Password manager security: Which is the right option for me?
The first guide of our two-part series helps consumers choose the best way to manage their login credentials
While we continue to wait for the long-awaited password-less future to arrive, individuals and enterprises are still stuck with the problem of how to manage their countless, proliferating login credentials.
Whether they allow browsers to save passwords, rely on Apple’s Keychain or another operating system utility, or trust a dedicated app, most people and organizations now use some form of password management utility.
A password manager creates an encrypted vault that securely stores credentials. These are protected by a master password.
Most consumer-focused apps can also create unique, random passwords and support safe credential sharing between friends and family members.
Some also contain extra perks such as detecting reused passwords and monitoring your accounts for possible data breaches.
Given the differences in functionality and pricing tiers, The Daily Swig is offering a comparative, two-part guide to some of the most popular password management utilities available for consumers and businesses.
This article, part one of our series, looks at consumer password manager options, while part two will showcase some of the best choices for enterprises. Stay tuned for the forthcoming second guide.
1Password
1Password offers an easy sign-up process and printable digital key for recovering your account in case you forget your master password.
The application has apps for macOS, Windows, Linux, Android, and iOS as well as a Chrome extension that enables a user to auto-fill login information on websites and store new credentials in their vault.
The tool allows you to create multiple vaults to organize your data for various purposes (personal, work, etc). In addition to login information, you can use 1Password to store credit card information, API tokens, crypto wallet recovery seeds, and other sensitive documents or data.
The password manager also allows you share to passwords with other users. You can tweak the sharing feature by setting expiry dates, maximum number of views, and specific email addresses that can access a password.
1Password’s Watchtower feature monitors your account for reused passwords, vulnerable passwords, and potentially compromised accounts.
The application also has a Travel Mode for special circumstances where your devices might fall into unwanted hands. Vaults that you mark as not safe for travel will disappear from your devices when you turn on Travel Mode and reappear when you turn the feature and re-connecvt to the internet.
The password manager offers no free-of-charge plan and instead offers personal ($2.99 per month) and family ($4.99 per month) subscriptions. With the family subscription, you get five premium accounts and the ability to create shared vaults that you can use together.
Bitwarden
Bitwarden offers a full range of standard features including the ability to import data from other password managers, creating multiple vaults, sharing passwords with other users, and syncing vaults across multiple devices. It has apps for all major operating systems, extensions for nine different browsers, and a command-line interface for writing scripts.
One feature that sets Bitwarden apart is its strong free-tier option, which provides features that most users typically need. The premium subscription ($10 per year) also adds security reports, stronger 2FA (two-factor authentication) options, 1GB of encrypted storage, a OTP (one-time password) generator, and emergency access to your vault by other (nominated) Bitwarden users.
Bitwarden also has a family plan ($40 per year) with six accounts, shared password collections, and shared encrypted storage.
Bitwarden is an open source program, which means you can host it on your own servers if company or industry regulations prevent you from storing your credentials in the public cloud. However, to get the full range of features, you’ll need to purchase a premium license.
Dashlane
Dashlane is another online password manager that provides basic features to store and secure your passwords, including creating vaults, generating passwords, filling online forms, and importing data from other managers.
The tool provides a very limited free plan that only works on one device. The advanced tier ($2.75 per month) removes the device limit and adds a service that monitors the dark web for breached passwords and compromised accounts.
The premium plan ($4.99 per month) adds VPN support, and the family plan ($7.49 per month) provides 10 premium accounts plus a dashboard to manage accounts and shared resources.
Unlike other password managers, Dashlane doesn’t have a desktop application – PC users must do everything through the web portal and browser extensions. But it does have mobile apps for Android and iOS.
Dashlane allows you to share passwords with other Dashlane users and set limits to what kind of access they will have to your credentials.
Dashlane’s emergency access feature also allows you to specify a contact who can assume ownership of your account in case you lose access, and you can specify a waiting period to accept or reject the user’s request to access your vault.
KeePass
For users who don’t trust online services with their passwords – a legitimate concern after the LastPass debacle – KeePass is a convenient alternative.
KeePass is a standalone application that provides many of the functions you would expect from a professional password manager, but with some notable exceptions. Absent features include the ability to auto-capture new passwords, syncing across multiple devices, password sharing, and scanning the web for breached accounts.
KeePass also fails to offer a web interface, browser extensions, or support for multiple platforms. The package comes as a Windows application, although being an open-source project means developers have ported it to other platforms. You’ll find links to these software packages on the KeePass website.
In KeePass, you can create password databases to store passwords, notes, and documents. These password databases can be copied to other devices, but you’ll have to sync them manually.
KeePass lacks support for many types of data, such as credit card info and API tokens, by default, but you can customize the utility to support different data types. Instead of autofill, KeePass has an auto-type feature that emulates typing your credentials on the keyboard, a feature than can require a bit of getting used to.
While this is not the most convenient password manager, it is a decent option for advanced users who want full control of their data and the ability to tinker with the software.
Operating system password managers
Alternatively, you can use a tool that comes bundled with your operating system. Most popular among them is Apple’s Keychain, which encrypts and stores your passwords in a secure vault on your device.
The main advantage of Keychain is its deep integration with the Apple ecosystem. It automatically detects and fills passwords for websites, applications, WiFi networks, and more. It can also be synced to your iCloud account and made available across all your Apple devices, including Mac, iPhone, iPad, and Apple Watch.
So Keychain is convenient if you only use Apple devices. But if you have other operating systems in the mix (Android, Windows, Linux), then you’ll need a separate password manager. You also won’t be able to use it if you want to log into one of your accounts from a friend’s device or a public computer.
Resource : https://portswigger.net/daily-swig/password-manager-security-which-is-the-right-option-for-me