Do you hate typing passwords as much as I do? I much prefer to use Touch ID or Face ID to log into my iPhone. It’s easier and feels more secure. No one has my fingerprints except me. Imagine if all of your passwords were that easy. That’s the promise that iPhone password apps make. They’ll remember all of your strong, complex passwords and type them for you automatically once you supply your face or finger.

But your iPhone isn’t the only place you use passwords. You need a password manager that works on every computer and device you use, and synchronizes your passwords between them. There are a bunch available, and the list is growing. They’re not expensive—just a few dollars a month—and most are easy to use. They’ll make passwords easier to live with while encouraging greater security.

iphone password manager

In this iPhone password manager review, we’ll look at some of the leading apps and help you decide which one is best for you.

Only LastPass has a free plan that most of us could use long-term, and it’s the solution I recommend to the majority of iPhone users. It’s easy to use, works on most platforms, doesn’t cost a cent and has many of the features the more expensive apps have.

Dashlane is an app that offers all the features in an attractive, friction-free package. Its interface is consistent across each platform, and the developers have made huge improvements over the last few years. If you’re looking for the best password manager available today, and are willing to pay a little more for it, this is the app for you.

The remaining apps are all quite different. Some offer ease of use, others unique features, and some focus on affordability. While our two winners will suit most iOS users, you may relate better to the offerings of one of the others. Read on to find out!

Why Trust Me for This Review?

My name is Adrian Try, and I’ve been using password managers for over a decade. I believe this is a genre of software that everyone should be using today. These apps enhance your security while making your life easier at the same time.

I started with LastPass—just the free plan—and was instantly sold on the value of having an app remember and type your passwords for you. When the company I worked for started using the same app, I discovered that using a password manager to share passwords was a lot more convenient and powerful. They wouldn’t even need to know what the password was, and if I changed it, their LastPass vaults were instantly updated.

At that time the free plan didn’t include mobile devices, so when I became an iPhone user I switched to Apple’s iCloud Keychain. It was the best password manager for iOS at the time but only worked on Apple’s hardware and software. I was already using an iMac, MacBook Air, iPhone, and iPad, but wasn’t using Safari on every platform. The switch went surprisingly well, and even though I miss a few of LastPass’s features, the experience has been very positive.

It’s time for me to evaluate my system again, and now that third-party password managers work better on iOS, it may be time to switch back again. So I installed eight of the leading iOS password managers on my iPhone and tested each one carefully. Maybe my journey will help you choose which is best for you.

Should You Use an iPhone Password Manager?

You should! It’s not easy to remember them all, and not secure to keep lists of passwords on paper. Online security becomes more important each year, and we need all the help we can get!

iPhone password managers will generate a strong, unique password automatically whenever you sign up for a new account. They remember all of those long passwords for you and make them available on all your devices. They fill them in automatically either immediately, after typing a password, or on mobile devices, after using Touch ID or FaceID to confirm that it’s actually you.

So choose one today. Read on to discover which password app is best for you.

How We Chose These iPhone Password Manager Apps

Available on Multiple Platforms

You don’t just need your passwords when you’re on your iPhone. You’ll need them on your desktop and laptop computer, as well as any other devices you use. So take care to choose one that supports every operating system and web browser you use. You shouldn’t have much trouble since they all work on Mac, Windows, iOS, and Android. Some apps support a few additional mobile platforms:

  • Windows Phone: LastPass,
  • watchOS: LastPass, Dashlane,
  • Kindle: Sticky Password, Keeper,
  • Blackberry: Sticky Password, Keeper.

Make sure the app works with your web browser, too. They all work with Chrome and Firefox, and most work with Safari and Microsoft’s browsers. A few less common browsers are supported by a few apps:

  • Opera: LastPass, Sticky Password, RoboForm, Blur,
  • Maxthon: LastPass.

Works Well on the iPhone

The iPhone app shouldn’t be an afterthought. It should include most of the features offered on the desktop version, feel like it belongs on iOS, and be easy to use. In addition, it should include biometrics and the Apple Watch as alternatives to typing passwords, or as a second factor.

