Technology in terms you understand. Sign up for the Confident Computing newsletter for weekly solutions to make your life easier. Click here and get The Ask Leo! Guide to Staying Safe on the Internet — FREE Edition as my thank you for subscribing!

What’s the Best Password Manager for 2024?

Your choices are many, and that’s a good thing.

The best password manager is the password manager you'll use (within reason, of course).
Password Management
Question: I’m confused as to the best password manager. The several reviews I’ve read tend to contradict each other as to what’s best. I now have information paralysis and can’t decide which to try, but I need to do something. I’m overwhelmed by the number of passwords I have to keep track of.

I hear ya. I have hundreds of accounts and passwords, and managing them without a password manager would be impossible.

There are many options, as you’ve seen.

That’s good news, because many of those options do quite nicely. Pick one of those, and it’d be hard to go wrong.

Become a Patron of Ask Leo! and go ad-free!


The best password manager for you

There are several good password management alternatives available today. I happen to use and recommend 1Password, but tools like BitWarden, KeePass, Dashlane, and RoboForm are all worthy alternatives. Which is “best” becomes a matter of personal preference based on functionalities, platforms, ease of use, and cost. More important than which you pick is that you pick and use a password manager to enable the highest level of security with strong, unique passwords you don’t need to remember yourself.

What I use

I’ll cut to the chase and mention 1Password. I switched to it after the 2022 LastPass breach.

It works on all the platforms I care about, including all my browsers, Windows, Mac, Android, and iPad. To quote the old credit card commercial: it’s everywhere I want to be.

Besides passwords, I use it to automatically fill in credit card information when I make online purchases, and I use the secure notes feature to keep additional free-form information.

While there is no free version, the paid version is quite worth it.

What I would use

If for some reason I could not use 1Password, I would investigate and probably switch to one of these alternatives.

  • BitWarden. It’s probably the alternative I see most commonly recommended by my readers, and looks to be a very worthy equivalent.
  • KeePass. A free, open-source alternative that uses a different storage model than most others.

That last item — the different storage model — is worth discussing since some folks find it an important distinction.

Where is your data kept?

Most password vaults store your information encrypted online. That means you can fire up their tool anywhere, and a copy of your vault is downloaded and made available to you once you’ve submitted your master password.

Even though the information is securely encrypted, and thus completely useless to hackers if they could get a copy of it, this makes some people uncomfortable.

KeePass is an example of a tool that does not use server-based storage. You specify where the data is stored. There are an assortment of approaches that make your information available in many places, including placing your database on your own server, in cloud storage services like Dropbox or OneDrive, or keeping it on a thumb drive.

If this matters to you, it’s probably the first decision I would make when choosing a password vault.

Others with good reputation lists over 200 alternatives to 1Password for password management. I’m sure many are just fine, while others are too new to have developed a track record. It’s a popular category.

In reviewing that list, a couple of additional entries also feel reasonable.

  • Dashlane
  • RoboForm

While they’re not on the list of password managers I’d immediately jump to myself, these have good reputations.

(If you have a password manager you love that I haven’t mentioned, don’t take it as a slight. As I said, there are over 200 alternatives — too many to list or even form an opinion on.)

But which one is best?

Much like exercise and my advice on backing up, the best password manager is the password manager you’ll actually use.

Within limits, of course.

The good news is that I don’t believe you can go far wrong by choosing one of the password managers I’ve mentioned above. Among those, it’s a matter of personal choice.

Do this

Use a password manger.

When deciding which one to use, consider:

  • Where it keeps your data.
  • Which platforms it supports.
  • How it makes your password information available across the platforms you use.
  • How complicated it feels to set up and use.
  • Cost. Password security is important, and worth payment in my opinion, but I realize that’s not an option for everyone.

You have lots of options, all good.

Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.

Podcast audio


74 comments on “What’s the Best Password Manager for 2024?”

  1. The thing that keeps me from LastPass is their corporate ownership: GoTo Inc. (formerly known as LogMeIn, but now named after their most profitable line, including GoTo Meeting).

    I don’t like their track record: they acquired the Hamachi VPN, which was free, and shut out the free users in favor of selling it for exorbitant prices, and there haven’t even been updates to it in the past 3-1/2 years.

