We do not use any AI writing tools. All our content is written by humans, not robots. See our editorial process.

Passwords are designed to keep our online accounts safe so that others can’t access them. That wasn’t a bad idea a couple of decades ago when you only needed to remember a few, but now I need to remember a different password for hundreds of websites!

I love unlocking my phone with my fingerprint or face recognition. Wouldn’t it be great to use biometrics instead of passwords for every app and website? Today’s Android password managers allow you to do just that.

android password manager

These apps remember all of your strong, complex passwords and type them for you automatically once you supply your face or finger. Not only that, they make your passwords conveniently available on every computer and device you use.

The password management software genre is relatively inexpensive and growing. Subscriptions are affordable at just a few dollars a month, and Android is supported by all of the leading alternatives. We’ll compare and review eight of them so you’ll have the facts you need to choose the one that’s best for you.

Most of the apps offer a free plan, but they tend to be limited in either the number of passwords you can save or the number of devices you can use them on. LastPass is different. Its free plan will manage all of your passwords on all your devices (including your Android smartphone) and includes a very generous number of features—more than most people need.

Another good choice is Dashlane, an app that has seen significant improvements in the last few years. It has an attractive, easy-to-use interface that’s consistent across its web app, desktop app, and mobile apps. Its free plan is good enough to get you started, but you’ll have to start paying a subscription once you reach 50 passwords.

One of these apps should meet your needs, but they’re not your only choices. Many of the remaining six apps have features and workflows that may interest you, and we’ll cover their strengths and weaknesses.

Which Android password manager is best for you? Read on to find out!

Why Trust Me for This Review?

My name is Adrian Try, and I’m a huge fan of password managers. They make our lives easier while offering superior security, and if you’re not already using one, I hope this Android password manager review will help you get started.

I started using the free plan of LastPass in 2009 on my Linux PC. It quickly learned the login details of all of my websites and started to log me in automatically. It simplified my life, and I was sold!

When the company I worked for also started using the app I discovered that LastPass made managing access to web services more convenient for my team. We could share and unshare login details with one another, and if passwords were changed, everyone’s vault would be automatically updated. We could even share logins without the others even being able to see the password.

I eventually changed jobs and switched from Linux to Mac and Android to iPhone, and started using Apple’s iCloud Keychain. I no longer needed to share passwords, and the switch was quite positive, though I do miss some of LastPass’s features.

I’ve been curious about how other password managers have developed over the last few years, especially on mobile, so I spent a few weeks evaluating them. I chose to test the Mac and iOS versions, but I also consulted Android users’ reviews and forum posts in the search for the best. Hopefully, my journey will help you discover which one is right for you.

Who Should Use an Android Password Manager?

Everyone! If you’re not already using one, get on board. You can’t keep them all in your head, and you shouldn’t list them on paper. Using a password manager makes sense and is more secure.

They make sure that your passwords are strong and unique. They make them available on all of your devices and will type them out automatically each time you need to log in. On your Android smartphone, you can use your fingerprint (or possibly face recognition) to confirm that it’s actually you logging in.

If you’re not already using a password manager on your Android phone or tablet, start today.

Best Password Manager for Android: Our Top Picks

Best Free Option: LastPass

Password-Manager-Android78

If you’d rather not pay for your password manager, LastPass is the one for you. While other services’ free plans are too limited for long-term use, LastPass syncs all of your passwords to all of your devices and offers all the other features most users need: sharing, secure notes, and password auditing. If you want more, you can opt for a paid subscription which provides additional sharing options, enhanced security, application login, 1 GB of encrypted storage, and priority tech support.

Although LastPass’s prices have been raised over the last few years, they are still competitive. LastPass is easy to use, and the Android app includes most of the features you enjoy on the desktop. Read our full LastPass review.

LastPass works on:

  • Desktop: Windows, Mac, Linux, Chrome OS,
  • Mobile: iOS, Android, Windows Phone, watchOS,
  • Browsers: Chrome, Firefox, Internet Explorer, Safari, Edge, Maxthon, Opera.

Most users today have hundreds of passwords that need to be accessed on multiple devices. They won’t be satisfied with the free plans offered by other password managers, which either limit the number of passwords you can store, or limit use to just one device. LastPass’s free plan is the only one that provides this, plus everything else most people need in a password manager.

Password-Manager-Android77

When using the mobile app you won’t always need to type your password to unlock your vault or log into sites. For supported devices, fingerprint authentication is available and can be used to recover your Master Password as well.