App Store reviews are a helpful way to gauge how happy users are with the mobile experience. All of the apps we cover in this review receive at least four stars. Here are the ratings (and number of reviews) for each app in the US store. In most cases they closely mirror the ratings from the Australian store you’ll see in the screenshots below.

  • Keeper 4.9 (116.8K),
  • Dashlane 4.7 (27.3K),
  • RoboForm 4.7 (16.9K),
  • Sticky Password 4.6 (430),
  • 1Password 4.5 (15.2K),
  • McAfee True Key 4.5 (709),
  • LastPass 4.3 (10.1K),
  • Abine Blur 4.0 (148).

Some of the apps are surprisingly full-featured, while others are cut-down complements to the full desktop experience. No mobile password manager includes an import function while most desktop apps do. With a few exceptions, form filling is poor on iOS, and password sharing is not included in some mobile apps.

Password Management Features

The basic features of a password manager are to securely store your passwords on all of your devices and log in to websites automatically, and to provide strong, unique passwords when you create new accounts. All mobile apps include these features, but some better than others. Two other important features are secure password sharing, and a security audit that warns you when your passwords need to be changed, but not all mobile apps include these.

Here are the features offered by each app on the desktop:



  • Since iOS auto-login is more consistent across apps. Only True Key uses the less intuitive Share Sheet.
  • On iOS, only LastPass and True Key let you require a password be typed (or use of Touch ID, Face ID or Apple Watch) before being automatically logged in to selected sites. Some apps allow you to require it on all sites.
  • Not all of the mobile apps allow you to customize generated passwords.
  • Password sharing is not as well implemented on iOS, with the notable exceptions of Dashlane, Keeper, and RoboForm.
  • Four apps offer full-featured password auditing no iOS: Dashlane, Keeper, LastPass, and RoboForm. 1Password only displays Watchtower warnings when you view a particular password, rather than giving the feature its own page.

Additional Features

Now that you have somewhere secure and convenient to store sensitive information, why stop at passwords? Many password managers allow you to store more: notes, documents, and other types of personal information. Here’s what’s offered on the desktop:



  • Form filling is not as well implemented on mobile. Only Dashlane can fill forms in the Safari web browser, while RoboForm and Blur can do this when you use their internal browser.
  • I didn’t try using the app password feature (if included) when reviewing each mobile app.


Password managers aren’t expensive, but the prices do vary. Most of the personal plans cost between $35 and $40 a year, but some are significantly cheaper. For the best value, LastPass’s free plan is cheaper still, and will easily meet most users’ needs. The websites advertise monthly costs but require you to pay yearly. Here’s what it will cost you:

  • LastPass is the only app that offers a usable free plan—one that lets you store all of your passwords on all your devices.
  • If you’re suffering from subscription fatigue, you may prefer an app that you can purchase outright. Your only option is Sticky Password, which offers a lifetime license for $199.99.
  • Keeper’s most affordable plan doesn’t fully compete with LastPass and Dashlane, so I’ve quoted the subscription price for the entire bundle of services. If you don’t need all of those features, you can pay just $29.99/year.
  • Family plans offer excellent value. They typically cost about double the personal plan but allow 5-6 family members to use the service.

Best Password Manager for iPhone: Our Top Picks

Best Free Choice: LastPass


LastPass syncs all of your passwords to all of your devices and offers all the other features most users need: sharing, secure notes, and password auditing. It’s the only password manager to offer a usable free plan.

Paid plans offer additional sharing options, enhanced security, application login, 1 GB of encrypted storage, and priority tech support. Subscription costs are not as cheap as they used to be, but they’re still competitive. LastPass is easy to use, and the iOS app includes most of the features you enjoy on the desktop. Read our full LastPass review here.

LastPass works on:

  • Desktop: Windows, Mac, Linux, Chrome OS,
  • Mobile: iOS, Android, Windows Phone, watchOS,
  • Browsers: Chrome, Firefox, Internet Explorer, Safari, Edge, Maxthon, Opera.