    When the company acquired LogMeIn, a nifty remote access tool that people used to help provide computer support to family members, they announced they were shutting down free access and gave people a WEEK to transition to the paid service or they were cut off. Then they bought out Meldium …and shut it down.

    Then they bought LastPass and severely restricted the free tiers, and jacked up the prices on the paid tier.

    I’d rather work with a company that’s more about service than greed. I dumped LastPass for BitWarden, which allowed a direct import of the data, and still has a free tier that not only works great, but also allows sharing between devices. For personal use the next tier up for more functions is $10/year, or get access for SIX family members for just $40/year. (I do the $10 to support them and to get the extra features.)

  2. i would also comment, even though i never comment, since comments can be taken with a grain of salt. i used lastpass for years, but as soon as lastpass was, as best i can tell “taken over” by microsoft, is only available from the microsoft store now, it became like all other products microsoft “takes over” – skype, sysinternals suite and other reliable and useful apps, it became awkward, slow, bloated, clumsy, and more difficult to use. so i switched to applications just as powerful, but using less resources and far less cumbersome. BitWarden works nearly the same, and is far easier. KeePass has a higher learning curve but is more extensible and powerful. so, i use bitwarden, with export to backup of keepass.

  3. The one thing I would fear and dread, is some malware author writing & uploading a nifty password vault app… complete with backdoor and sereptitious “phone home” capability.

    If you’re into horror stories, no need to read Lovecraft — ’cause there’s a nightmare for you!

  4. +1 for Bitwarden. Better than Lastpass, not equivalent to…..the $10/yr. tier gives you everything users would ever need, and every time I’ve submitted a support question I get a quick response (within 48 hrs), and follow ups. They are open source, and their interface is straight-forward and simple, the way a good password manager should be. 1Password is a decent second in my book, but their fondness for silly imagery all over their website and PrivCo status are negatives.

    Roboform is way past its prime (early 2000’s), crappy support, clunky interface. RF looks and feels and operates like a distant relic from the past. People using it probably have email address. Not a serious contender anymore Leo – you should remove it from your list.

  5. I have used Norton Password Manager (which includes an excellent password generator) for several years. I have never had any trouble with it. No, it isn’t free. It is part of the Norton 360 subscription (last November renewal was $94 – this year it will probably be a little more), but It is convenient, reliable and has an extension available in chrome for ease of use.
    Why don’t you ever mention or recommend Norton 360, Leo? Norton is 100% safe and has NEVER been hacked. Also, their support is quick with a polite agent that will resolve any issue.
    I recently had a problem with the chrome extension refusing to open the Norton Password Manager. They resolved it quickly. It was caused by a factory reinstall of Windows 10 I was forced to do because my computer crashed irritrievably due to it trying to restart twice in the middle of, not one, but two power failures. I did have my files backed up, but no image. so it was a real chore to get back up to speed. It took me three days (groan).

    • I can’t mention or list absolutely every possible solution. That you have had a good experience with it is great.

      I will say this: Norton has had a long history of annoying me. From difficulty uninstalling to constant upsells (common in this industry), to other things, it’s just left a bad taste in my mouth.

      I also don’t believe that an additional security suite is needed in Windows any more. The built-in tools are sufficient. So even without a password manager I wouldn’t be looking at Norton’s other tools anyway.

      Finally, I prefer to get my password manager from companies whose #1 job is their password manager. Norton isn’t alone in adding a password manager to their product line, but in all these cases it always feels like “oh, we should have a password manager too, so we can check the checkbox”. I may be cynical (ok, no “maybe” about it), but I remain concerned that the password managers promoted by these companies may not always get the attention they deserve as the company’s priorities inevitably change over time.

      But as I said, you’ve had a good experience, and that’s great. I’m also certain you’re not alone.

  6. I absolutely know that using a password manager is essential these days. I started using a password manager years ago (maybe Dashlane) but upon initial setup it listed EVERY password I had ever used for a site. There were what appeared to be the “main” passwords and then others for what I assumed were other “levels?” of the site. When I tried to login to a site, I got error messages because the password was old. I found it confusing and so I just stopped using it. Have they improved in ease of use in the last 8 years? I have been told that Google’s password manager is all I need, but I do everything online and I worry that my info is just there for the taking.

