Maybe the topic is something you avoid, but passwords are that seemingly necessary evil we have to deal with on a daily basis. Security experts make recommendations that passwords need to be more secure, but the guidelines are complex and make your password end up looking like cartoon profanity: “#X@8*Hsb%R.” How do you remember that? It’s tough to strike a balance between complexity/security and memorability. A recent NPR story lamented the problems with password management and explored how people navigate the trade-offs between security and convenience. Most of us can admit to making easy passwords that include our birthdays or common words and reusing passwords even though security experts recommend otherwise.

Likewise, keeping track of multiple personal and work passwords can be a pain. A common solution for many people is to keep a list of their passwords written down or typed in a digital text document. But this solution is only as secure as the storage location of the document and the ability for someone to access the file, which usually equates to not being very secure. On the other hand, some people don’t have any password management solution other than relying on “Forgot your password?” to reset their passwords and continuously recovering them from email.

Enter digital password managers, a solution that allows for security and reduces the need for memorization. While not a universal solution, they can definitely simplify dealing with passwords and make using complex and secure passwords easier to handle. The basic premise is that you use one password to access a file or database with all of your passwords. The advantage is that you only have to memorize one complex password. The disadvantage is that if you forget that one password, you lose access to all of your passwords.

There are many password manager applications with their own sets of features and device compatibility. Some can be hosted on the cloud, while others can be strictly localized to your computer. Choosing one should be based on the flexibility and features that you need. Here are two popular password managers that we have tried:
 

LastPass

LastPass is a proprietary password manager based in the cloud. There is a free desktop browser version, but LastPass also offers paid premium and enterprise versions. These paid options give many more features and flexibility, including working across a wide range of operating systems and devices and syncing passwords across all devices.

Your passwords are stored on LastPass’ servers so they can be accessed from anywhere by the account user, including online from the LastPass website. To keep information secure, stored passwords are encrypted and decrypted locally on the user’s device using AES, the standard for encrypting and protecting private data. After the initial password is entered, LastPass fills in login forms automatically with the account information.

Conclusion: At the free level, LastPass works great for personal password management. It’s easy to use and its integration with browsers is helpful, but comes at the cost of leaving control of the storage location of the password database up to LastPass. Also, in order to access additional features that make it more flexible and business ready, you will need to pay for either the premium or enterprise version.

Check out LastPass.
 

KeePass

KeePass is a free open source password manager. Versions of KeePass have been created for many devices and operating systems thanks to its strong development community. KeePass also uses AES encryption to protect password data.

Unlike LastPass, which stores the password database on its own servers, KeePass gives you total control over the encrypted password database file. With KeePass, you have the ability to store the password database and database backups locally or on your own cloud server account with a service like Dropbox or Google Drive.

As the program administrator, you can easily split the password database file into subsets, allowing you to distribute edited versions of the password database to the users of your choice.

And while KeePass has some autofill options, they aren’t as convenient and integrated with the browser as in LastPass.

Conclusion: KeePass works better for businesses and individuals who desire more control over their passwords and how they are stored. It’s also for those who support open source software development or just want a free solution.

Check out KeePass.
 

Final Thoughts

KeePass is definitely not as polished looking as LastPass, but when compared to the free version of LastPass, KeePass wins on features and flexibility. If you are willing to pay for LastPass premium, you get access to more device support and features, not to mention having company support for troubleshooting that make LastPass a more polished and feature-rich solution then KeePass.