KeePass Password Safe |
Use a Password Manager on PC, Android, and more.
Because remembering passwords can be a huge hassle, many people make the mistake of using a single password for multiple uses. That's a really bad idea because if one use is compromised, which happens all too often, that compromised password can then provide access to other uses, contributing to identity theft and serious harm; e.g., your compromised social networking password giving bad actors access to your online banking.
The best way to protect against this risk is to use different, strong passwords for different uses, so the compromise of any one use affects only that one use. That may sound like a huge hassle, but it doesn't need to be: a Password Manager can easily generate and manage lots of strong unique passwords. Then you only have to remember one strong master password that you don't use for anything else. Your other passwords are safely stored in a securely encrypted file. You can also increase security with multi-factor authentication.
The best way to protect against this risk is to use different, strong passwords for different uses, so the compromise of any one use affects only that one use. That may sound like a huge hassle, but it doesn't need to be: a Password Manager can easily generate and manage lots of strong unique passwords. Then you only have to remember one strong master password that you don't use for anything else. Your other passwords are safely stored in a securely encrypted file. You can also increase security with multi-factor authentication.
If you use more than one connected device (e.g., computer, tablet, smartphone), you can have your passwords available on all of them by storing your securely encrypted password file in a "cloud" storage service like Google Drive, Microsoft OneDrive, or DropBox.
Password Managers can be either proprietary or open source. The problem with proprietary is that privacy and security cannot be verified—you are instead relying on hope and trust, and that's not a good idea, as evidenced by weaknesses and compromises known and unknown. By contrast, open source software can be verified easily by experts and corrected or modified as needed or desired. So look for FOSS (Free and Open Source Software).
Note: Be skeptical of reviews and ratings, especially on the Internet.
Most are not written by real experts. Many are just paid promotions.
This site receives no consideration for its recommendations.
Best Password Managers (FOSS)
- KeePass. Limited native functionality, but rich in plugins and ports.
- Keepass2Android. Best Android implementation of KeePass.
- Password Safe. Simple and basic. Written by expert Bruce Schneier.
Honorable Mention
- AuthPass. Compatible with KeePass. Has potential, but suffers from teething issues.
- Bitwarden. Slick, feature rich, and open source, but freemium and dependent on Bitwarden servers.
Better than Third Party
- Apple iCloud Keychain. Proprietary.
- Google Password Manager. Proprietary. Includes Password Checkup.
Resources
- On the Security of Password Managers - Schneier on Security
Bruce Schneier is an internationally recognized security expert. - Before You Use a Password Manager | by Stuart Schechter | Medium
- FOSSHUB | Password Managers Software.