  7. So far, both me and my family have pleasant experience using 1Password, we use in our laptops and mobiles, and it seem to detect the services and sites we used to log in well. It’s nice to know too that by paying for the password manager, it may contribute to its other services being publicly free (

  8. One question I can’t find in the article is do I have to have a copy of the Password Manager on all my machines? If I do, do I then have to buy a license for each computer? What about 2 people using the same passwords.

    I tried figuring this out a while ago and got lost in the “weeds”.

    • This depends entirely on the specific Password Manager you choose.

      Using LastPass as my example: my subscription covers *me*. Meaning all the devices I might choose to install the software on. If I don’t choose to install the software, I can still view my vault in a webpage on any machine.

  9. I’ve been using KeePass under Windows for about 10 years. I like the idea of open source as well as the local storage option.

    You can run KeePass under Linux using Mono or Wine or you can install KeePassXC. KeePass and KeePassXC both use the same database format so you can copy your KeePass for Windows database to a Linux PC that is using KeePassXC, or vice versa.

  10. I could use a reality check on the one thing that has kept me from using a password manager:
    although I use a solid anti-virus program, because I must type my master password, isn’t it possible/probable that a “keylogger” can be downloaded without my knowledge and learn my master password? Of course, two factor may help, but isn’t this is potential fatal flaw?

    • It is possible, yes, but with good security HIGHLY UNLIKELY. There’s no such thing as perfect security. The benefits of using a password manager far outweigh the risk of this scenario. Besides, if you have a keylogger on your machine, it’ll log whatever regardless of how you type it in.

    • I use Keepass (have for years and years). It allows one to enter the master password via “Secure Desktop”. While that is not foolproof against a keylogger it is some protection. In addition, Keepass also allows one to use a key file with the master password so one has to have the file “in hand” . A 2FA protection. Keepass also allows one to tie the use of the password database ONLY with one specific Windows account but obviously this limits its cross-machine/device capabilities. Keepass uses auto-type when signing into one of your accounts which is vulnerable to a keylogger but Keepass allows the use of Two-Channel Auto-Type Obfuscation (TCATO) which interjects or simulates randomly split characters between parts of the passwords. Very powerful and easy to set up with just a click of an option in each password entry. There are just so many features in Keepass but it does have a learning curve.

  11. I use the password manager on my iPhone that is associated with my Apple ID. Any comments on the integrity of this password manager would be appreciated. Please let’s not start an Apple vs Windows discussion.

  12. Suppose I get and set up a password manager. Then suppose I lose the master password and can’t remember it. In that situation, would the passwords that I used before having a password manager still be operable on the websites that I frequent?

    • Your current password for a service is your current password for that service, regardless of how you remember it. So if you never changed the password, then yes, the old password would still be the same password. If you changed it after you start using a password manager, then, no, the old password isn’t your password any more. You can recover account access with “I forgot my password” or equivalent when you attempt to sign in.

  13. Have used Dashlane for some time with no complaints. I am not that great with this computer thing and am too much “over the hill” to adjust to any other PW manager.

  14. That very thing happened to me. I couldn’t remember the master password, no how, no way.

    My son couldn’t help me. I spent weeks and weeks trying to remember it. Then one day I saw it. On my cellphone. Boom, I was in and I have now recovered from a nasty mess. I now keep it on a secured device should I experience a similar event. Plus on my sons computer… just in case of loss of phone.

  15. @Jerry Chrome, Edge and Firefox all have password managers. The passwords are not encrypted and can be easily copied by malware, hackers that get to your device or even folks you let use your device.

    Even worse, if you create a google, firefox or microsoft account those passwords get stored to your account (so they can be used on other devices) you own. Many folks create those accounts to share their bookmarks and favorites — but saved passwords are part of the deal.

    I assume the data in your account at Google or Microsoft or Firefox is encrypted, I just can’t say for sure how safe that is. Most password managers encrypt the data on your device before sending it to your cloud account (and vice versa). Also most password managers cannot help you if you forget your master password — there are no back doors. I can’t say the same is true for the browser accounts. Might be something Leo may be interested in checking out.