LastPass isn’t the only app to offer a free plan, but others are too restrictive to be used long-term by most users. They limit the number of passwords that are supported or work on just one device. They won’t let you access hundreds of passwords from multiple devices. Only LastPass does, and also offers the features most people need in a password manager.


When using the mobile app you won’t always need to type your password to unlock your vault or log into sites. Touch ID, Face ID and Apple Watch are all supported. On iOS, LastPass also gives you the option of recovering your master password using biometrics, something that’s not possible using the web or Mac app, or on many of the competitors.

Once you’ve added some passwords (you’ll need to use the web interface if you want to import them from another password manager), you’ll be able to AutoFill your username and password when you reach a login page. You’ll first need to enable the feature as detailed earlier in the review.


This behavior can be customized site-by-site. For example, I don’t want it to be too easy to log in to my bank, and prefer to have to type a password before I’m logged in.


The password generator defaults to complex 16-digit passwords that are almost impossible to crack but allows you to customize this to meet your requirements.

The free plan allows you to share your passwords with multiple people one-by-one, and this becomes even more flexible with the paid plans—shared folders, for example. They’ll need to use LastPass too, but sharing this way brings many benefits. For example, if you change a password in the future you won’t need to notify them—LastPass will update their vault automatically. And you can share access to a site without the other person being able to see the password, which means they won’t be able to pass it on to others without your knowledge.


LastPass can store all the information you need when filling in web forms and making online purchases, including your contact details, credit card numbers and bank account details. Unfortunately, I couldn’t get form filling to work with the current iOS.


You can also add free-form notes and even attachments. These receive the same secure storage and syncing that your passwords do. You can even attach documents and images. Free users have 50 MB of storage, and this is upgraded to 1 GB when you subscribe.


You can also store a wide range of structured data types in the app.


Finally, you can perform an audit of your password security using LastPass’ Security Challenge feature.


This will go through all of your passwords looking for security concerns including:

  • compromised passwords,
  • weak passwords,
  • reused passwords, and
  • old passwords.

LastPass (like Dashlane) offers to automatically change the passwords of some sites, but you’ll have to go to the web interface to access this feature. While Dashlane does a better job here, neither app is perfect. The feature depends on cooperation from the other sites, so while the number of supported sites is constantly growing, it will always be incomplete.

Best Paid Choice: Dashlane


Dashlane arguably offers more features than any other password manager, and almost all of these are accessible on iOS from an attractive, consistent, easy-to-use interface. In recent updates, it has outpaced LastPass and 1Password in terms of features, but also in price. Dashlane Premium will do everything you need and even throws in a basic VPN to keep you safe when using public hotspots.

For even more protection, Premium Plus adds credit monitoring, identity restoration support, and identity theft insurance. It’s expensive—$119.88/month—and not available in all countries, but you may find it worthwhile. Read our full Dashlane review here.

Dashlane works on:

  • Desktop: Windows, Mac, Linux, ChromeOS,
  • Mobile: iOS, Android, watchOS,
  • Browsers: Chrome, Firefox, Internet Explorer, Safari, Edge.

Once you have some passwords in your vault (you’ll need to use the web interface if you want to import them from another password manager), Dashlane will fill in your login pages automatically. If you have more than one account on that site, you’ll be prompted to choose (or add) the correct account.


You can customize the login for each website. You can choose whether you should be logged in automatically, but unfortunately, on the mobile app there’s no way to require a password (or Touch ID or Face ID) be entered first.


The iPhone app allows you to use Touch ID, Face ID, your Apple Watch, or a PIN code as an alternative to typing your password when logging into the app.


When signing up for new memberships, Dashlane can assist my generating a strong, configurable password for you.


Password sharing is on par with LastPass Premium, where you can share both individual passwords and entire categories. You choose which rights to grant each user.

Dashlane can automatically fill in web forms, including payments. You do this by clicking the Dashlane icon in Safari’s share sheet. But first, add your details to the Personal Info and Payments (digital wallet) sections of the app.


