8 Best Password Managers (2025), Tested and Reviewed
Featured in this article
-SOURCE-Bitwarden.jpg)
Even the best password managers are the vegetables of the internet. We know they’re good for us, but most of us are happier snacking on the password equivalent of junk food. For nearly a decade, that’s been “123456” and “password”—the two most commonly used passwords on the web. The problem is, most of us don’t know what makes a good password and aren’t able to remember hundreds of them anyway.
The safest (if craziest) way to store your passwords is to memorize them all. (Make sure they are long, strong, and secure!) Just kidding. That might work for Memory Grand Master Ed Cooke, but most of us are not capable of such fantastic feats. We need to offload that work to password managers, which offer secure vaults that can serve as a substitute for our memory. The best password manager offers convenience and, more importantly, helps you create better passwords, which makes your online existence less vulnerable to password-based attacks.
Read our guide to VPN providers (including options for iPhones!) for more ideas on how you can upgrade your security, as well as our guide to backing up your data to make sure you don’t lose anything if the unexpected happens.
- Best for Most People: Bitwarden
- Best Free Password Manager: Proton Pass
- Best for Sharing: Keeper
- Best Upgrade: 1Password
- Best Full-Featured Manager: Dashlane
- Best for Bundled Services: NordPass
- Best DIY Options (Self-Hosted)
- Other Password Managers We Tested
- Why (and How) You Should Use a Password Manager
- How We Test
Updated October 2025: We’ve added Keeper and Google Password Manager. We’ve also added LastPass and Keys to the avoid section.
Why Not Use Your Browser?
Most web browsers offer at least a rudimentary password manager. (This is where your passwords are stored when Google Chrome or Mozilla Firefox ask if you’d like to save a password.) This is better than reusing the same password everywhere, but browser-based password managers are limited. In recent years, Google has improved the password manager built into Chrome, and it’s better than the rest, but it’s still not as full-featured or widely supported as a dedicated password manager like those below.
It’s not as secure, either. Although your passwords are encrypted in your browser, they’re trivially easy to decrypt if someone has access to your PC. Avoid using your browser’s password manager if someone else can potentially access your PC.
WIRED readers have also asked about Apple’s password manager, which syncs through iCloud and has some nice integrations with the Safari web browser—even a dedicated app. There’s nothing wrong with Apple’s system. It doesn’t have some of the nice extras you get with dedicated services, but it handles securing your passwords and syncing them between Apple devices. The main problem is that if you have any non-Apple devices, you won’t be able to sync your passwords to them. All in on Apple? Then this is a viable, free, built-in option worth considering.
What Are Passkeys?
A concerted effort to get rid of passwords began roughly two days after the password was invented. Passwords are a pain—you’ll get no argument here—but we don’t see them going away in the foreseeable future. The latest effort to eliminate the password comes from the FIDO Alliance, an industry group aimed at standardizing authentication methods online. Does this sound a little bit like the infamous xkcd 927? Yes, yes it does. But thanks to the monopolistic nature of devices, it might work this time.
Apple supports the FIDO specs and coined the term passkeys, which has caught on. Passkeys are generated cryptographic keys managed by your device (usually your phone). They’re easy to create—you don’t need to do anything, your device handles the details. Your passkeys are stored on your device and protected by either biometrics or PINs. Since passkeys are generated key pairs instead of passwords, there’s nothing to remember. If you are familiar with GPG keys, they’re somewhat similar in that there’s a public and private key; the website you want to log in to has a public key and sends it to your device. Your device compares that to the private key it has and you’re signed in (or not if the keys don’t match). While passkeys aren’t a radical departure, they’re still an improvement by virtue of being a preinstalled tool for people who aren’t going to read this article and immediately sign up to use one of the services below. If millions of people suddenly stop using 12345678 as a password, that’s a win for security.