  16. I have Lastpass but very rarely use it. Seems easier to let Google save my passwords so I can log in pretty easy. I would rather use Lastpass but the setup of each site I go to is time consuming and then if I go back to that site I have to go thru Lastpass. I am probably using it wrong and have watched a few Youtube vids which helped some but not to where it made sense to me. I may look at another p/w manager for ease of use. Recommendations please!

    So, Leo, how about a Youtube vid from you showing how to set up and use Lastpass?? Would that be possible? I’m sure it would be appreciated!


  17. There’s an alternative that isn’t included here, but I want to mention because it’s so good. I’ve been using a program called Safe in Cloud ( for nearly 10 years now. It started as a mobile app and now is available in Windows and iOS with integration across devices (as well as extension for Edge, Chrome, and Firefox browsers). I find Safe in Cloud to be the most useful of all password managers I’ve tried, because it has so many customizable templates, so I can create a “card” to suit every need. I use Safe in Cloud app to store any information that I need to remember but don’t want any other eyes to see, including photos of things like Driver’s License and insurance cards (so I have access to this info even when I don’t have my wallet with me). Everything is encrypted and can only be unlocked with the master password.

  18. I’m convinced, in no short measure due to you, Leo, that I should get a password manager. In reading up on a number of them, it seemed there was a lot of upside to Last Pass. However, as one of the commentators on this article pointed out, he needed help in how to navigate the program. One of the downsides was the lack of or at least inadequacy of support. Apparently, even with a premium account, you can’t get on the phone and speak with a live person. I’d be interested in your thoughts on this, Leo.

  19. Dashlane for me, I used Lastpass some years ago, it was OK, but something I don’t remember what annoyed me, so I tried a highly rated Roboform, a disaster. It kept trying to take control of my logins, entering irrelevant passwords, plus other stuff that wasn’t intuitive so I binned it. Then Dashlane came on the scene, it was simple, intuitive & customisable. The free version was limited to 1 machine, but as an early adopter I was offered a free upgrade to multiple machines, etc. And I’ve used it ever since. It’s currently generating 16 character alpha/num/special passwords on new sites, looks out for hacked sites compromising my passwords, and I can access my passwords on any of my 5 devices. Can’t ask for more.

  20. I’ve been using Google Password Manager and I’ve been happy with it – easy to use and free. It doesn’t seem to be mentioned here so I wondered why it doesn’t get even close to the favorites list? Your article does make me think I should find out more about it (storage, etc) but again, simply using any password manager is better than not.

    Everything I do is tied to Google right now, it seems, so it made sense in that way. If I am convinced to switch, I wonder if all that password info is transferred or do I start over? Hmm, that sounds risky. If it isn’t obvious, I’m not an expert, just a casual user.

    I enjoy your newsletters even if I don’t understand everything!

    • The Google password manager isn’t cross-browser compatible. It only works across Google Chrome browsers and Android devices. If that’s all you use, it might be sufficient. Most browsers save passwords. We are mainly concerned about cross-browser password managers.

  21. Just before this LastPass disaster, I resubscribed to LastPass. Not wanting to have spent that money in vain, I’ve stuck with LastPass. It’s still working and I have till next Sept to decide whether to switch to 1Password.
    I’m not even sure if dropping LastPass will protect my privacy unless I change all my passwords because they may still keep my vault on their servers forever or at least a long time.

  22. The example in the stock photo is probably outdated. It shows a 10 character password with no special characters as a good example. Nowadays, 14 characters is a reasonable minimum. 14 characters with letters and numbers is still good.

  23. My highest recommendation regardless which password manager program you use ….
    activate the available 2-step verification security option.
    This feature will help secure your account and precious passwords.
    If you have not done this mandatory security step then do it right now before it is too late.

  24. How can I share a password vault with my wife? We share the list of passwords, but have two separate cell phones, so how do we direct the the two factor authentication (2FA) test message to the correct person each time we log into a secure/password required account (bank, credit card, etc.). Thank you.

    • Password vaults and 2FA are two different things. You can both install and use the same vault on all your devices (assuming the vault supports multiple devices).

      2FA is more challenging. There are techniques. The easiest is, perhaps, to use Authy, and install that on both devices as well.