Password-Manager-Android81

Once you’ve added some passwords (you’ll need to use the web interface if you want to import them from another password manager), you’ll be able to autofill your username and password when you reach a log in page. You’ll first need to enable Android’s Autofill feature as detailed earlier in the review.

Password-Manager-Android79

You can customize your logins site-by-site. For example, I don’t want it to be too easy to log in to my bank, and prefer to have to type a password before I’m logged in.

The password generator defaults to complex 16-digit passwords that are almost impossible to crack but allows you to customize this to meet your requirements.

Password-Manager-Android83

The free plan allows you to share your passwords with multiple people one-by-one, and this becomes even more flexible with the paid plans—for example, you can share entire folders of passwords with select people. They’ll need to use LastPass too, but sharing this way brings many benefits.

Password-Manager-Android89

For example, if you change a password in the future you won’t need to notify them—LastPass will update their vault automatically. And you can share access to a site without the other person being able to see the password, which means they won’t be able to pass it on to others without your knowledge.

Password-Manager-Android87

LastPass can store all the information you need when filling in web forms and making online purchases, including your contact details, credit card numbers and bank account details. When it’s time to fill in a credit card form online, LastPass will fill in the details.

Password-Manager-Android88

You can also add free-form notes and even attachments. These receive the same secure storage and syncing that your passwords do. You can even attach documents and images. Free users have 50 MB of storage, and this is upgraded to 1 GB when you subscribe.

Password-Manager-Android91

You can also store a wide range of structured data types in the app.

Password-Manager-Android92

Finally, you can perform an audit of your password security using LastPass’ Security Challenge feature. This will go through all of your passwords looking for security concerns including:

  • compromised passwords,
  • weak passwords,
  • reused passwords, and
  • old passwords.

LastPass (like Dashlane) offers to automatically change the passwords of some sites, but you’ll have to go to the web interface to access this feature. While Dashlane does a better job here, neither app is perfect. The feature depends on cooperation from the other sites, so while the number of supported sites is constantly growing, it will always be incomplete.

Best Paid Choice: Dashlane

Password-Manager-Android96

Dashlane arguably offers more features than any other password manager, and almost all of these are accessible on your Android device from an attractive, consistent, easy-to-use interface. In recent updates, it has outpaced LastPass and 1Password in terms of features, but also in price. Dashlane Premium will do everything you need and even throws in a basic VPN to keep you safe when using public hotspots.

For even more protection, Premium Plus adds credit monitoring, identity restoration support, and identity theft insurance. It’s expensive and not available in all countries, but you may find it worthwhile. Read our full Dashlane review.

Dashlane works on:

  • Desktop: Windows, Mac, Linux, ChromeOS,
  • Mobile: iOS, Android, watchOS,
  • Browsers: Chrome, Firefox, Internet Explorer, Safari, Edge.

Once you have some passwords in your vault (you’ll need to use the web interface if you want to import them from another password manager), Dashlane will log in to webpages and apps automatically. If you have more than one account on that site, you’ll be prompted to choose (or add) the correct account.

Password-Manager-Android64

You can customize the login for each website. For example, you can choose whether you should be logged in automatically, but unfortunately, there’s no way to require a password to be entered first on the mobile app.

If you have a device that supports biometric authentication, you may be able to use your fingerprint to unlock Dashlane. Face recognition is not supported on Android because it doesn’t meet Dashlane’s security requirements, and they no longer support fingerprint recognition on older Samsung devices. As an alternative, you can use a PIN code.

When signing up for new memberships, Dashlane can assist in generating a strong, configurable password for you.

Password sharing is on par with LastPass Premium, where you can share both individual passwords and entire categories. You choose which rights to grant each user.

Dashlane can automatically fill in web forms, including payments. First, add your details to the Personal Info and Payments (digital wallet) sections of the app.

Password-Manager-Android69

You can store other types of sensitive information as well, including Secure Notes, Payments, IDs, and Receipts. You can even add file attachments, and 1 GB of storage is included with paid plans.

Password-Manager-Android71

Dashboard’s Security Dashboard and Password Health features will warn you when you need to change a password. The second of these lists your compromised, reused, and weak passwords, and gives you an overall health score.

Dashlane will offer to change passwords for you automatically, but unfortunately, that feature is not yet available on Android. You’ll have to use the Windows, Mac, or iOS app instead. Here’s the feature at work on my iPhone.