You can also store other types of sensitive information, including Secure Notes, Payments, IDs and Receipts. You can even add file attachments, and 1 GB of storage is included with paid plans.

Dashboard’s Security Dashboard and Password Health will warn you when you need to change a password. The second of these lists your compromised, reused, and weak passwords, gives you an overall health score and lets you change a password with a single click (for supported sites).


On the desktop, the password changer is only available by default in the US, France, and the UK. I was pleasantly surprised to discover that on iOS it works by default in Australia.

The Identity Dashboard monitors the dark web to see if your email address and password have been leaked due to one of your web services being hacked.

As an additional security precaution, Dashlane includes a basic VPN.


If you don’t already use a VPN, you’ll find this an additional layer of security when accessing the wifi access point at your local coffee shop, but it doesn’t come close to the power of full-featured VPN for Mac.

Other Great iPhone Password Manager Apps

1. Keeper Password Manager


Keeper Password Manager is a basic password manager with excellent security that allows you to add on the features you need. On its own, it is quite affordable, but those extra options add up quickly. The full bundle includes a password manager, secure file storage, dark web protection, and secure chat. Read our full Keeper review.

Keeper works on:

  • Desktop: Windows, Mac, Linux, Chrome OS,
  • Mobile: iOS, Android, Windows Phone, Kindle, Blackberry,
  • Browsers: Chrome, Firefox, Internet Explorer, Safari, Edge.

Like McAfee True Key (and LastPass on iOS), Keeper gives you a way to reset your master password if you need it. You can do this by logging in using biometrics on your phone, or by setting up security questions (in advance) on the desktop. If you’re concerned that someone might try to access your account, you can turn on the app’s Self-Destruct feature. All of your Keeper files to be erased after five login attempts.

Once you’ve added some passwords (you’ll need to use the desktop app to import them from other password managers), your login credentials will be auto-filled. Unfortunately, you can’t specify that a password needs to be typed to access certain sites.

When using the mobile app you can use Touch ID, Face ID and Apple Watch as an alternative to typing your password or as a second factor to make your vault more secure.

When you need a password for a new account, the password generator will pop up and create one. It defaults to a 16-character complex password, and this can be customized.

Password sharing is full-featured. You can share either individual passwords or complete folders, and define the rights you grant each user individually.

Keeper allows you to add your personal and financial information, but unlike the desktop app, I couldn’t find a way to auto-fill fields when filling in web forms and making online payments when using the mobile app, or find anywhere in the documentation that indicated that it’s possible.

Documents and images can be attached to any item in Keeper Password Manager, but you can take this to another level by adding additional services. The KeeperChat app ($19.99/month) will let you share files securely with others, and Secure File Storage ($9.99/month) gives you 10 GB to store and share sensitive files.

The basic plan includes Security Audit, which lists weak and reused passwords, and gives you an overall security score. To this, you can add BreachWatch for an additional $19.99/month. It can scan the dark web for individual email addresses to see if there has been a breach, and warn you to change your passwords when they have been compromised.

You can actually run BreachWatch without paying for a subscription to discover if a breach has occurred, and if so subscribe so you can determine which passwords need to be changed.

2. RoboForm


RoboForm is the original password manager, and I enjoyed using it on iOS much more than on Mac. It’s affordable and includes all of the features you need. Long-term users seem quite happy with the service, but new users may be better served by another app. Read our full RoboForm review here.

RoboForm works on:

  • Desktop: Windows, Mac, Linux, Chrome OS,
  • Mobile: iOS, Android,
  • Browsers: Chrome, Firefox, Internet Explorer, Safari, Edge, Opera.

Get started by creating some logins. If you’d like to import them from another password manager, you’ll need to do that from the desktop app. RoboForm will use the favicon for the website to make it easier to find the right one.

As you’d expect, RoboForm uses the system’s AutoFill to log into websites. Click on Passwords and a list of logins for that website are displayed.

When creating a new account, the app’s password generator works well and defaults to complex 16-character passwords, and this can be customized.

