Privacy Canada is community-supported. We may earn a commission when make a purchase through one of our links. Learn more.
One of the most common pieces of advice often given out regarding basic account security is to not re-use passwords across different services. Using a single password across several of your different accounts means that only one service needs to be compromised, or one slip up on your part, for access to all of the services you use to be compromised.
Ever since this practice of using single or small set of passwords became commonplace (primarily for ease of memory more than anything else) it’s basically common knowledge for those wishing to exploit hijacked passwords is to try them across all the services they reasonably can. It takes a hacker or identity theft only a few minutes to try out a dozen different services to see if you’re using the same compromised passwords across them – and usernames or email addresses are usually easy enough to guess (which is fine, as they’re not supposed to be secret).
Thankfully, there is now software available to memorize your different passwords for you – these are called password managers. They work by instead requiring you to have a single, very strong password. With this one password, you locally encrypt a database of different passwords (which can be randomly generated) that you use across various services.
This way, you have a unique password wherever a password is required – but you only remember a single, master password. While this isn’t as perfect as simply memorizing uniquely strong passwords, as if both your master password and your password manager database are compromised you once again face the problem of multiple services being compromised. However, it is a significant step up from using weak or non-unique passwords, and the odds of your master password and database being compromised is generally very low.
LastPass is one of the most popular password managers, featuring browser extensions with autofill, mobile applications for your phone, and two factor authentication. LastPass is free to use on all devices, with no major restrictions. LastPass Premium costs $24/year, which includes customer support, encrypted file storage, and two factor authentication. LastPass was one of the first major password managers, and since offering the majority of it’s service for free it’s maintained that position.
Dashlane has a similar feature set as LastPass but is frequently praised for it’s intuitive interface. It’s also free to use but without syncing, with Dashlane Premium to allow syncing between devices costing $40/year.
Keepass is a 100% free and open source password manager. It doesn’t automatically sync between devices for you, but instead leaves you in full control of your password database file letting you sync it by whatever method you choose.
1Password used to be a bit of a different contender, having a one-time purchase instead of a monthly subscription, and storing your password database locally on your device. Local vault storage is still available, but you have to manually request it from their customer service. 1Password costs $3/month, or $5/month for a family account supporting 5 people.