The Identity Dashboard monitors the dark web to see if your email address and password have been leaked due to one of your web services being hacked.

As an additional security precaution, Dashlane includes a basic VPN.

Password-Manager-Android14

If you don’t already use a VPN, you’ll find this an additional layer of security when accessing the wifi access point at your local coffee shop, but it doesn’t come close to the power of full-featured VPNs.

Other Great Android Password Manager Apps

1. Keeper Password Manager

Password-Manager-Android15

Keeper Password Manager is a basic password manager with excellent security that allows you to add on the features you need. On its own, it is quite affordable, but those extra options add up quickly. The full bundle includes a password manager, secure file storage, dark web protection, and secure chat. Read our full Keeper review.

Keeper works on:

  • Desktop: Windows, Mac, Linux, Chrome OS,
  • Mobile: iOS, Android, Windows Phone, Kindle, Blackberry,
  • Browsers: Chrome, Firefox, Internet Explorer, Safari, Edge.

Like McAfee True Key (and LastPass on mobile), Keeper gives you a way to reset your master password if you need it. You can do this by logging in using two-factor authentication or by setting up security questions (in advance) on the desktop. If you’re concerned that someone might try to access your account, you can turn on the app’s Self-Destruct feature. All of your Keeper files are to be erased after five login attempts.

Once you’ve added some passwords (you’ll need to use the desktop app to import them from other password managers), your login credentials will be auto-filled. Unfortunately, you can’t specify that a password needs to be typed to access certain sites.

When using the mobile app you can use two-factor authentication, fingerprint authentication, and wearable devices as alternatives to typing your password or as a second factor to make your vault more secure.

When you need a password for a new account, the password generator will pop up and create one. It defaults to a 16-character complex password, and this can be customized.

Password sharing is full-featured. You can share either individual passwords or complete folders, and define the rights you grant each user individually.

Keeper allows you to add your personal and financial information, but will autofill fields when filling in web forms and making online payments when using the mobile app.

Documents and images can be attached to any item in Keeper Password Manager, but you can take this to another level by adding additional services.

The KeeperChat app ($19.99/month) will let you share files securely with others, and Secure File Storage ($9.99/month) gives you 10 GB to store and share sensitive files.

The basic plan includes Security Audit, which lists weak and reused passwords, and gives you an overall security score.

To this, you can add BreachWatch for an additional $19.99/month. It can scan the dark web for individual email addresses to see if there has been a breach, and warn you to change your passwords when they have been compromised.

You can run BreachWatch without paying for a subscription to discover if a breach has occurred, and if so subscribe so you can determine which passwords need to be changed.

2. RoboForm

Password-Manager-Android35

RoboForm is the original password manager, and I enjoyed using it better on mobile devices than on the desktop. It’s affordable and includes all of the features you need. Long-term users seem quite happy with the service, but new users may be better served by another app. Read our full RoboForm review.

RoboForm works on:

  • Desktop: Windows, Mac, Linux, Chrome OS,
  • Mobile: iOS, Android,
  • Browsers: Chrome, Firefox, Internet Explorer, Safari, Edge, Opera.
Password-Manager-Android36

You can get started with RoboForm by creating some logins. If you’d like to import them from another password manager, you’ll need to do that from the desktop app. RoboForm will use the favicon for the website to make it easier to find the right login.

As you’d expect, RoboForm can automatically log into websites and apps. When creating a new account, the app’s password generator works well and defaults to complex 14-character passwords, and this can be customized.

Password-Manager-Android39

RoboForm is all about filling in web forms and does a good job on mobile—as long as you use the RoboForm browser. First, create a new Identity and add your personal and financial details.

Then when you navigate to a web form using the app’s browser, a Fill button will appear at the bottom right of the screen. Tap this and choose the identity you want to use.

The app allows you to quickly share a password with others, but if you want to define the rights you’re granting the other users, you’ll have to use shared folders instead.

Finally, RoboForm’s Security Center rates your overall security and lists weak and reused passwords. Unlike LastPass, Dashlane, and others, it won’t warn you if your passwords have been compromised by a third-party breach.

3. Sticky Password

Password-Manager-Android25

Sticky Password offers quite a few features for a more affordable app. It looks a little dated on the desktop and the web interface does very little, but I found the mobile interface to be an improvement. Its most unique feature is security-related: you can optionally sync your passwords over a local network, and avoid uploading them all to the cloud.

If you’d prefer to avoid another subscription, you may appreciate that you can purchase a lifetime license for $199.99. Read our full Sticky Password review.