Almost all of the apps we’ve suggested here can store passkeys, which means you can store your passkeys right alongside your passwords. Our two favorites, Bitwarden and 1Password, can generate, save, store, and sync passkeys. You can even log in to Bitwarden using a passkey, which pretty much eliminates the need for a password at all. Once you have a passkey stored, it will automatically sync to all your devices the same way Bitwarden and 1Password sync your passwords. When you return to that site, your password manager will log you in using the passkey you generated.
Think of passkeys as credit cards next to the cash (passwords) in your wallet. One day passkeys may work everywhere and there will be no passwords, no password managers. In the mean time we think it’s better to stick with a password manager, even if all you’re doing with that manager is storing passkeys.
How a Password Manager Works
Password managers are simple at the most rudimentary level. Instead of remembering your passwords, you store and encrypt them behind a master password. It could be as simple as an encrypted spreadsheet. A password manager makes logging in easier since you don’t need to remember your password, and more secure, as you’re able to use long, random, and unique passwords across all your accounts.
The best password managers throw more than a little encryption at the problem, though. Ideally, they’re built on a zero-knowledge or zero-access security architecture. This security model means your passwords are inaccessible while stored and synced across the provider’s servers. In other words, the service has zero knowledge of your passwords and no possible way to decrypt them. Some services, such as 1Password, take this idea further with a device-bound key that you need to register each time you set up a new device.
All of this extra security is in place for convenience. In addition to storing your encrypted passwords, a password manager can also sync your logins across devices, and ideally offer autofill and credential capture as you’re creating new accounts.
If you don’t want to use remote servers, you can host your own password vault, as well. Bitwarden offers self-hosting, while Enpass allows you to sync with cloud storage providers like Google Drive or iCloud. Self-hosting provides the best security, assuming you have good network security, but I’d avoid syncing with a cloud storage provider.
Best Password Manager for Most People
Bitwarden (9/10, WIRED Recommends) is secure, open source, and free with no limits. The applications are polished and user-friendly, making the service the best choice for most users. Did I mention it’s open source? That means the code that powers Bitwarden is freely available for anyone to inspect, seek out flaws, and fix. In theory, the more eyes on the code, the more airtight it becomes. Bitwarden was also audited in 2023 and 2024 to ensure it’s secure. You can install it on a local server for easy self-hosting if you prefer to run your own cloud.
There are apps for Android, iOS, Windows, macOS, and Linux, as well as extensions for all major web browsers. Bitwarden also supports Windows Hello and Touch ID on its desktop apps for Windows and macOS, giving users the added security of those biometric authentication systems. The web interface (which I frequently use) recently underwent a redesign, which makes it much cleaner and easier to use.
Bitwarden supports passwordless authentication, meaning you can log in with a one-time code, biometric authentication, or a security key. Bitwarden also has excellent support for passkeys, including the ability to log into Bitwarden with a passkey, which means you don’t need to use your username or password even to open your vault. There’s also some extras, like a feature to securely share files (called Bitwarden Send), a built-in 2FA authenticator app (paid only), and an extremely active and helpful community.
I like Bitwarden’s semi-automated password fill-in tool. If you visit a site you’ve saved credentials for, Bitwarden’s browser icon shows the number of saved credentials from that site. Click the icon, and it will ask which account you want to use and then automatically fill in the login form. This makes it easy to switch between usernames and avoid the pitfalls of autofill. If you simply must have your fully automated form-filling feature, Bitwarden supports that as well.
Bitwarden offers paid upgrade accounts. The cheapest of the bunch, Bitwarden Premium, is $10 per year. That gets you 1 GB of encrypted file storage and two-factor authentication with devices like YubiKey, FIDO U2F, and Duo, plus a password hygiene and vault health report. You also get priority customer support with a paid account.
| Features | |
|---|---|
| Passkey support | Yes |
| 2FA support | Yes |
| Emergency access/recovery kit | Yes |
| Email aliases | Yes |
| Encrypted storage | 1 GB |
After signing up, download the app for Windows, macOS, Android, iOS, or Linux. There are also browser extensions for Firefox, Chrome, Safari, Edge, Vivaldi, and Brave.
