Close Menu
  • Tech Insights
  • Laptops
  • Mobiles
  • Gaming
  • Apps
  • Money
  • Latest in Tech
Facebook X (Twitter) Instagram
Facebook X (Twitter) Instagram
TechzLab – Tech News, Gadgets, Mobile & IT UpdatesTechzLab – Tech News, Gadgets, Mobile & IT Updates
  • Tech Insights
  • Laptops
  • Mobiles
  • Gaming
  • Apps
  • Money
  • Latest in Tech
TechzLab – Tech News, Gadgets, Mobile & IT UpdatesTechzLab – Tech News, Gadgets, Mobile & IT Updates
Home » Are Password Managers Safe to Use? (Benefits, Risks & Best Practices)
Tech Insights

Are Password Managers Safe to Use? (Benefits, Risks & Best Practices)

adminBy adminOctober 15, 2024No Comments9 Mins Read
Facebook Twitter Pinterest LinkedIn Tumblr Email
Share
Facebook Twitter LinkedIn Pinterest Email

Yes. Password managers are a safer way to manage and secure passwords than any other approach. They may not be perfect, but what are the alternatives — posting notes on computer screens, keeping a file of passwords saved on your desktop, using the same two or three passwords over and over with variations, or sticking to default passwords like “admin” or “1234”?

Hackers love those who use these methods, as they are easier to crack than the complex and random passwords generated by password managers. Think about all the movies where the person wanting to access a computer uses a date of birth or favorite sports teams to crack a login.

That isn’t to say that password managers don’t have frailties. Once you know the master password, you can access all associated accounts. But adherence to best practices such as adding two-factor authentication can minimize those risks.

Dashlane

Employees per Company Size

Micro (0-49), Small (50-249), Medium (250-999), Large (1,000-4,999), Enterprise (5,000+)

Micro (0-49 Employees), Small (50-249 Employees), Medium (250-999 Employees), Large (1,000-4,999 Employees), Enterprise (5,000+ Employees)
Micro, Small, Medium, Large, Enterprise

Features

Automated Provisioning

ManageEngine ADSelfService Plus

Employees per Company Size

Micro (0-49), Small (50-249), Medium (250-999), Large (1,000-4,999), Enterprise (5,000+)

Any Company Size
Any Company Size

Features

Access Management, Compliance Management, Credential Management, and more

How do password managers work?

A password manager is basically an app or vault that stores your passwords, so there is no need to remember them. The user simply logs into the password manager using a master password. Once unlocked, the password manager app uses the passwords stored in its encrypted vault to access all other user accounts. For account setups or first-time logins, the password manager generates long and complex passwords for each site or application and enters them into websites and apps automatically.

Those using password managers are advised to turn on and always use two-factor authentication. With that on, a criminal who knows the master password won’t be able to access user data and logins as they can’t provide the code or biometric input called for in 2FA. Additionally, password manager users should create a strong password as the master — one they can easily remember but is long enough and has a variation of upper and lowercase letters, symbols, and numbers to thwart hackers.

Creating a master password in Keeper.
Creating a master password in Keeper. Image: Keeper

Once you purchase a password manager, it needs to be downloaded onto your computer and/or mobile device. You’re walked through the stages of setting a master password, activating 2FA and choosing the best authentication method, adding password extensions to browsers, and logging in to your various accounts to change existing passwords. The changed passwords are generated by the password manager, encrypted, and stored in its secure vault.

SEE: Best Password Managers Built for Teams (TechRepublic)

For readers interested in a video version of this explainer, I highly encourage you to check out our Password Managers 101 feature available now on the official TechRepublic YouTube channel.

There, we cover the different features and advantages you get with password managers, what kind of businesses or individuals can benefit from these products, and some best practices you should follow with password manager solutions.

Types of password managers

1Password Watchtower password health feature.
1Password Watchtower password health feature. Image: 1Password

There are several types of password manager: cloud-based (online), offline, and stateless. There are gray areas between them, and some vendors offer products that span two of these categories. Further ways of differentiating relate to how well suited the various solutions are to certain platforms and operating systems, such as MacOS. Nevertheless, these three broad categories cover most of the ground.

