You have 100+ online accounts. You can't remember a unique strong password for each. So you reuse passwords, use weak ones, or use a system (favorite-pet-name + 123). All three habits get exploited regularly. The fix: a password manager. Here's why, how it works, and which to pick.

The problem password managers solve

  • You can't memorize unique 20-character passwords for every site.
  • Reusing passwords means one breach exposes many accounts.
  • Weak passwords get cracked.
  • Sticky notes and Excel files defeat the security entirely.

Password managers solve all four with one tool: generate strong unique passwords, store them encrypted, auto-fill them when needed.

How they work

  1. You set one strong master password (the only one to remember).
  2. The manager encrypts your password database with that master password.
  3. The encrypted database syncs across your devices via the manager's cloud.
  4. To log in to any site, you unlock the manager (master password or biometric), and it auto-fills the right credentials.

The encryption key is your master password. The provider can't decrypt your data — they store only the encrypted blob.

The security argument

Critics worry: "What if the password manager itself gets breached?"

This has happened (LastPass in 2022). But because data is encrypted with your master password, even a stolen database is useless to attackers — IF your master password is strong (16+ characters, unique).

The math: a single strong master password protecting 100 unique strong passwords beats 100 weak/reused passwords with no central protection.

Brand comparison: 1Password, Bitwarden, Dashlane

1Password: $36/year ($60 family plan).

  • Polished UI, excellent design.
  • Watchtower feature flags weak/reused passwords.
  • Travel Mode hides selected vaults at borders.
  • Excellent password sharing for families/teams.
  • Best overall for non-technical users.

Bitwarden: Free for personal, $10/year for premium.

  • Open-source — security can be independently audited.
  • Self-hosting option for paranoid users.
  • Free tier covers most personal use cases.
  • Less polished but capable.
  • Best for technical users and security-conscious folks.

Dashlane: $40/year ($60 family).

  • Built-in VPN (limited free tier).
  • Dark web monitoring.
  • Password health dashboard.
  • Slightly fewer features than 1Password but similar approach.

Honorable mentions: KeePass (offline, free, technical), iCloud Keychain (Apple-only, free, basic), LastPass (had a major breach in 2022; many users migrated away).

What a password manager does well

1. Generates strong passwords. Click "generate," get a 20-character random string. Site doesn't accept symbols? Adjust generation rules.

2. Auto-fills credentials. Browser extension recognizes the login form and offers to fill the right account.

3. Stores securely. AES-256 encryption with PBKDF2 key derivation. Stolen databases are useless without master password.

4. Syncs across devices. Same passwords on phone, laptop, tablet. New password on one device immediately available on others.

5. Audits your passwords. Dashboards show reused, weak, or breached passwords. Watchtower (1Password) and Health Reports (Bitwarden) flag issues.

6. Stores beyond passwords. Credit card numbers, secure notes, SSH keys, Wi-Fi passwords, software licenses.

7. Sharing. Family accounts let you share Netflix passwords without texting them around.

What about browser-built-in password managers?

Chrome, Safari, Firefox all have built-in password storage. They:

  • Are free and convenient.
  • Auto-fill within their browser.
  • Sync via your browser's account.

But:

  • Don't sync across browsers (Chrome on phone, Safari on Mac = mismatch).
  • Less feature-rich (no audits, weaker generation).
  • Vulnerable if browser profile is compromised.
  • Often don't share securely with family.

Browser managers are better than nothing. Dedicated password managers are noticeably better.

Setting up the master password

The single most-important password in your life:

  • 16+ characters minimum.
  • Memorable but not derived from personal info.
  • Use the passphrase approach: 4–5 random words.
  • Don't reuse it anywhere else.
  • Consider a printed backup in a fireproof safe.

Lose the master password and your data is gone forever. Most managers don't offer recovery — that's the security model.

Migrating to a password manager

  1. Sign up, install browser extension and mobile app.
  2. Set master password (carefully).
  3. Enable 2FA on the manager itself.
  4. Import existing passwords from browser (most have this feature).
  5. Over a few weeks, log in to your accounts and let the manager save them.
  6. Use the manager's "weak password" report to upgrade your worst credentials.
  7. Eventually, generate strong unique passwords for everything.

This is a 2–3 week project for a typical user, not a weekend.

Special considerations for shared accounts

Family Netflix, shared streaming services — password managers handle this gracefully. Family vaults let multiple people see the same password without exposing each other's personal credentials.

For business accounts shared with coworkers, business password managers (1Password Business, Bitwarden Teams) provide audit logs and revocable access.

What about passkeys?

Passkeys are a newer standard replacing passwords entirely with cryptographic keys stored in your password manager (or operating system). Passkeys are:

  • Phishing-resistant.
  • Easier to use (just biometric authentication).
  • Supported by Google, Apple, Microsoft, GitHub, and growing list of sites.

1Password, Bitwarden, and Dashlane all support passkeys now. Use them where available; passwords where not.

Generate yours

Our password strength checker shows the entropy and estimated crack time for any password length and character set. Use it to set your master password, then trust the password manager for everything else.