After popular password manager LastPass faced a possible security breach yesterday, many of you are looking for an alternative password solution that doesn’t store your passwords on someone else’s servers. Here are three of our favourite password managers that will store your passwords without syncing them to the cloud.
LastPass has long been our favourite any-browser, any-OS password solution, and its password generation features are great for creating super-secure passwords, but it stores all of your passwords on their servers—which make them vulnerable if their servers somehow get compromised. We still love LastPass, and pretty much all of us use it. As long as you’re using a strong, non-dictionary password, you’re probably pretty safe, and as far as today’s breach is concerned there’s still no evidence that they were actually hacked. But, we understand that some of you may be rethinking your decision to store your passwords online. If you’d like to look at other options, here are some great programs that will keep all your passwords stored safely on your local machine.
Pros: It’s open source, available for tons of different platforms, and has some pretty great plug-ins available. You can automatically generate passwords, automatically fill in information, and import and export your database into a number of different formats. If you want to store information other than passwords, it also has a great “secure notes” feature that lets you store any data you want, while keeping it secure in its database.
Cons: While there are some specialised apps like KeeFox out there for better browser integration, KeePass' browser integration has always left a little bit to be desired. Where LastPass works seamlessly with almost every browser and OS out there, you need to work a little harder to get KeePass to play nicely with whatever software you're running.
1Password was long a favourite of Mac and iPhone users, but it now has Windows and Android versions available, making it a good cross-platform option for storing all your passwords locally.
Pros: Like the other options, it stores your passwords and can automatically fill them and log you into your favourite sites on the web. Not only can you store passwords with 1Password, but you can store credit card information, software licenses, and other important documents for quick access. It also has official builds for iOS and Android, which is nice if you do a lot of browsing on your phone.
Cons: The big downside to 1Password is its hefty $US40 price tag, which some may find worth it for its polish—but don't think you need to pay that much money just for the security, as open source options like KeePass are just as good.
Note: Both KeePass and 1Password support syncing your passwords between your machines with Dropbox, which while convenient, presents the same problem as LastPass. When you sync items to the cloud, they end up on someone else's servers and out of your control. As such, using one of these programs and syncing the data over isn't all that different from using LastPass in the first place, so if you're looking to avoid that issue entirely, we recommend against the Dropbox syncing features of these programs
Keeper is less popular and well-known than KeePass and 1Password, but it's probably one of your better options if you want to sync your passwords between devices.
Pros: Keeper is available on nearly every desktop and mobile platform out there, and allows you to sync passwords over Wi-Fi between devices—meaning you can sync your passwords without ever putting them on a central server that could get hacked. It's also very nicely organized for tons of different data beyond passwords, like credit cards, software licenses, or other private information.
Cons: Like 1Password, Keeper isn't cheap—it says on its web site that it's $US30, but after installing you find out that it is, in fact, $US30 a year—which may be worth it to you for the convenience of Wi-Fi syncing, but it's important to know going in. Also, if you want to keep your data off their servers, you have to sync over Wi-Fi—there isn't an easy wired option for your computers that don't have Wi-Fi.
LastPass Pocket is a small application that gives you full offline access to your LastPass passwords, so when LastPass gets overloaded or has issues (like it is today as a result of the breach), you can still access them. Now, we know this doesn't solve the main problem of having them in the cloud at the first place, but it bears mentioning for those of you that want to keep using LastPass, since it iat least solves the problem of losing LastPass functionality when the servers go down or have problems.
There are a ton of different password managers out there, and a lot of them are pretty great, but these are a few popular ones that we think are good replacements if you're tired of LastPass. If you have your own suggestions that we didn't mention, share them with us in the comments.