A password manager is software that securely stores your login credentials for every website and app in an encrypted vault. It generates strong, unique passwords for each account and automatically fills them in when you log in - so you only need to remember one master password.
How Password Managers Work
- You create a master password that encrypts your entire vault. This password is never sent to the manager's servers - only you know it.
- The vault is encrypted locally (AES-256) before being synced to the cloud.
- When you visit a login page, the browser extension detects it and fills in the saved credentials.
- When you create a new account, the manager offers to generate a random password and save it.
Popular Password Managers
| Manager | Cost | Open Source | Key Feature |
|---|---|---|---|
| Bitwarden | Free / $10/yr premium | Yes | Best free option with full features |
| 1Password | $36/yr | No | Travel mode, polished UX |
| Dashlane | $33/yr | No | Built-in VPN on premium |
| KeePassXC | Free | Yes | Local-only, no cloud sync |
What Is the One Catch With Password Managers?
If you forget your master password, you cannot recover it (by design). The encryption is strong enough that even the manager's company cannot help you. Keep a written copy of your master password in a physically secure location.
Where Is the Safest Place to Keep Passwords?
In a reputable password manager, not in a browser's built-in save (less secure), not in a spreadsheet, and definitely not on a sticky note. A password manager with a strong master password and 2FA is the gold standard.
People Also Ask
- What is the downside of using a password manager?
- Single point of failure: if your master password is compromised or forgotten, all accounts are at risk. Mitigate this with 2FA on the manager and a secure backup of the master password.
Related: Strong passwords | 2FA | Password Generator