This post has been updated for 2021.
In 2021, CyberNews analyzed 15,212,645,925 passwords from publicly leaked data breaches and found that only 2,217,015,490 were unique. The top five most commonly used passwords include:
Even with the evolution of cybercrime, this list is almost identical to the top five most commonly used passwords identified in a study back in 2014. A contributor to this study, security consultant and researcher Mark Burnett emphasized the need for a password manager.
“The only solution is to stop trying to create and remember your own passwords. You cannot consider yourself secure on the Internet unless you are using some tool to manage your passwords.”
A lot of people heeded Burnett’s advice, and password managers have been growing in popularity. Over the past couple of years, LastPass has distinguished itself and moved to the head of the pack.
ALSO READ: 1Password vs. LastPass
Even though this software offers an excellent interface and intuitive browser integration, there are a number of LastPass alternatives that may better meet your requirements.
If you’re not sold on LastPass, we’re here to help. We want you to find the best password manager for your business. Start with these five:
1Password does the standard password manager stuff well—automatically storing your passwords and auto filling your logins with one click when you revisit sites. What sets 1Password apart is its ability to store credit card information and software licenses for added security.
When you download 1Password, you download it directly to your machine and host it there, which is really the ultimate security procedure. Hosting information in the cloud can open up new security risks, so keeping everything on-premise is an excellent way to protect your data.
However, the same thing that makes 1Password secure can also make it arduous for teams. Think of the fun you’ll have coordinating each individual license across your organization. To avoid that terrible fate, the software’s developer has released 1Password Teams to make coordinating password security more manageable. This version is remotely hosted.
Like 1Password, and several others on this list, Dashlane stores more than passwords. You can save anything from receipts to IDs in its document storage. On top of these practical features, Dashlane offers a pain-free, intuitive user experience.
Setup and deployment is a cakewalk, which is important if you’re going to use this password manager for your business. Dashlane also lets you turn cloud syncs on and off, so you can choose whether your files stay local or get copied to the cloud.
If you use the Dashlane Business version, your employees will also have the ability to separate their personal passwords from their business passwords. That separation is not only useful, but necessary, considering the often thin line between personal and work devices.
RoboForm is a password manager and automatic form fill tool that supports all major operating systems and their respective browsers. Users can share passwords by entering an email address and store everything from application passwords to credit card numbers.
The security features include centralized policy guardrails, that help IT enforce policies that keep your company’s information safe. And employees who hold a personal RoboForm account can rest assured, as business and personal RoboForm files stay completely separated.
RoboForm’s pricing is on the lower end, but comes with the same role control and sharing features as many of its competitors.
Keeper’s claim to fame is its ability to transfer passwords between devices using a Wi-Fi connection. So if you have a file on your laptop or desktop, you can transfer it straight to your phone without having to pass the data through a main server.
This becomes really useful when you realize that Keeper also lets you store photos, documents, and even videos. Now you have a bit of secure file storage for important documents, and you can pass said files, securely, between devices.
Keeper’s business version includes role-based access, analytics, and notifications for password health. Keeper’s only downside is that storing passwords is a bit more manual than what 1Password and DashLane offer.
KeePass has been around since 2006, and as open-source password managers go, there’s not another option with as much recognition. The software does all the standard password management stuff — automatically store passwords, auto generate complex passwords for new logins, etc. — but the beauty of KeePass is its number of plugins.
For example, if you’re worried about keyloggers (hackers who log the keystrokes on your computer to learn your passwords), you can install a plugin that creates a virtual keyboard you can use to enter your master password whenever you login to KeePass.
There are tons of other plugins available for this app, and they’re all free. KeePass’s main drawback is that it’s not that pretty to look at, but then again, being pretty isn’t the point.
Like Keeper, StickyPassword gives the ultra-paranoid a way to move passwords across their home network using cloudless Wi-Fi. That way Big Brother will never be able to access your Dancing with the Stars audition tapes.
Other than the novel method of data transfer, StickyPassword performs all of the other password manager functions well — particularly in the login capture arena.
