should indicate that master passwords are too simple!
An additional security measure is to have to authenticate yourself as the legal owner of the password database using a second factor in addition to the master password.
Ideally, you shouldn't use a password more than once. A duplicate finder function in the password manager can alert you to passwords that have been used repeatedly.
Despite all protective measures, a password can be lost, and an online provider may have been hacked. A good password manager can connect to public online databases and check whether your user account has been reported as hacked.
How do we rate the usability of the password manager?
Using the internet is exhausting and time-consuming enough when you have to log into the various online services and check information there. A password manager should make your everyday life easier, not cause further headaches. Important criteria in the usability of a password manager are:
Does software have to be installed at all or is it possible without it?
How can the password program be used on individual operating systems on a PC or smartphone? How easy is it to operate on iOS or Android with smaller screens?
Copy & paste function
Is there an easy way to copy the password to the clipboard and paste it back into the next password field with Ctrl + v?
Is there even an option for the password manager to automatically and independently insert the password in the corresponding password field at the respective provider?
Can you work with a single password database that is updated in real time on all of your devices? Don't forget that this will require more trust in the provider.
Important functions of a password manager
The most secure passwords were not thought up by themselves, but rather had been created at random. The functionality of the password generator in the password manager is precisely for this purpose. The best password program should let you determine how much “bit” the complexity of the password should be and then suggest a password to you with a click of the mouse.
Browser integration / auto-fillin
With a browser integration, the password manager offers you maximum convenience. You no longer have to copy and paste the password from the program; instead, when you open the respective online service, the password is automatically inserted into the password field. Browser integration with Firefox and Chrome is highly desirable.
Whether the password and your user data of a certain account have possibly already been stolen can be checked by comparing them with public databases on the Internet. A good password manager can do this automatically in the background, your data will not be disclosed, but you will be informed in an emergency so that you can quickly choose a new password and secure your account.
It is particularly convenient if you can share a single password database on desktop PC, smartphone and tablet. Administration is probably easiest on a PC, but passwords should be accessible and easy to enter even when you're on the move. A cross-device synchronization is practical, but only works if the manufacturer synchronizes your encrypted password database via its cloud storage - is that acceptable for you?
Import / export of passwords
You may have used a different password manager and already have a password database, or you want to use a different solution on a different device. Being able to import and export passwords can save you a lot of time and effort.
Save user data
You will not only save your passwords, but also your login name and possibly the security questions used or the specific URL of the service. These fields help you to retrieve all information in seconds.
Save additional information and attachments
You may want to save additional information with a password and user data. For example the security questions for restoring the password, the original registration as a PDF file or something similar. Some password managers allow you to save additional information and attachments with the password entry.
Structure of multi-databases / directories
So that the password manager enables a good organization of the passwords, you should be able to save them in separate databases or directories and subdirectories. The best password managers offer you the organization in such a simple, clear structure.
Best password manager in comparison
|LastPass Premium||1Password||KeePass||Password Manager Pro||Kaspersky Password Manager|
|Checking the master password||√||√||√||√|
|Check for account hack||√||√||√||√||x|
|Setup / use Windows||very high / very high||very high / very high||moderate / moderate||very high / very high||moderate / moderate|
|Setup / use iOS / Android||very high / very high||very high / very high||moderate / moderate||high / very high||high / very high|
|Copy & paste function||√||√||√||√||√|
|Synchronization across devices||Automatically||Automatically||manually||Automatically||Automatically|
|Multiple databases possible||√||√||x||x|
|Storage of user names, links, attachments||√√√||√√√||√√√||√√x||√√x|
|Price||€ 21 / year||€ 32 / year||free||€ 24,95 / year||€ 13,95 / year|
Best password manager in detail
LogMeIn's LastPass Premium password manager promises to make life easier in its slogan, but is that true? Before you can download the software, you have to create an online account with your master password to be used. The password database is stored online at LogMeIn with AES256 encryption and synchronized across all devices. The master password must have at least 12 characters; 2-factor authentication can be set up. Passwords can be checked for duplicates and possible hacks.
- In terms of Ease of use The password manager leaves nothing to be desired, and installation on the PC is not necessary. Operation in the app and on the PC is very simple and intuitive, an autofill function automatically enters passwords in the browser (Chrome, Firefox).
- The synchronization takes place in real time on all devices used.
- You can have a single database in additional directories structure, an import and export of passwords is possible.
- A Password generator suggests secure passwords, additional information such as username, website and title can be stored with the password entry, and file attachments can also be saved.