Cloud-based password managers

Cloud-based password managers are also known as online password managers. All passwords are stored in the cloud, typically on the provider’s server. Some free and cheap consumer password managers lack the full range of security safeguards. They may have weak or no encryption, no 2FA, and their password vaults may lack enterprise-class protection features. The best ones use a zero-knowledge approach whereby user data is encrypted before the user sends it to the provider’s network.

Dashlane desktop application.
Dashlane desktop application. Image: Dashlane

SEE: LastPass Review 2024: Is it Still Safe and Reliable? (TechRepublic)

Security duties are split between the cloud provider and the user. The provider ensures that its systems can’t be accessed by outside prying and unauthorized eyes. It provides encryption capabilities to protect that data. However, it is up to the user to prevent compromise of master passwords, to take steps to avoid being infected by a keylogger, and to keep 2FA turned on and secure.

1Password, Dashlane, and Keeper are password managers offering cloud-based services.

Pros

  • Access your password vault from any device anywhere.
  • Convenient and user-friendly.
  • Built in random password generator.
  • Passwords are synchronized across all devices.

Cons

  • Vault is available for access attempts to third-parties.
  • Keylogger malware can be used to learn your master password.

SEE: Is Apple’s iCloud Keychain Safe? (TechRepublic)

Offline password managers

Offline password management solutions store passwords directly on the user device, whether that is a smartphone, PC, or laptop. They are stored locally in an encrypted vault. There is no reliance on external servers to manage and store passwords.

Enpass vault on desktop.
Enpass vault on desktop. Image: Enpass

Enpass and KeePass are good examples of offline password managers. These tools offer offline password management; passwords are stored offline in a secure and encrypted vault and a master password is needed to log in.

Pros

  • Lowers the risk of external actors breaching a password vault.
  • Passwords are inaccessible from any other device unless synchronized with the main device.
  • A higher level of control and privacy away from public networks.
  • Access anytime, even without Wi-Fi.

Cons

  • Requires regular back-ups.
  • Doesn’t seamlessly sync between multiple mobile devices.
  • If you lose the device, you lose the vault.

SEE: Why Your Business Needs Cybersecurity Awareness Training (TechRepublic Premium)

Stateless password managers

Stateless password managers (aka token-based) generate a unique password for each website or service rather than storing passwords directly. The generated passwords depend on a master password and an identifier or token such as a USB key, a code generated by an authenticator, or a text-based code for a mobile phone. Google Titan Security Key and Dashlane use this approach. To use these stateless solutions, there’s no need for synchronization between devices as there is no database or vault to access.

Pros

  • Credentials are stored on a separate device.
  • No need to sync different devices.
  • Hackers have no vault or known password to crack.

Cons

  • If you lose your device, you lose your access.
  • This method usually requires proprietary hardware and software.

Are free password managers safe?

There are many free password managers out — including KeePass, Bitwarden, RoboForm, and other open-source options.

There are also browser-based password managers that are integrated tightly into a specific browser. While convenient and easy to use, it may not be as easy to access passwords stored in one browser password manager from another. Also, once a hacker gains access to a device, they can access all passwords as the browser assumes that the user is authorized.

SEE: Best Free Password Managers (TechRepublic)

Bitwarden’s browser extension.
Bitwarden’s browser extension. Image: Bitwarden

Free password managers are largely designed for the individual or family user, though some may work for small businesses. But they each suffer due to limited security features, lack of enterprise functionality, and limitations on the number of users. Anyone dealing with sensitive information or operating in a business environment is advised to opt for a business-class password manager.

Is it worth paying for a password manager?

Yes, password managers are worth paying for. In a world where data breaches can cost businesses millions of dollars, having dedicated software designed to protect and store your passwords is a bargain.

One good thing about the password manager space is the variety. There are a number of solutions that can accommodate different budgets and feature requirements. If you need a cloud-based solution, there are quality picks for you. If an offline password manager is your preferred choice, strong providers are also available.

While password managers are not perfect, they significantly increase your passwords and credentials’ overall defense against threat actors and hackers. With this in mind, I find that a quality password manager service is well worth the spend.

Safest password managers for 2024

Here are some of our top picks when it comes to the safest password managers around that work well for individuals, small teams, and large enterprises.

ManageEngine logo.
Image: ManageEngine

ManageEngine Password Manager Pro includes a secure vault, robust access controls, secure remote locations, and periodic password rotation.