Sticky Password works on:

  • Desktop: Windows, Mac,
  • Mobile: Android, iOS, BlackBerry OS10, Amazon Kindle Fire, Nokia X,
  • Browsers: Chrome, Firefox, Safari (on Mac), Internet Explorer, Opera (32-bit).

Sticky Password’s cloud service is a secure place to store your passwords. But not everyone is comfortable storing such sensitive information online. So they offer something that no other password manager does: sync over your local network, bypassing the cloud altogether. This is something you need to set up when you first install Sticky Password and change at any time through settings.

Password-Manager-Android27

Import can only be done from the desktop, and only on Windows. On Mac or mobile, you’ll have to enter your passwords manually.

Once you’ve added some passwords, the app will use Android’s Autofill to automatically log in to websites and apps. Firefox, Chrome and the embedded Sticky browser are supported. To log into other apps and browsers you need to copy and paste your username and password to the clipboard using the app’s Action button.

Web accounts and app accounts can be linked, so if you change your Facebook password, for example, you’ll only need to change it once in Sticky Password. You can use your fingerprint to unlock your database.

The password generator defaults to complex 20-character passwords, and this can be customized on the mobile app.

Password-Manager-Android21

You can store your personal and financial information in the app, and this can be used when filling in forms and making online payments.

You can also store secure memos for your reference. You’re unable to attach or store files in Sticky Password.

Password sharing is managed on the desktop. You can share a password with multiple people, and grant each one different rights. With limited rights, they can log in and no more. With full rights, they have complete control, and even revoke your access! You can see which passwords you’ve shared (and have been shared with you) from the Sharing Center.

4. 1Password

Password-Manager-Android59

1Password is a leading password manager with a loyal following. The codebase was rewritten from scratch a few years ago, and it still lacks a few features it had in the past, including form filling. A unique feature of the app is Travel Mode, which can remove sensitive information from your phone’s vault when entering a new country. Read our full 1Password review.

1Password works on:

  • Desktop: Windows, Mac, Linux, Chrome OS,
  • Mobile: iOS, Android,
  • Browsers: Chrome, Firefox, Internet Explorer, Safari, Edge.

Once you’ve added some passwords, your login details will be automatically filled in using Android Autofill. Unfortunately, while you can globally require that a password is typed before auto-filling passwords, you can’t configure this just for sensitive sites.

Like other apps, you can opt to use your fingerprint as an alternative to typing your password when unlocking 1Password.

Password-Manager-Android62

Whenever you create a new account, 1Password can generate a strong, unique password for you. On Android, this is done in the app rather than on the web page. By default, it creates a complex 28-character password that’s impossible to hack, but the defaults can be changed.

Unlike LastPass and Dashlane, password sharing is only available if you subscribe to a family or business plan. To share access to a site with everyone on your family or business plan, just move the item to your Shared vault. To share with certain people but not everyone, create a new vault and manage who has access.

1Password isn’t just for passwords. You can also use it to store private documents and other personal information. These can be stored in different vaults and organized with tags. That way you can keep all of your important, sensitive information in one place.

Finally, 1Password’s Watchtower will warn you when a web service that you use will be hacked, and your password compromised. It lists vulnerabilities, compromised logins, and reused passwords. On Android, there isn’t a separate page that lists all vulnerabilities. Instead, warnings are displayed when you view each password individually.

5. McAfee True Key

Password-Manager-Android46

McAfee True Key is friendly and inexpensive. It offers a simple web and mobile interface and does the basics well. It allows users to reset their master password if they forget it. The developers have avoided adding too many extra features. You can’t use it to share passwords, change passwords with a single click, fill in web forms, store your documents, or audit your passwords.

But if you’re looking for a password manager that’s easy to use and won’t overwhelm you, this may be the one for you. Read our full True Key review.

True Key works on:

  • Desktop: Windows, Mac,
  • Mobile: iOS, Android,
  • Browsers: Chrome, Firefox, Edge.

McAfee True Key has excellent multi-factor authentication. Besides protecting your login details with a master password (which McAfee don’t keep a record of), True Key can confirm your identity using a number of other factors before it gives you access:

  • Face recognition,
  • Fingerprint,
  • Second device,
  • Email confirmation,
  • Trusted device,
  • Windows Hello.

Once you’ve added some passwords (you need to use the desktop app to import passwords from other password managers), True Key will fill in your username and password for websites and apps using Android Autofill, though some users on the McAfee Community Forum report that this doesn’t work consistently.