Best Free Password Manager
Proton Pass (9/10, WIRED Recommends) has taken up the mantle left by LastPass. There are plenty of free password managers floating around, but Proton Pass combines all the critical security and usability features of paid password managers and offers them for free. That includes unlimited login storage, extension, and mobile app support, passkey support, and cross-device sync. Those features alone make Proton Pass’ free plan competitive with paid options like 1Password and Dashlane.
Bitwarden still remains my top pick, which offers a similarly feature-rich free plan and the option to self-host your vault, but Proton Pass is a solid alternative. Proton really flexes its muscle with the paid Pass Plus plan, however. In addition to time-based one-time password (TOTP) support for two-factor authentication, Proton offers 10 GB of encrypted storage courtesy of Proton Drive, support for custom domains in email aliases, and integration with Proton’s other apps. That may not sound like much, but Dashlane, Bitwarden, and 1Password only offer 1 GB, even on paid plans.
I’m a fan of how seamless Proton Pass is, too. There isn’t much to the online vault window, but two areas stand out. First, there’s a history of your generated passwords. These are stored for two weeks, and they’re a huge help. I can’t tell you the number of times I’ve had to reset a password I’ve generated with 1Password because I didn’t create a login before clearing my clipboard.
The Pass Monitor view gives you a quick overview of your accounts. That’s not unique to Proton Pass in the slightest, but I appreciate how functional Proton’s security dashboard is. It highlights weak passwords, accounts where 2FA is supported but not enabled, and critically, links to support resources for features like email aliases and automatic 2FA.
| Features | |
|---|---|
| Passkey support | Yes |
| 2FA support | Yes |
| Emergency access/recovery kit | Yes |
| Email aliases | Yes |
| Encrypted storage | 10 GB (Plus) |
Once you’ve signed up, download the Proton Pass app on Windows, macOS, Linux, Android, or iOS, and enable the browser extension on Chrome, Safari, Firefox, Edge, or Chrome.
Keeper (7/10, WIRED Recommends) is a bit more expensive than our top options, and it lacks some built-in features, such as dark web monitoring, which is only available as a paid add-on. But when it comes to sharing logins with multiple people, Keeper tops the charts. That’s largely due to its enterprise focus, giving it an edge when managing logins for multiple users across multiple accounts.
Instead of structuring your data into separate vaults, Keeper lets you create folders and share them with a permission structure similar to Google Drive. Additionally, you can share passwords externally with one-time share links and create self-destructing records, which will automatically delete themselves shortly after being opened.
Although Keeper is more expensive than the competition in most cases, it offers a lot of flexibility for small businesses. Keeper can scale up to enterprises and government institutions, offering products that run as much as $85 per user, per month. But for smaller businesses, you can start for as little as $2 per user, per month.
| Features | |
|---|---|
| Passkey support | Yes |
| 2FA support | Yes |
| Emergency access/recovery kit | Yes |
| Email aliases | No |
| Encrypted storage | No (Up to 100 GB available separately) |
Once you’ve signed up, download the Keeper app on Windows, macOS, Linux, Android, or iOS, and enable the browser extension on Chrome, Safari, Firefox, Edge, Brave, or Chrome.
Best Paid Password Manager
What sets 1Password (8/10, WIRED Recommends) apart from the other options in this list is the number of extras it offers. Like other password managers, 1Password has apps for every major platform, including macOS, iOS, Android, Windows, Linux, and ChromeOS. There’s even a command-line tool that will work anywhere. There are plug-ins for your favorite web browser, which make it easy to generate and edit new passwords on the fly.