RoboForm is all about filling in web forms, and it’s one of the only apps I tried that does a reasonable job on iOS—as long as you use the RoboForm browser. (Dashlane was better here by being able to fill in forms on Safari.) First create a new Identity and add your personal and financial details.

Then when you navigate to a web form using the app’s browser, a Fill button will appear at the bottom right of the screen. Tap this and choose the identity you want to use.

The app allows you to quickly share a password with others, but if you want to define the rights you’re granting the other users, you’ll have to use shared folders instead.

Finally, RoboForm’s Security Center rates your overall security and lists weak and reused passwords. Unlike LastPass, Dashlane and others, it won’t warn you if your passwords have been compromised by a third-party breach.

3. Sticky Password


Sticky Password offers quite a few features for a more affordable app. It looks a little dated on the desktop and the web interface does very little, but I found the iOS interface to be an improvement.

Its most unique feature is security-related: you can optionally sync your passwords over a local network, and avoid uploading them all to the cloud. And if you’d prefer to avoid another subscription, you may appreciate that you can purchase a lifetime license for $199.99. Read our full Sticky Password review here.

Sticky Password works on:

  • Desktop: Windows, Mac,
  • Mobile: Android, iOS, BlackBerry OS10, Amazon Kindle Fire, Nokia X,
  • Browsers: Chrome, Firefox, Safari (on Mac), Internet Explorer, Opera (32-bit).

Sticky Password’s cloud service is a secure place to store your passwords. But not everyone is comfortable storing such sensitive information online. So they offer something that no other password manager does: sync over your local network, bypassing the cloud altogether. This is something you need to set up when you first install Sticky Password, and change at any time through settings.

Import is another feature that can only be done from the desktop, and only on Windows. On Mac or mobile you’ll either have to do that from Windows or enter your passwords manually.

I initially had trouble creating new Web Accounts. an error message when I tried to save: “Cannot save the Account”. I eventually restarted my iPhone and all was OK. I did send a quick message to Sticky Password support, and they replied just over nine hours later, which is impressive, especially given our time zone differences.

Once you’ve added some passwords, the app will automatically fill in your login details. I like that I had to authenticate using Touch ID before the login screen was auto-filled.

And speaking of Touch ID (and Face ID), you’re able to use these to unlock your vault, though Sticky Password isn’t configured that way by default.

The password generator defaults to complex 20-character passwords and these can be customized on the mobile app.

You can store your personal and financial information in the app, but it doesn’t seem possible to use it to fill in web forms and make online payments on iOS.

You can also store secure memos for your reference. You’re unable to attach or store files in Sticky Password.

Password sharing is managed on the desktop. You can share a password with multiple people, and grant each one different rights. With limited rights, they can log in and no more. With full rights, they have complete control, and even revoke your access!

4. 1Password


1Password is a leading password manager with a loyal following. The codebase was rewritten from scratch a few years ago, so the current version still lacks a few features the app had in the past, including form filling. A unique feature of the app is Travel Mode, which can remove sensitive information from your phone’s vault when entering a new country. Read our full 1Password review here.

1Password works on:

  • Desktop: Windows, Mac, Linux, Chrome OS,
  • Mobile: iOS, Android,
  • Browsers: Chrome, Firefox, Internet Explorer, Safari, Edge.

Once you’ve added some passwords, your login details will be automatically filled in. Unfortunately, while you can require that a password is typed before auto-filling all passwords, you can’t configure this just for sensitive sites.

Like other iOS password apps, you can opt to use Touch ID, Face ID, and Apple Watch as an alternative to typing your password.

Whenever you create a new account, 1Password can generate a strong, unique password for you. By default, it creates a complex 24-character password that’s impossible to hack, but the defaults can be changed.

Password sharing is only available if you subscribe to a family or business plan. To share access to a site with everyone on your family or business plan, just move the item to your Shared vault. To share with certain people but not everyone, create a new vault and manage who has access.

1Password isn’t just for passwords. You can also use it to store private documents and other personal information. These can be stored in different vaults and organized with tags. That way you can keep all of your important, sensitive information in one place.

