Most password managers rely on a master password — a single password which unlocks access to the entire vault. The idea is that it's easier to remember one password, and make it a super-long, super-secure passphrase, than to try to memorize dozens, or hundreds, of individual passwords.
But a super-long passphrase is also inconvenient to type in, especially if you have your password manager set up to lock you out whenever you step away from your computer or shut down your mobile device. Which, of course, you should.
Plus, any application that relies solely on a user name and password combination is vulnerable to keystroke loggers. This is where biometrics and other multifactor authentication methods come in.
"Multifactor support is critical," said Andre Boysen, chief identity officer at North York, ON-based SecureKey Technologies Inc. "Password managers are a target because of the honeypot of access credentials."
PasswordBox claims to be the most trusted password manager, with more than 14 million downloads. By comparison, LastPass claims to have about 6 million individual users.
PasswordBox also offers the option to name an emergency contact who is allowed to use the app if something happens to you, and to securely share logins with co-workers or family members.
The oldest of all the password managers on this list, RoboForm was first released at the end of 1999.
One unique feature is that it allows users to log into several sites at once — useful for people who log into the same set of services every day. It also has a portable version, called RoboForm2Go, that you can install on a USB key.
Like other password managers, it supports all major browsers and devices and offers a choice of cloud storage for syncing across all devices, or desktop mode for storing all data locally on a single computer. But, again, you give up the convenience of being able to access your password on mobile devices and other computers.
It made this list because it has an enterprise version, with group policies, active directory integration, master password recovery, shared logins with multiple users, automatically created credentials for user or groups, and the ability to create limited-time logins.
StickyPassword's unique feature is that you can avoid the cloud, yet still sync across all your devices, by using your local Wi-Fi network to keep everything up to date.
It also works from a portable USB device, supports biometrics, fills in forms, and works on all major platforms, browsers, and devices.
The premium version is the one that supports Wi-Fi sync, is just $20 a year, making this one of the less expensive commercial products on this list.
Sign up for CIO Asia eNewsletters.