Norton logo
Image: Norton

Norton Password Manager features 256-bit AES encryption, TLS secure connections, and local data encryption.

Dashlane logo.
Image: Dashlane

Dashlane offers a patented security architecture and AES 256-bit encryption, as well as unlimited password sharing and dark web monitoring.

1Password logo.
Image: 1Password

1Password features single sign-on, streamlined provisioning, customization of policy management, and a Secrets Automation tool.

Keeper logo.
Image: Keeper

Keeper features 2FA, an encrypted vault, biometric login, as well as a single sign-on option in its advanced tier.

Bitwarden logo.
Image: Bitwarden

Bitwarden can generate, consolidate, and autofill strong and secure passwords for all accounts, create and manage unique passwords and passkeys, and securely share encrypted information directly.

Password management best practices

Password managerseliminate much of the risk inherent in operating online. But not all of it. Here are some best practices that can strengthen security and minimize the chances of a breach.

Use multi-factor authentication

MFA should be implemented in conjunction with password management software to ensure safety and overall security. By adding an extra step once the master password is entered, such as a biometric, authenticator, or text-based code that needs to be entered, hackers will find it extremely difficult to gain access even if they know the master password.

Implement device security

Some password managers use a fob or USB stick to access passwords. Others require a master password. But the device itself should be independently secured. Ensure a password or biometric is needed to open a device and set it up to automatically lock after a few minutes of inactivity.

Keep master passwords secure

All the benefits of a password manager can be undone if the user writes down the master password on a sticky note or shares it with others. Keep your master password safe.

Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
admin
  • Website

Related Posts

Anthropic signs multi-billion dollar Google deal that gives it access to a million TPUs

October 24, 2025

Ultra thin laptops that provide the right balance of portability and performance: Top 10 picks for everyday use

October 23, 2025

Champions League Soccer: Livestream Real Madrid vs. Juventus Live From Anywhere

October 22, 2025

Comments are closed.

Latest
  • The Apple MacBook Air 13-inch (M4) is our laptop of the year – here’s why the likes of Dell, Microsoft and HP just could not compete October 24, 2025
  • How to use the new ChatGPT app integrations, including Spotify, Figma, Canva, and others | TechCrunch October 24, 2025
  • FC 26 Ultimate Scream Team 1 lands with Low Driven+ Vini Jr and other scary-looking upgraded cards October 24, 2025
  • Verizon is back with a FREE Samsung Galaxy S25 when you add a line on select plans October 24, 2025
  • I can’t believe Samsung and Apple made the same XR mistake when Meta already solved it over half a decade ago October 24, 2025
We are social
  • Facebook
  • Twitter
  • Pinterest
  • Instagram
  • YouTube
  • Vimeo

Subscribe to Updates

Get the latest creative news from Techzlab.

Tags
AI ai coding AI research Anthropic Apple artificial intelligence ChatGPT critical minerals cybersecurity data centers defense tech doge Donald Trump electric vehicles Elon Musk evergreens EVs Exclusive Google Grok In Brief iPhone Meta Microsoft nvidia Openai Perplexity Pinterest renewable power robotics Scales to siri slate auto social media Solar Power SpaceX Spotify TechCrunch All Stage TechCrunch All Stage 2025 TechCrunch Disrupt TechCrunch Disrupt 2025 Tesla Tiktok Trump Administration YouTube
Archives
Quick Link
  • Apps (315)
  • From the Editor (4)
  • Gaming (331)
  • Laptops (334)
  • Latest in Tech (329)
  • Mobiles (336)
  • Money (160)
  • Tech Insights (324)
Don't miss

Anthropic signs multi-billion dollar Google deal that gives it access to a million TPUs

October 24, 2025

Ultra thin laptops that provide the right balance of portability and performance: Top 10 picks for everyday use

October 23, 2025

Champions League Soccer: Livestream Real Madrid vs. Juventus Live From Anywhere

October 22, 2025
Follow us
  • Facebook
  • Twitter
  • Pinterest
  • Instagram
  • YouTube
  • Vimeo
© 2025 Techzlab.com Designed and Developed by WebExpert.
  • Home
  • From the Editor
  • Money
  • Privacy Policy
  • Contact

Type above and press Enter to search. Press Esc to cancel.