Finally, 1Password’s Watchtower will warn you when a web service that you use will be hacked, and your password compromised. It lists vulnerabilities, compromised logins, and reused passwords. On iOS, there isn’t a separate page that lists all vulnerabilities. Instead, warnings are displayed when you view each password individually.

5. McAfee True Key


McAfee True Key doesn’t have a lot of features—you can’t use it to share passwords, change passwords with a single click, fill in web forms, store your documents, or audit your passwords. In fact, it doesn’t do as much as LastPass’s free plan.

What are its strengths? It’s inexpensive and does the basics well. It offers a simple web and mobile interface, and unlike most other password managers, it’s not the end of the world if you forget your master password. Read our full True Key review here.

True Key works on:

  • Desktop: Windows, Mac,
  • Mobile: iOS, Android,
  • Browsers: Chrome, Firefox, Edge.

McAfee True Key has excellent multi-factor authentication. Besides protecting your login details with a master password (which McAfee don’t keep a record of), True Key can confirm your identity using a number of other factors before it gives you access:

  • Face recognition,
  • Fingerprint,
  • Second device,
  • Email confirmation,
  • Trusted device,
  • Windows Hello.

On my iPhone, I use two factors to unlock the app: the fact that my iPhone is a trusted device and Touch ID. For extra security, I could add a third factor by tapping Advanced: my master password.

Once you’ve added some passwords (you need to use the desktop app to import passwords from other password managers), True Key will fill in your username and password for you. But instead of using the iOS AutoFill feature, True Key uses the share sheet. You’ll need to add an extension to each web browser you use manually. This is a little less intuitive, but not hard to do.

I can customize each login to require I type my Master Password before logging in. I prefer to do this when logging into my banking. The desktop app’s Instant Log In option isn’t available in the mobile app.

When creating a new login (which is also done via the Share Sheet), True Key can generate a strong password for you.

Finally, you can use the app to store basic notes and financial information securely. But this is just for your own reference—the app won’t fill in forms or help you with online purchases, even on the desktop. To simplify data entry, you can scan your credit card with your iPhone’s camera.

6. Abine Blur


Abine Blur is more than a password manager. It’s a privacy service that can also manage your passwords. It provides ad tracker blocking and masking of your personal information (email addresses, phone numbers, and credit cards), as well as quite basic password features. Due to the nature of its privacy features, it offers the best value to those living in the United States. Read our full Blur review here.

Blur works on:

  • Desktop: Windows, Mac,
  • Mobile: iOS, Android,
  • Browsers: Chrome, Firefox, Internet Explorer, Opera, Safari.

With McAfee True Key (and LastPass on iOS), Blur is one of the only password managers that let you reset your master password if you forget it. It does this by providing a backup passphrase, but make sure you don’t lose that too!

Blur can import your passwords from your web browser or other password managers, but only on the desktop app. On the iPhone you’ll have to enter them manually. Once in the app, they’re stored as one long list—you’re unable to organize them using folders or tags.

From then on, Blur will automatically use iOS’s AutoFill to enter your username and password when logging in. If you have a number of accounts at that site, you can choose the correct one from the list.

However, you can’t customize this behavior by requiring a password be typed when logging in to certain sites.

Like other mobile apps, you can configure Blur to use Touch ID or Face ID when logging into the app instead of your password, or as a second factor.

Blur’s password generator defaults to complex 12-character passwords, and this can be customized.

The Auto-Fill section allows you to enter your personal information, addresses, and credit card details.

This information can be filled in automatically when making purchases and creating new accounts if you use Blur’s built-in browser.

But Blur’s real strength is its privacy features:

  • ad tracker blocking,
  • masked email,
  • masked phone numbers,
  • masked credit cards.

No one likes giving out their real email addresses to web services you don’t trust. Give out a masked address instead. Blur will generate real alternatives, and forward email to your real address temporarily or permanently. You can give a different address to each website, and Blur will keep track of it all for you. It’s an effective way to protect yourself from spam and fraud.