You can customize each login to require I type my Master Password before logging in. I prefer to do this when logging into my banking. The desktop app’s Instant Log In option isn’t available in the mobile app.

When creating a new login, True Key can generate a strong password for you.

Password-Manager-Android49

Finally, you can use the app to store basic notes and financial information securely. But this is just for your own reference—the app won’t fill in forms or help you with online purchases, even on the desktop. To simplify data entry, you can scan your credit card with your phone’s camera.

6. Abine Blur

Password-Manager-Android50

Abine Blur is a complete privacy service. The app provides ad tracker blocking and can mask your personal information (email addresses, phone numbers, and credit cards), but many of these features are not available to everyone worldwide. It includes a password manager that includes the basic features. Read our full Blur review.

Blur works on:

  • Desktop: Windows, Mac,
  • Mobile: iOS, Android,
  • Browsers: Chrome, Firefox, Internet Explorer, Opera, Safari.
Password-Manager-Android51

With McAfee True Key (and LastPass on mobile), Blur is one of the only password managers that let you reset your master password if you forget it. It does this by providing a backup passphrase, but make sure you don’t lose that too!

Password-Manager-Android52

Blur can import your passwords from your web browser or other password managers, but only on the desktop app. On Android, you’ll have to enter them manually if you’re not using a desktop app as well. Once in the app, they’re stored as one long list—you’re unable to organize them using folders or tags.

From then on, Blur will automatically use Android Autofill to enter your username and password when logging in. If you have a number of accounts at that site, you can choose the correct one from the list.

However, you can’t customize this behavior by requiring a password be typed when logging in to certain sites. Like other mobile apps, you can configure Blur to use your phone’s biometrics when logging into the app instead of your password, or as a second factor.

Blur’s password generator defaults to complex 12-character passwords, but this can be customized.

The AutoFill section allows you to enter your personal information, addresses, and credit card details.

This information can be filled in automatically when making purchases and creating new accounts if you use Blur’s built-in browser. But Blur’s real strength is its privacy features:

  • ad tracker blocking,
  • masked email,
  • masked phone numbers,
  • masked credit cards.

I’d prefer not to give my real email address when signing up for a web service I don’t yet trust. I don’t want it to be used for spam or phishing attacks. Instead, I can give the website a masked email address. It’s not my real address, and it’s not fake, either. Blur generates real alternatives and forwards my emails to my real address. I can easily use a different email address for every website, and if I have any concerns, cancel just that one masked address. I can stop contact from just one company without affecting anyone else. It sounds like it could get confusing, but Blur keeps track of it all for me.

You can do the same with phone numbers and credit cards, but only from certain countries. Masked credit cards are only available in the United States, and masked phone numbers from 16 countries. Check which services are available where you live before making a decision.

How We Picked These Android Password Manager Apps

Available on Multiple Platforms

The best Android password manager will work on other platforms as well. Choose one that supports each operating system and web browser you rely on. For most people, this will be easy: they all support Mac, Windows, iOS, and Android. Most work on Linux and Chrome OS as well, and a few go the extra mile by supporting less common mobile platforms:

  • Windows Phone: LastPass,
  • watchOS: LastPass, Dashlane,
  • Kindle: Sticky Password, Keeper,
  • Blackberry: Sticky Password, Keeper.

Double-check the browsers they support as well. They all work with Chrome and Firefox, and most work with Apple’s Safari and Microsoft’s IE and Edge. Some less common browsers are supported by a few apps:

  • Opera: LastPass, Sticky Password, RoboForm, Blur,
  • Maxthon: LastPass.

Works Well on Android

The Android app shouldn’t be an afterthought. It should include as many features offered on the desktop version as possible, have an interface optimized for mobile devices, and be easy to use. In addition, it should include biometrics as an alternative to typing passwords, or as a second factor.

Some Android apps are surprisingly full-featured, while others are cut-down complements to the full desktop experience. No mobile password manager includes an import function while most desktop apps do. With a few exceptions, form filling is poor on mobile, and password sharing is not always included.

Password Management Features

The basic features of a password manager are to securely store your passwords on all of your devices and log in to websites automatically, and to provide strong, unique passwords when you create new accounts. All mobile apps include these features, but some better than others. Two other important features are secure password sharing, and a security audit that warns you when your passwords need to be changed, but not all mobile apps include these.