Many other password managers struggle when asked to record login information for unorthodox field setups. For example, when the password and username aren’t displayed on the same page or directly above one another.
StickyPassword captures the appropriate data nearly all of the time. That may sound like a minor perk, but it really does become a hassle when you have to manage mis-recorded credentials in your password library.
Cloud vs. local password management
The focus of a password manager is to safeguard your online privacy and security, so it’s important to decide where you want your passwords to be stored: on remote servers or on your own device.
Cloud-based password managers
Cloud-based password managers are services that store your passwords on remote servers. They create their software for multiple platforms and sync apps through their central servers.
LastPass and many other similar tools are cloud-based, making it super convenient for users to store and manage passwords from any device. Even if the user loses their device, the passwords are recoverable through the cloud. Set up is easy as new data is automatically synced.
Password manager databases have been hacked over the past few years. Since the majority of password management developers rely on third party servers to store data, security is a concern. When looking into a cloud-based password manager, look into the security measures that are taken to protect your data. A high-quality password manager allows users to sync data locally in addition to cloud sync.
Local password managers
A local password manager such as 1Password stores all passwords locally and offline, being kept on a user’s computer, tablet, phone, or even external storage unit. What’s great about local storage is that it forces hackers to resort to difficult malware-based approaches like using keyloggers. Since passwords are stored on the user’s device, the user has total control over its security.
Local storage does hamper the user experience. And it’s worth mentioning that since the user is the one that has total control, any flaw in their processes or methods may create a vulnerability.
LastPass export and migration
So you’ve decided to switch from LassPass to a different password manager. How do you do that without losing all your stored passwords?
Fortunately it’s pretty easy to pull your data from LastPass and migrate it to another password manager, as the tool allows you to export your data as a CSV or XML file. If you’re migrating your data to another system, it’s best to choose CSV.
Another note: the easiest way to export data from LastPass is by using its browser extension on a desktop or laptop. You can do it via LastPass’s website, but it’s a lot more trouble than it’s worth.
To export and migrate your data from LastPass to a different password manager:
- Click the LastPass browser extension icon, then click Account Options > Advanced > Export > LastPass CSV File
- Type in your master password
- Save the CSV file to your computer. You’re now ready to migrate this data to another tool.
Depending on your chosen LastPass alternative, the process for migrating data varies. Whatever tool you choose, it will come with instructions for exporting and importing your passwords. Most password managers will have an option to import a CSV file, allowing you to migrate your data fairly easily.
Top business password management features
As we conduct an increasing amount of business activities online, robust features are needed in a password manager to combat the significant risks cybercrime poses.
Autofill allows form fields to be automatically populated with your corresponding username and password. When you create a new username and password for a website, your password manager will ask if you’d like to store this information. When you return to that website to login, if you’re logged into your password manager, it will auto populate your credentials.
Strong password generation
A password manager will auto-generate highly secure passwords that are long, alphanumeric, and very hard to guess. This generator is typically built right into the app, so as soon as you need new credentials for a website, the password manager can create, store, and remember it for you.
Syncs data across devices
With a cloud-based password manager, all of your encrypted data is available across any device that uses the tool. This means you have access to all passwords whether at work, home, or elsewhere.
This feature is especially useful for companies. Users can grant, manage, and remove access to online accounts to other people. This is much safer than a spreadsheet of passwords, and in most cases, passwords can be shared in their encrypted form, meaning while the recipient can use the account, they won’t know the actual password.
MFA requires users to log in using both their password and a secondary method of authentication, whether a text message or email verification code. This ensures that even if a user’s master password is compromised, the account is likely to remain secure.
Since user login is one of the most significant points of vulnerability on a password management platform, MFA is one of the easiest ways to improve account security. For this reason, we recommend choosing a password manager with MFA capabilities.
Find the best password manager for your business
Everyone needs a password manager. It’s one of the most basic requirements for anyone interested in protecting their information. That necessity is only amplified for businesses that must manage password integrity for dozens of employees.
Any of these LastPass alternatives will get the job done, but if you have a bigger team, consider one of the options with a business version first.