How many passwords do you need to type each day? How do you manage them? Keep them short and memorable? Use the same password for every website? Keep a list in your drawer?
None of those strategies are safe.
Google Password Manager can help. It saves your passwords and fills them in for you. It works from the Chrome web browser on desktop and mobile and is the default password manager on Android. It’s designed to strengthen your password security and make your passwords available on all your computers and gadgets.
Is it worth using? CNET thought so and suggested your 2020 New Year’s resolution should be: “Protect your credentials with the Google Chrome password manager.”
Your Google browser will securely store your long, complex website passwords and login details. (CNET)
A lot of people use Chrome. If you’re one of them, Google Password Manager makes a lot of sense. It’s been the world’s most popular web browser for some time, accounting for two-thirds of the browser market share worldwide.
How can Google Password Manager help? Is it safe to entrust all of my passwords to Google like that? Let’s find out.
Why Use Google Password Manager?
Here are a few ways Google Password Manager will help deal with all of your passwords.
1. It Will Remember All Your Passwords
You probably have so many passwords to remember that you may be tempted to use the same one for every web site. That’s terrible practice—if hackers get hold of it, they can log in from anywhere. Google Password Manager will remember them so you don’t have to, making it feasible to use a unique password for every site. More than that, it can sync them to every computer and device you use Chrome on.
2. It Will Automatically Fill In Your Passwords
Now every time you need to log in, Google Password Manager types your username and password. You just need to click “Log In.”
By default, it does this automatically. If you prefer, you can configure the app to ask for confirmation every time.
3. It Will Automatically Generate Complex Passwords
When you need to create a new membership, Google Password Manager suggests a complex, unique password. If one isn’t filled in automatically, right-click on the password field and select “Suggest Password…”
A 15-character password will be suggested. It will include upper and lower-case letters, numbers, and other characters.
Generated passwords are strong but not configurable. Many other password managers allow you to choose how long the password is, and the types of characters that are included.
4. It Will Automatically Fill In Web Forms
Google offers to store more than just passwords. It can also store other private information and use it to aid you when filling in web forms. That information includes:
- payment methods
- addresses and more
You can store addresses that will be used when filling in shipping or billing information, for example.
And you can have the details of credit cards on hand that will be automatically filled in when online shopping.
Is Google Password Manager Safe?
Google Password Manager sounds useful, but is it safe? Isn’t it like putting all your eggs in one basket? If a hacker gained access, they’d get them all. Fortunately, Google takes significant security precautions.
It Encrypts Your Passwords
First of all, it encrypts your passwords so that others can’t read them without knowing yours. Google uses your operating system’s password vault to do so:
- Mac: Keychain
- Windows: Windows Data Protection API
- Linux: Wallet on KDE, Gnome Keyring on Gnome
By default, your passwords will only be stored on your computer. If you sync your passwords across devices, they are stored on the cloud in your Google account.
Here, Google offers the option of using a passphrase to encrypt it so that not even Google has access to them. I highly recommend taking this option. Every time you log in from a new device, you’ll need to enter the passphrase.
It Will Warn You of Problem Passwords
Often security issues aren’t the fault of the software, but the user. They may have chosen a password that’s easy to guess or use the same password on more than one site. Other times, the security threat is due to the third-party site being hacked. Your password may be compromised, and you should change it immediately.
Google will check for problems like this with its Password Checkup feature.
My test account contains 31 passwords. Google identified several problems with them.
One of my passwords belonged to a website that has been hacked. I changed the password.
Other passwords are not strong enough or are used on more than one site. I updated those passwords as well.
10 Alternatives to Google Password Manager
If you’re sold on the benefits of using software to remember your passwords, Google Password Manager isn’t your only option. A range of commercial and open-source alternatives are available which may offer several advantages:
- You’re not locked into using a single web browser
- You can better configure the passwords that are generated
- You have access to more advanced security options
- You can share your passwords with others securely
- You can securely store sensitive documents and other information
Here are ten of the best alternatives:
LastPass has a terrific free plan offering more features than Google Password Manager. It works on all major desktop and mobile platforms and with a wide range of web browsers. The app allows you to share passwords securely and will change them automatically when necessary. Finally, it stores sensitive information and private documents securely. We found it the ultimate free solution in our password manager roundup.
The company also offers a $36/year ($48/year for families) Premium plan with improved security, sharing, and storage options.
Dashlane is a premium password manager and the winner of our Best Password Manager roundup. A personal license costs around $40/year. It offers the same features as LastPass, but extends them and offers a smoother interface. The app is available on most popular platforms, is highly configurable, and is the only password manager to include a basic VPN.
1Password is another popular full-featured app similar to LastPass and Dashlane. It costs $35.88/year ($59.88/year for families). Like Google Password Manager, it asks you to enter a secret key whenever you use it on a new device.
4. Keeper Password Manager
Keeper Password Manager ($29.99/year) starts with a basic, affordable plan costing $29.99/year. You can choose additional functionality by subscribing to optional paid services. These include secure file storage, dark web protection, and secure chat—but the combined price adds up quickly.
Roboform costs $23.88/year and has been around for two decades. The desktop apps feel a little dated, and the web interface is read-only. However, it’s full-featured, and long-term users seem happy with it.
6. McAfee True Key
McAfee True Key is a simpler app with fewer features, aiming at simplicity and ease of use. It implements those basic features well and is relatively inexpensive at $19.99/year. But it won’t share or audit your passwords, fill in web forms, or store documents.
7. Abine Blur
Abine Blur is a privacy and security suite with a password manager, ad blocker, and personal information masking, keeping your real email address, phone number, and credit card numbers private. It costs $39/year, though some features are not available outside of the United States.
KeePass is possibly the most secure password manager in existence today. It’s recommended by several European security agencies and is one of the most thoroughly audited apps on our list. It’s a free, open-source app and stores your passwords locally on your hard drive. However, password sync is not available, and the app is quite dated and difficult to use. We discuss KeePass further here, and also compare it in detail with LastPass.
9. Sticky Password
Sticky Password also gives the option of storing your passwords on your hard drive and can sync them over your local network rather than the cloud. It costs $29.99/year, though a lifetime subscription is available for $199.99.
Bitwarden is another free, open-source password manager. It’s got a great feature set and is much easier to use than KeePass. It allows you to host your own password vault and sync it over the internet using the Docker infrastructure. We compare it in detail with LastPass here.
So What Should You Do?
Google Chrome is a highly popular web browser offering a functional, safe password manager. If you’re a Chrome user and don’t need passwords anywhere else, you should consider using it. It’s convenient and free. If you plan on syncing your passwords between devices, make sure you take advantage of the more secure passphrase option mentioned above.
However, Google Password Manager is by no means the only password manager available. You may want to consider one of the alternatives listed above if you use other web browsers, want something more configurable, or appreciate more security options. Some of the competition offers greater functionality, including the ability to share passwords securely and store sensitive documents.
The best of these are Dashlane, LastPass, and 1Password. Dashlane offers greater polish and a more consistent interface across platforms. LastPass provides many of the same features for free and has the most versatile free plan of any password manager.
So what should you do? The easiest way for Chrome users to get started is to begin using Google Password Manager to save and fill in your passwords. If you’d first like to learn more about the other apps, check out our roundup of the best password managers for Mac (these apps work on Windows, too), iOS, and Android, as well as the individual reviews we linked to above.
Once you make a choice, commit to using it and stop trying to remember your passwords. Make sure you use the app securely. Choose a strong master password or passphrase and take advantage of the available security features. Finally, make sure you create a strong, unique password for every website.