I still find Bitwarden to be a more economical choice for most people, but 1Password has some very nice features you won’t find elsewhere. If you frequently travel across national borders, you’ll appreciate my favorite perk: Travel Mode. This mode lets you delete any sensitive data from your devices before you travel and then restore it with a click after you’ve crossed a border. This prevents anyone, including law enforcement at international borders, from accessing your complete password vault.
It’s worth noting that 1Password uses a combination of two keys to unlock your account: your password and an additional generated secret key. While that does add a layer of security that will protect against weak passwords, it also means part of what you need to unlock your passwords is something you did not create. 1Password does make sure you have this key as an item in your “emergency kit,” but I still prefer pairing a self-generated password with a YubiKey.
In addition to being a password manager, 1Password can act as an authentication app like Google Authenticator. For added security, it creates a secret key to the encryption key it uses, meaning no one can decrypt your passwords without that key. The downside is that if you lose this key, no one, not even 1Password, can decrypt your passwords. (This can be mitigated by setting up a custom group with the “Recover Accounts” permission.) It now offers passkey storage, as well.
1Password also offers tight integration with other mobile apps. Rather than copying and pasting passwords from your password manager to other apps (which puts your password on the clipboard, at least for a moment), 1Password is integrated with many apps and can autofill. This is more noticeable on iOS, where inter-app communication is more restricted.
| Features | |
|---|---|
| Passkey support | Yes |
| 2FA support | Yes |
| Emergency access/recovery kit | Yes |
| Email aliases | Yes |
| Encrypted storage | 1 GB |
After signing up, download the app for Windows, macOS, Android, iOS, Chrome OS, or Linux. There are also browser extensions for Firefox, Chrome, Brave, and Edge.
Best Full-Featured Manager
Dashlane offers most of what you’ll find in our other picks. The company no longer offers a desktop app, but I primarily use passwords in the web browser anyway, and Dashlane has add-ons for all the major browsers, along with iOS and Android apps. If a desktop app is important to you, that omission is something to be aware of, but in my testing, it isn’t a big deal. Dashlane uses the same AES 256-bit encryption in a zero-knowledge system, which means passwords are only ever decrypted on your device. Dashlane uses multifactor authentication if you want, via an authenticator app or a hardware key like the YubiKey.
Dashlane is considerably more expensive than Bitwarden or 1Password, but that extra money does get you some additional security features, like Site Breach Alerts, which let you know if any web services you use have leaked your data. Dashlane also actively monitors the darker corners of the web, looking for leaked or stolen personal data, and it alerts you if your information has been compromised. There’s even a Phishing Alert system that will stop you from entering credentials on a site with a spoofed URL. This last feature is incredibly useful if you happen to be setting up less tech-savvy relatives or friends with a password manager. Dashlane’s phishing protection can save them from themselves. Dashlane also offers a VPN through Hotspot Shield VPN. I have not tested the Dashlane integration, but in testing Hotspot Shield on its own, I’ve always found it too slow to recommend in my VPN guide.
Setting up and migrating to Dashlane from another password manager is simple, and you’ll use a secret key to encrypt your passwords, much like BitWarden’s setup process. In practice, Dashlane is very similar to the others on this list. Dashlane offers a 30-day free trial, so you can test it out before committing.
| Features | |
|---|---|
| Passkey support | Yes |
| 2FA support | Yes |
| Emergency access/recovery kit | Yes |
| Email aliases | Yes |
| Encrypted storage | 1 GB |
After signing up, download the app for Android and iOS, and grab the browser extensions for Firefox, Chrome, and Edge.
Best for Bundled Services
-SOURCE-Nordpass-(cropped).jpg)
You might know Nord better for its VPN service, but the company also offers a password manager, NordPass, and a pretty nice online storage system, NordLocker. A part of the appeal of NordPass comes in bundling it with the company’s other services for some compelling deals. As a password manager, NordPass offers everything you need. It uses a zero-knowledge setup in which all data is encrypted on your device before it’s uploaded to the company’s servers. Unlike most services here, NordPass uses XChaCha20 for encryption. It would require a deep dive into cryptography to get into the differences, but the short story is that it’s just as secure and maybe slightly faster than the AES-256 encryption used by other services.
