 Yes, a password like '123456' is easy to remember, but it's equally easy to guess. Or hack. Here are seven top-rated free apps so you can forever abandon those weak passwords.
Yes, a password like '123456' is easy to remember, but it's equally easy to guess. Or hack. Here are seven top-rated free apps so you can forever abandon those weak passwords.
By Neil J. Rubenking, PC Magazine, January 5, 2016
If you use passwords that are easy to remember, sooner or later someone is going to guess them. If you used that same awful password for lots of sites, one successful hack (or guess) compromises your sensitive data on all of those sites at once. And if one of those compromised sites was your email account, the hacker can click the password reset link on other sites to take them over as well, incidentally locking you out of your accounts on those sites. Pretty bad, right? If you're using lame passwords like 'password' or '123456', you're asking for trouble. Enlist the help of a password manager and use it to change all your logins to crazy-tough passwords like 'GxYdR[{9gDf-Gza]' or 'nv"s':iJ8-pB}'ZE'. Hey, you don't have to remember the password, so it can be long and strong.
What's that you say? You can't afford to buy yet another security tool? In truth, you can't afford not to. The potential hit, financial and otherwise, that could result from using weak passwords could cost you plenty. Never fear: You can get full-featured, high-powered password management for a net outlay of exactly zero dollars.
Basic Features
 Your typical password manager integrates with the browser and captures the username and password when you log in to a secure site. Occasionally, you'll find one that doesn't automate password capture and replay, but these may have other virtues, such as filling in passwords for secure applications, not just webpages.
The best password managers capture your credentials during account creation; when you change your password online, they offer to update the stored password for that site. Of course, password capture only works if the password manager recognizes that you're logging in to a secure site, so non-standard login pages can cause trouble. Some products cleverly solve this problem by letting you manually capture all data fields on a page. Others actively analyze popular secure sites whose login pages don't fit the norm, creating scripts to handle each site's oddball login process.
See Our Top Paid Password Managers
When you revisit a site for which you've saved credentials, most password managers automatically fill the saved data, offering a menu if you've saved more than one set of credentials. Another handy (and common) feature is a browser toolbar menu of available logins, so that with one click you can navigate to a site and log in. One great thing about free password managers is that you can try several and find out which one you like best. If you're thinking of making such a survey, look for products that can import from other password managers. Otherwise, you'll have to go through the password capture process over and over for each candidate.
Advanced Features
 The point of adding a password manager to your security arsenal is to replace your weak and duplicate passwords with strong, unguessable passwords. But where do you get those strong passwords? Most password managers can generate strong passwords for you; many let you take control of things like password length, and which character sets will be used. The very best ones offer a password strength report that eases the process of identifying and fixing poor passwords. A very few can even automate the password-change process.
Filling in usernames and passwords automatically isn't so different from filling other sorts of data in Web forms. Many commercial password managers take advantage of this similarity and thereby streamline the process of filling forms with personal data. Not many free password managers offer this feature.
When you put all of your passwords into one repository, you had better be really, really careful to protect that repository. Yes, your master password should be as strong as possible, but you really need two-factor authentication to foil any possible hack attack. Two-factor authentication could be biometric, requiring a fingerprint, facial recognition, or even voice recognition. Some password managers rely on Google Authenticator or apps that emulate Google Authenticator; others can be configured to require an authentication code texted to your smartphone. Allowing access only from registered, trusted devices is yet another form of two-factor authentication.
Speaking of smartphones, many of us are just as likely to log into a secure site from a mobile device as from a desktop computer. If that describes you, look for a password manager that can sync your credentials between your desktop and the mobile devices that you use. Note, though, that in some cases you'll have to pay to extend protection to mobile devices.
In addition to using your passwords on multiple devices, you may find you want to share certain logins with other users. Not all free password managers support secure sharing; many of those that do allow you to share the login without making the password visible. A very few let you define an inheritor for your passwords, someone who will receive them in the event of your demise.
 Free Editions of Paid Programs
Free Editions of Paid Programs
 If you're willing to give up a little something, you can use many commercial password managers for free. If you see a paid password manager with features you like, check out its conditions. You may be able to get it without paying. For example, some companies let you use all the features of their product for free as long as you give up syncing across multiple devices.
Another common tactic is to let you use the product for free, but limit the number of passwords you can store. The limit for free usage tends to range between about five and 15 passwords. If you can stick to that, you needn't pay. If not, the company will happily accept your payment for upgrading to the paid edition.
Editors' Choice
 Our Editors' Choice products in the free password manager area are LastPass 4.0 and LogMeOnce Password Management Suite Premium. Both offer a breadth of features just not found in the free competition.