Here are the features offered by each app on the desktop:

Password-Manager-Android74

Additional Features

Don’t stop at passwords. Use your app to store other forms of sensitive information. Since they’ve gone to the effort of providing a secure, convenient storage container that syncs to all of your devices, many apps allow you to store other types of data as well. These include notes, documents, and more structured personal information. Here’s what they offer on the desktop:

Password-Manager-Android76

Pricing

Subscribing to a password manager won’t break the bank (they cost just a few dollars a month), so price probably won’t be the determining factor in your decision. If it is, LastPass’s free plan will offer the best value. Each service requires you to pay on a yearly basis, and here are the costs for each subscription:

  • Only LastPass’s free plan lets you store all of your passwords on all your devices. Those offered by other services are too limited for most users to use on a long-term basis.
  • Only Sticky Password lets you purchase the software outright—a lifetime license costs $199.99. That makes it a good choice for those wanting to avoid yet another subscription.
  • Keeper has a usable affordable plan that costs $29.99, but it doesn’t fully compete with the other apps. For that reason I quoted the more expensive subscription cost for the entire bundle of services they offer.
  • Family plans are very good value. By paying around the price of two personal licenses, you can cover a family of five or six people.
Password-Manager-Android75

Final Tips about Android Password Management

1. Android Oreo (and Later) Allows Third-Party Password Managers to Autofill

Android apps have been able to automatically fill in passwords and other information since Android 8.0 Oreo when Google added the Autofill framework. Before this, Android users needed to use a custom keyboard to “automatically” input passwords. The new framework now allows password managers to offer an excellent experience on mobile devices.

You’ll need to enable the feature on your device. Here’s how you do it with LastPass, and other apps are similar:

  • Open the LastPass app on your Android device.
  • Tap the menu button, then tap Settings at the bottom.
  • Open Autofill, and then the toggle next to Android Oreo Autofill. You’ll be asked to give permission to autofill, which you can accept.
  • On the next screen, click the radio button next to LastPass to enable the app for autofill.

2. You Need to Commit to an App

Using a password manager effectively requires you to make a commitment. You need to stop trying to remember your own passwords, and trust your app. Choose a good one and use it every time on every device. As long as you try to keep your passwords in your head, you’ll never fully trust your password manager, and you’ll be tempted to create weak passwords.

The app you choose needs to work on your Android phone, but also on your other computers and devices. You need to know it will be there every time you need a password, so the app should also work on Mac and Windows and other mobile operating systems. It should also have an effective web app, just in case you need your passwords when using someone else’s computer.

3. The Danger is Real

You use passwords to keep people out. Hackers want to break in anyway, and if you use weak passwords, it doesn’t take long. The longer and more complex a password, the longer it takes to crack. So choose one that’s not worth the hacker’s time. Here are some tips for creating a strong password:

  • Long. The longer, the better. At least 12 characters is recommended.
  • Complicated. Lower case, upper case, numbers and special characters in one password make it really strong.
  • Unique. A unique password for each and every account reduces your vulnerability.
  • Refreshed. Passwords that have never been changed are more likely to be hacked.

That third recommendation is important, and some celebrities learned it the hard way. The passwords of millions of people were compromised when MySpace was breached in 2013, including Drake, Katy Perry, and Jack Black. That problem was made significantly bigger because they used the same password on other sites. That allowed hackers to gain access to Katy Perry’s Twitter account and leak an unreleased track and post offensive tweets.

Password managers are a tempting target for hackers, and LastPass, Abine and others have been breached in the past. But all they got was access to encrypted data. Users’ password vaults were unable to be accessed.

4. There’s More than One Way for Someone to Get Your Password

You’ve probably heard how hundreds of private photos of celebrities were leaked a few years ago. You may be surprised to learn that the cloud services they were using were not hacked. Instead, the celebrities were tricked and handed over their log in details voluntarily.

This phishing attack took place over email. The hacker contacted each celebrity posing as Apple or Google and claimed that their accounts had been compromised, and asked for their login details. The emails looked genuine, and the scam worked.

So make sure that your password isn’t the only thing that’s required to log into your accounts. Two-factor authentication (2FA) is a safeguard so that hackers won’t be able to access your account even if they have your username and password. Every time you log in, you’ll need to enter another factor—typically a code sent to your smartphone—before you can complete the login.

So be aware of the danger, and choose a password manager that will perform a security audit and warn you if any of your passwords are weak, reused, or compromised. Some even warn you whenever a site you use has been hacked, which is a very important time to change that password.