There’s a personal information storage feature to keep your address, phone number, and other personal data safe and secure, but easy to access. NordPass also offers an emergency access feature, which allows you to grant another NordPass user emergency access to your vault. It works just like the same feature in 1Password, allowing trusted friends or family to access your account if you cannot.
Other nice features include support for two-factor authentication to sign in to your account, as well as security tools to evaluate the strength of your passwords and alert you if any of your data is compromised. Note that NordPass Premium is theoretically $3 a month, but there are always sales that bring that much lower.
The downside, and my one gripe about all Nord services, is that there is no monthly plan. As noted above, the best deal comes in combining NordPass, NordVPN, and NordLocker for a bundled deal. A free version of NordPass is available, but it’s restricted to only a single device.
| Features | |
|---|---|
| Passkey support | Yes |
| 2FA support | No (business accounts only) |
| Emergency access/recovery kit | Yes |
| Email aliases | Yes |
| Encrypted storage | 3 GB |
After signing up, download the app for Android and iOS, and grab the browser extensions for Firefox, Chrome, and Edge.
Best DIY Options (Self-Hosted)
Want to retain more control over your data in the cloud? Sync your password vault yourself. The services below do not store any of your data on their servers. This means attackers have nothing to target. Instead of storing your passwords, these services use a local vault to store your data, and then you can sync that vault using a file-syncing service like Dropbox, NextCloud, or Edward Snowden’s recommended service, SpiderOak. There are two services to keep track of in this scenario, making it a little more complex. But if you’re already using a file-syncing file service, this can be a good option.
You can also properly host your own vault with network-attached storage or a local server.
Enpass does not store any data on its servers. Syncing is handled through third-party services. Enpass doesn’t do the syncing, but it does offer apps on every platform. That means once you have syncing set up, it works just like any other service. And you don’t have to worry about Enpass being hacked, because your data isn’t on its servers. Enpass supports syncing through Dropbox, Google Drive, OneDrive, iCloud, Box, Nextcloud, or any service using WebDAV. Alas, SpiderOak is not currently supported. You can also synchronize your data over a local WLAN or Wi-Fi network.
All of the features you expect in a password manager are here, including auto-generating passwords, breach-monitoring, biometric login (for devices that support it), auto-filling passwords, and options to store other types of data, like credit cards and identification data. There’s also a password audit feature to highlight any weak or duplicate passwords in your vault. One extra I particularly like is the ability to tag passwords for easier searching. Enpass also makes setting up the syncing through the service of your choice very easy. Enpass added support for passkeys, too.
Enpass is free to use on Windows, Mac, and Linux. The mobile version syncs up to 25 items in one vault for free. For more than that, you’ll want to sign up for the paid service.
After signing up, download the app for Mac, Windows, Linux, Android, and iOS, and grab the browser extensions for Chrome, Vivaldi, Edge, and Firefox.
KeePassXC works like Enpass above. It stores your passwords in an encrypted digital vault that keeps you secure with a master password, a key file, or both. You sync that database file yourself using a file-syncing service. Once your file is in the cloud, you can access it on any device that has a KeePassXC client. Like Bitwarden, KeePassXC is open source, which means its code can be and has been inspected for critical flaws. If you’re an advanced user and comfortable handling your own issues and support, KeePassXC makes a great choice.
The downside of KeePassXC is that it doesn’t have official mobile clients. However, third-party apps are available for iOS and Android. KeePassXC is a fork of KeePass that offers better cross-platform support, but there are a handful of other forks available, as well.
Download the desktop app for Windows, macOS, or Linux and create your vault. There are also extensions for Firefox, Edge, and Chrome. The project does not offer apps for phones. Instead, it recommends KeePass2Android or Strongbox for iPhone.