Summary: LastPass Premium is a great password manager with online synchronization across all devices. We particularly like the operation of the software and the autofill function; the only thing we miss is the ability to create multiple databases.
Price: LastPass Premium is available for $ 36 / year (excluding VAT) paid annually.
With 1Password, Agile has bits one of the most popular password managers on the market. Here, too, passwords are synchronized across devices, the password database is protected with AES256. The master password must be complex and can be additionally protected with 2-factor authentication. More security for passwords is offered by automatic detection of duplicate passwords and comparison with online databases for possible hacks. We find the software to be a bit difficult to use on a PC, but it is simple and successful on a smartphone.
- The software must not installed on the PC apps on smartphones are, of course, all common operating systems are supported. Passwords can either be used with copy & paste or by automatic fill-in in the browser.
- We are very satisfied with what is offered Features by 1Password. As a user you can create several password databases, which can be divided into individual directories.
- With a password entry, name, user name, link, but also any file attachments can be stored. A Integration is implemented with Firefox, Chrome, but also Internet Explorer.
The password generator, which outputs passwords at random, could be a bit better.
Summary: A passable password manager that offers all the necessary functions and synchronizes across all devices. The drawbacks are the somewhat more complex service and the above-average price.
Price: an annual license costs € 32.
The password manager KeyPass was developed by Dominik Reichl and stores passwords only locally on the device. It uses AES256 encryption; a master password can be of any complexity. There is the option to set up a 2-factor authentication, duplicate passwords and hacked user accounts are brought to the attention of the user. The program can be run without installation, but it has a very outdated user interface, which also makes it difficult to use. The software looks like it was at the turn of the millennium and rather heavy.
- However, KeePass can also transfer the passwords directly to the browser or via Copy & paste inserted.
- It can be multiple databases and directories set up, passwords can be exported and imported.
- The Password generator creates passwords in any bit encryption, user data, links, but also attachments with entries can be saved. Integration with Chrome and Firefox is available.
Summary: KeePass is a great, feature-rich password manager that is available for free. It is just right for those who do not want synchronization across devices. However, it is a bit difficult to use and the user interface is not intuitive.
Price: KeePass is available free of charge
Password Manager Pro
Password Manager Pro is the password manager of the German Antivirus manufacturer Avira. The program secures passwords with AES256 encryption and only accepts a complex master password. The password manager synchronizes across devices, the encrypted password database is saved via the cloud. Unfortunately, no individual databases or directories can be created, otherwise a password generator, storage of additional information and links are possible, but attachments are not.
- A 2-factor authentication can be set up, you will be notified in the event of duplicate passwords or hacked user accounts.
- The program can without installation The initial setup could be a bit easier, but you can quickly find your way around the operation. There is a copy & paste function as well as auto-fillin in Chrome and Firefox.
Summary: Password Manager Pro from Avira is a functional password manager that scores with ease of use. However, it offers less functionality than competing providers, a structuring of password entries or file attachments cannot be saved, the product is priced in the middle of the range.
Price: The password manager can be used for 24,95 year for € 1.
Password Manager (by Kaspersky)
Just like Avira, Kaspersky also offers its own solution, Password Manager, which can be used individually or with anti-virus and Anti-spyware software can be installed. The password database is encrypted with AES256; unfortunately, 2-factor authentication or checking for hacked user accounts is not possible. Duplicate passwords are pointed out, the password manager must be installed on the operating system. The operation of the program is not very intuitive on the PC, but very simple on the smartphone.
- A Autofill function in common browsers is also available as is the option for quick copy & paste of passwords.
- A synchronization with other devices can be done automatically.
We are a bit disappointed with the range of functions, you can only create one database, the password generator is poor and file attachments cannot be saved. Nevertheless, individual directories can be created, passwords generated and entries with name, URL and user name saved.
Summary: The Kaspersky Password Manager does its job fundamentally and can be a good overall solution with Internet Security. However, it lags behind competitors in terms of functionality, and the price is very cheap. We would like more functions.
Price: the 1-year subscription costs € 13,95
Using a password manager may initially be a major change for many, but it will pay for itself in a very short time. The ability to have all of your passwords and user data in one place to be stored securely and encrypted and at the same time filling in the password fields in the browser in seconds - whether on desktop, smartphone or tablet - bring a lot of relief and time savings.
- The important thing is to ask yourself if you can count on one cross-device synchronization with a trustworthy provider, or you prefer one local storage prefers. There are suitable solutions in both cases, even if the user comfort is somewhat lower in the latter.