  25. I have used Roboform for years, grown with it, so to speak, therefore finding it easy to use. It is on three computers and four mobile devices in our household. Google, Safari, Android. no problemo. Very easy to generate and set up ironclad passwords. However! In it’s evolution, the autofill function when a site asks for username and password is uneven, and often maddening in that it seems unable to sense “I need to fill in the blanks”. I have to copy and paste. And, our stored home address info will not autofill forms, period. My question is, after all these years, how screwy will things get if I switch? Do all my passwords in Robo’s file structure transfer, or must I start over? Do Password Managers generally have issues with different sites input procedures, so that other Password Managers also fail to autofill? I don’t want to switch if other PMs are somewhat uneven?

  26. None of us here has never had an email address, but we are darned happy with Roboform. It works just fine and securely. I imagine that many of the other big name password managers have snazzier interfaces, but Roboform does the job inexpensively on all our devices, desktop computers, phones, laptops — with great synchronization. Actually it’s refreshing to see password manager reviewers mentioning Roboform again, whether it’s Leo, PCWorld, CNet, etc. Roboform has evolved a bit and the only time I needed support in many years we’ve usesd it, they came through with flying colors. It’s major drawback is that it is difficult to switch to another password manager — no surprise there.

  27. I still use LastPass and am definitely looking to make a change. Thanks, Leo and Mark, for the excellent information. I’ve been resisting using two factor authentication because I travel frequently to other countries and sometimes don’t have good cell phone service or TMobile service isn’t free. I sometimes even use a sim card purchased at the airport (meaning I don’t have the same phone number as in the US). But it worries me not to have 2FA. I’ve thought about using it the majority of the time while in the US, but turning it off when traveling abroad. And finally, what happens if I lose my cell phone or it gets destroyed. And if I use biometric 2FA, how does that work on my laptop or desktop computer?

    • I recommend using Google-Authenticator compatible 2FA, which requires no internet. I also recommend using Authy as the (compatible) code generator, and installing it on more than one device.

  28. I’m another Bob using Roboform Pro. I have a lifetime membership and have used it for many years with no problem. I store thousands of passwords in it. It works with multiple browsers and on all my computers. I have tried others such as 1Password, Lastpass, and Dashline but always gone back to Roboform.

  29. Thank you again Leo. I’ve been using LastPass for my 600 or so passwords. I changed my financial and health care passwords after the breach, but I’m ready to ditch LastPass. I’m thinking of switching to Dashlane. No particular reason though.
    One thing I’d like to see in reviews are multiple screenshots of the interfaces for each recommendation. I’ve seen a few screenshots in my database trade journals regarding password managers, but nothing jumps out at me as the perfect one. I know many people like a clean interface with widely spaced clickable option links, but I’m “old schooled”. I don’t mind a cluttered interface and drop-down boxes. Matter of fact, I still enjoy DOS. Maybe I’ll just have to download a new password manager and see how it feels. After all, if something is not easy to use, you’re not going to use it.

  30. I’d guess that I use Dashlane plus a Day Runner with alphabetic tabs where I write the “login” and its “Password” just incase Dashlane dies – kind of a “belt and suspenders” approach!

    • Having you passwords on paper can be risky unless you keep it in a safe place, preferably a safe. If someone gets a hold of it, all your logins are compromised. I, periodically, save my vault using the export function of my password manager and encrypt that with a strong password. It’s backed up with my system and incremental backups. Your password vault is, in many cases, the most important file you have. If you lose it you lose access to a great part of your digital life, and if someone gets access to it, they can make your life hell.

  31. I’m using LastPass because I am too lazy to change and because I have set it up to give my executor emergency access. Once inside via emergency access, the secure notes give a pathway to where our will is located, how to get into our house, etc., etc. Do any of these other programs provide the same feature?

  32. I’ve been using LastPass for years, based on Leo’s old recommendation. Prior to that, I used a password-protected excel spreadsheet that I emailed to myself every quarter so that it was accessible outside of my PC. I also sent a copy (but no password) to my ex, and half the password to each of my kids – just in case. LOL. After the last breach, I changed a bunch of passwords and updated said spreadsheet, so now they mostly match. And added the password to the spreadsheet to secure notes on LP. Hopefully the new recommendations include what Dave asked about right before this post.