The same goes for phone numbers and credit cards, but these aren’t available to everyone worldwide. Masked credit cards only work in the United States, and masked phone numbers are available in 16 other countries. Check which services are available to you before making a decision—there’s a reason the Australian App Store rating is only 2.2 while the US rating is 4.0.

One More Free Alternative

A free password manager comes installed on every iPhone: Apple’s iCloud Keychain. I’ve been using it for the last five years, and it works well, though it only works with Apple devices and only with Safari, and it lacks many of the functions other password managers offer.


According to Apple, iCloud Keychain stores:

  • internet accounts,
  • passwords,
  • usernames,
  • wifi passwords,
  • credit card numbers,
  • credit card expiration dates,
  • but not the credit card security code,
  • and more.

What does it do well, and what does it lack? To find out, read our detailed article: Is iCloud Keychain Safe to Use as My Primary Password Manager?

What You Need to Know about iOS Password Managers

iOS Now Allows Third-Party Password Managers to AutoFill

For quite some years, Apple’s iCloud Keychain was the best password management experience on iOS. That’s because it’s the only password manager Apple allowed to automatically fill in passwords due to the locked-down nature of the iPhone. But that changed relatively recently with the release of the new iOS.

Most of the password managers in this review take advantage of Password AutoFill. The only exception is McAfee True Key, which continues to use the Share Sheet instead. When you install your password manager, you’ll have to visit Settings / Passwords & Accounts to set up AutoFill.

Here are the instructions you see when you first install LastPass.

You Need to Commit

You’ll experience the real benefit of an iPhone password manager when you begin to trust it, and commit to using the same app on all of your devices. If you continue to try to remember some of your passwords you’re unlikely to change your bad habits. If you still feel like you need to remember your passwords, you’re likely to choose weak ones that are easy to remember. Instead, let your app choose and remember strong passwords so you don’t have to.

So the app you need won’t just work on your iPhone, it also needs to work on every other computer and device you use. You need to know it will work wherever you are every time. You need an app you can rely on.

So the best password manager for your iPhone will also work on Mac and Windows computers, as well as other mobile operating systems. It will also need to offer a full-featured web app in case you need to get to your passwords from a computer you don’t usually use.

The Danger is Real

Passwords are designed to keep people out, but hackers want to get in anyway. You’d be surprised to discover how quickly they can break a weak password. Strong passwords take so long to crack that the hacker won’t live long enough to discover them.

The recommendation of using a unique password for each site is important, and a lesson some celebrities learned the hard way. For example, MySpace was breached in 2013, and hackers were able to access Katy Perry’s Twitter account and send out offensive tweets, and leak an unreleased track. Facebook’s Mark Zuckerberg used the weak password “dadada” for his Twitter and Pinterest accounts. His accounts were compromised, too.

Of all the targets for hackers, password managers are among the most tempting. But the security precautions those companies are using work. Although LastPass, Abine, and others have been breached in the past, hackers were not able to get past the encryption to gain access to users’ passwords.

There’s More than One Way for Someone to Get Your Password

Even if you use a strong password, hackers are determined to gain access to your accounts. Instead of trying to break in by brute force, they use phishing attacks to try to trick you into handing your password over to them voluntarily. Private iPhone photos of celebrities were leaked a few years ago, but not because iCloud was hacked. The celebrities were fooled into giving up their passwords.

The hacker posed as Apple or Google and emailed each celebrity, claiming that their accounts had been hacked. The emails looked genuine, so they handed over their credentials as requested.

Besides being aware of such attacks, you can also protect your accounts by making sure that your password alone isn’t sufficient to log in. 2FA (two-factor authentication) is the safeguard that you need, requiring that a second factor—for example, a code sent to your smartphone—must be entered before access is granted.

Finally, don’t become overconfident. You can use a password manager and still have weak passwords. That’s why it’s important to choose an app that will perform a security audit and recommend password changes. Some apps even monitor the dark web and can warn you if one of your passwords has been compromised and put up for sale.