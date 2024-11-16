When you're on the hunt for the best password manager for your needs, it can be tricky as there are tons of options these days. If you're new to using a password manager, you might not know what features you want or if the service you are looking at is trustworthy enough to hold your secrets. They don't only hold your online login details for your accounts; many can now securely store other sensitive information, like credit card details or identity cards. The best options work where you are, so they have apps for your computer, your browser, and your mobile devices. And it's highly desirable if they use end-to-end encryption on every piece of data they store, including URLs and other information related to your logins.

I've used many of the password managers available, from the inbuilt Google Chrome manager to the iOS keychain and multiple paid services. Currently, I'm using Proton Pass, and the more I use it, the more I think I'll keep on using it. That's because it has advanced features that many other services require you to subscribe to use, apps for all of my devices, and a zero-trust architecture, so the company can't see any of my data.

5 Passkey support

The best password is the one you don't have to type

One of the more exciting innovations in security lately is passkeys, which are essentially digital versions of your house keys that can be used to access the accounts they're created for. They replace your password on any service that supports them, making your accounts inherently more secure. They also can't be phished, as they only work on the device you created them on to log into the website you created them for. Even if a website is breached, the hacker only gets half of the code needed to hack into your account, and since it's unlikely they'll get physical access to your computer or phone, you're protected.

I'd go as far as saying you shouldn't use any password manager that doesn't support passkeys, as they make everyone safer. They're also easier to use, as it's a single-click prompt to log into the website or app you want, instead of having to insert your password into the relevant field. And even if someone does get your physical device, they will need a second layer of security to use it, which is often tied to your biometrics.

4 End-to-end encryption

Nobody should be able to see your passwords at any time

Most people will want a password manager that can be used on every device, which means the password vault needs to be stored in the cloud. However, that carries an inherent risk, as the companies that make password managers are prime targets for hackers, cybercriminals, and internal threats from employees. Proton Pass mitigates this by using end-to-end encryption on all input fields, including the username, web address, and anything else you enter for storage.

That's important to know because some password managers only encrypt the password. If an attacker gets hold of your vault, they could build up a profile of you from the URLs where you have accounts. Plus, they'd know the email addresses you use on those accounts, so they could use password-stuffing attacks on you. With Proton Pass encrypting everything with a strong bcrypt password hashing process, the only person who can see any of your data is you, unlocked by your master password. That also stops any employee from being able to see your data, so you know you're protected.

3 Identity protection

You can create hide-my-email aliases for every site or service

We always recommend using unique passwords for every online service, but that's only part of your login details. Most services also need your email address, which means part of your identity is already known, just as if you had entered your home address. With the average person having around 100 online accounts, if even one gets breached, that's your email in the wrong hands. So what's the fix here? If you're an Apple device user, you might know that iCloud+ subscriptions come with a feature called Hide My Email, which uses iCloud to give you email aliases to use for your logins. That means you can have a unique email for every service, so if you find your email in a breach, you know exactly which service it was from.

Proton Pass also has this feature, and you can create hide-my-email aliases at the same time as you create a unique password. Use that alias as your login for that service, and if you start getting phishing or spam emails, you'll know which service got popped and leaked your data. Plus, you can disable the alias and create a new one, which is something you can't do with your main email address. The last benefit is that, because the alias sits between your accounts and your main email inbox, it filters out trackers and other marketing or advertising tools before you see the email. That keeps you safer by default, and that's no small thing.

2 It's free to start

Every feature is free, with some limits on email aliases and 2FA logins

Close

While many password managers have free tiers, they often lock the advanced features behind a subscription paywall. Maybe the thinking is that once you've migrated your passwords across, you won't want to go through the effort to go to another service, but it's not a consumer-friendly practice. Proton Pass does things differently, with almost every advanced feature available to users on the free tier. That means you can use 2FA logins and hide-my-email aliases from the start, with a restriction on the number of times you can use them. You also get unlimited logins and encrypted notes, something that other providers limit.

Many users might find they only need that many, so they won't need to upgrade to the paid tier. But the subscription is only $4 a month if you want it, or it's included for free as part of the Proton Unlimited, Business, Visionary, or Family plans. The only feature that's limited to subscribers is extra vaults, to organize your logins. Maybe you want to keep work and personal logins separate or group them in other ways, like having a vault for finances, one for social media, etc. You also get unlimited 2FA logins and hide-my-email aliases on the paid plan.

1 Breach and dark web monitoring

Know when your passwords are popped so you can change them

Keeping your passwords safe in storage is the bare minimum any password manager should do, but that's only part of the equation when it comes to the security of your accounts. Every website or service you access with a login also keeps your login details, and if you read the tech news, you already know that websites get breached all the time. This is why it's important to use good practices for your accounts, like using a unique username and password for each, and part of why you should be using a password manager in the first place.

The better password managers check for reused credentials in your vault or weak passwords that would be easy to crack. That way, you can improve the security of all your accounts and be safer online. Proton Pass does this for free, but it also has extra dark web monitoring for paid users. Additional monitoring checks for breached data being sold on the dark web and will let you know if a wide variety of your personal information is being shared. The list includes email addresses, usernames, passwords, and phone numbers, but it also flags addresses you've lived at, government IDs, and medical and financial details.

Proton Pass is fast becoming my favorite password manager, and I think it could be yours, too

I've used many password managers over the years, with 1Password being my favorite until now. Proton Pass has won me over, and I'm going to be fully migrating all my passwords to it. The zero-trust architecture is my favorite feature, because I don't like the idea of anyone but me being able to read my data. But that's the tip of the iceberg in terms of privacy-focused features that Proton has included in their password manager, from email aliases, so a breach doesn't mean hackers have the email address I use elsewhere to 2FA, so I only need one app to secure my accounts.