  33. I have been using Dashlane for years and like it. When I’ve had a problem, which is rare, they have been very helpful. When I originally signed up I had an AOL email. When I bought the paid program I had changed to gmail and that caused some confusion when I went to install it on a new lap top. My paid program was tied to gmail and I was trying to use AOL. I was impressed with how quickly their agent resolved the issue. The only negative is that it doesn’t work well with Edge which is my least favorite. I like and use Chrome the most. It does work on my Iphone.

  34. My wife’s LastPass membership ran out so I had her try 1Password in the free trial. She said she didn’t like it vs LastPass. I have also noticed that something happened to LastPass’s user interface in the last few weeks and it is going downhill. And all the negative press they are getting. My LastPass membership doesn’t run out until November, but maybe I need to check out the 1Password trial now.

    I’m also disappointed LastPass, with all the negative press, and the new poor user interface, hasn’t offered something to existing customers.

  35. I am only commenting to prove Leo correct.
    I have been using Sticky Password for years across mobiles and PC/Laptops.
    It does not appear to get a mention but I am a lifetime member £17 back in the day after trialling the free version for about a year, and it works great me. I was a Roboform user before that but I found the free version available at that time very limiting.
    It does everything I want and sounds very similar to “SafeInThe Cloud” with very similar options.
    Anyway, works for me, so unlikely to change despite other recommendations.

  36. Many years ago, Leo recommended the use of Roboform. I adopted it and have been using it ever since. However it is now a bit dated and “clunky” to use an earlier writers term. I am happy to make a switch, but am puzzled as to how that is to be done.
    I have several hundred passwords. Would I have to enter every site using Robo then delete the PW and enter another using the new manager?

    • One of the reasons I left Roboform years ago is because they had no export functionality at that time. I’m told they do now, so theoretically you would export everything from Roboform and import it into your replacement.

  37. There’s really no such thing as a best password manage. As with many things: programs, hardware, and even cars, there’s no best. Most do the same basic things and the best is the one that works best for your needs.
    If there were a best, the article would list only one password manager. And any password manager listed here, or not listed, is the most appropriate for someone.

  38. One very important point to note, whatever password manager you use, (contrary to the usual advice) is to write down your master password and give it (in a sealed envelope maybe) to your partner or trusted family member so they can gain access to your accounts and other records if you are indisposed through illness or death. As has been mentioned earlier, the password manager site owners cannot usually get access to your master password in any circumstances.

  39. I was frustrated with LastPass, and tried your choice, but the importing was not good. tried more than once and followed their instructions carefully. in many cases notes failed to transfer either totally or partially

  40. Tried to switch to 1password, from lastpass. however, my notes would not transfer. tried more than once. tried 1password support, they were worthless [certainly not saying lastpass support is good]. was not a problem with lastpass, as i looked at the exported file, and the notes within some of my passwords were there.

  41. How do you rate Proton Pass? As a ProtonMail user, I just received the information about this tool. Right now I’m using 1Password, before I used LastPass. Is it worth to change?

    • I have not yet played with ProtonPass, but it’s available to me through my subscription. While I trust Proton a great deal, I’d like to see it garner more of a track record before I would really consider it.

  42. I believe that all – if not nearly all – people on here are w-a-y more computer literate that I am, or at least on password managers. I downloaned 1Password and tried to understand how to use it to protect myself. I have NO idea why but, after a couple of weeks attempting to get everything to work, I gave up and cancelled. It may be asking too much but if it possible to get a step-by-step grammer school explanation on how to get it working? I attempted to watch videos, read everything I could find and still couldn’t do it. I’m pretty sure I’m not completely ignorant but, after this, I certainly feel like it.

  43. I was a long-time user of Last Pass, and switched to Bit Warden after LP’s debacle and after reading Leo’s (and other) reviews. I imported my data into BW, and I changed all of my PWs that were on LP to avoid problems if my vault were compromised. Anyway, I believe Leo wrote a course for how to set-up and use 1Password. I don’t remember the cost, but what is your peace of mind and security worth? Infinitely more than whatever you pay for the course! Good luck.


Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.