A strong, unique password for every account is a must in the age of constant data breaches, but remembering all your login credentials is borderline impossible without help from a password manager. A good password manager stores your credentials and helps you improve security by generating new, random passwords, all protected by a strong master password. At PCMag, we test each password manager's functionality, ease of use, and extra features while examining the data collection terms outlined in the privacy policy and noting company transparency following security incidents. Read on for more about our testing process.

Our Testing Criteria

At the heart of every review is the question, "Does it work as advertised?" The reviews in the best password manager category strive to answer that question while addressing a few common concerns people have when adopting a password manager or switching to a new one. 

When we evaluate a password manager app, we test it to ensure it can capture and replay credentials, store sensitive data in an encrypted vault, fill in web forms, and create new, unique passwords. In addition to the functionality tests, we examine the following:

• The product’s multi-factor authentication options.

• The company's default password generation policy.

• The company's data security policies and white papers.

• The company's public response to past security incidents.

• The app's price compared with similar products in the category.

• The app's additional features and aesthetics.

• The company's customer support options.

In short, if a password manager captures and manages credentials but doesn't do much to protect your data or fails to alert you when your data is at risk in a breach, it won't warrant a recommendation from PCMag. 

Holding Companies Accountable

As reviewers, we must consider more than software performance when testing products. We also need to consider user privacy and safety. 

Data breaches occur daily, meaning millions of people are at risk for an account takeover or identity theft if they still use their old, guessable passwords. As we saw with LastPass in 2022, password management companies are significant targets for malicious hackers. Password management companies must prioritize user safety by adopting zero-trust policies and having plans to alert users when a data breach occurs and tell them how to protect their accounts.

It's our job at PCMag to hold companies accountable for safeguarding users' privacy and online security. That's why we don't rely solely on objective measurements when calculating scores for our software reviews. Instead, we combine subjective elements, such as comments about the app’s aesthetic features and our informed opinions about data collection practices, with objective commentary regarding the app’s functionality to give readers a more accurate review on which to base buying decisions.

You may not always agree with our scores or opinions about password management products, and that's OK. We want you to form your own opinions about the products we review, and we strive to provide plenty of information about the user experience to facilitate that.

Analyzing Pricing and Plans

When comparing prices among password managers, we state the price for the version we test. Many password management services offer a discount to new users or discounted long-term rates, but PCMag strives to report the base-level price for each service. We encourage you to take advantage of free trials to find out if you need a premium password manager or if a free one will suffice. 

Highlighting Security Features

As long as a password manager securely stores your data, fills in your stored data all around the web, and creates complex, long, and unique passwords for your new and updated vault entries, it's a working password manager. Some password management companies now offer additional features to differentiate themselves in a crowded market and justify higher prices for premium subscriptions. 

In PCMag's best password manager reviews, we focus on security-related features that enhance the product. Some features have a clear value for many readers, and we note them in each review and reward companies that offer innovative and practical solutions to their users.

Perks such as file storage, password inheritance options, and secure credential sharing are welcome inclusions at all levels of password management. Premium features we like to see are password hygiene tools, data breach monitoring, email masking, or VPN access.

Documenting the User Experience

Many resist password manager adoption because they don't want to learn how to use another app. In every review, we highlight the ease of adoption and how easy it is to switch between password management products. Password managers should be designed to be used by people with all levels of technical expertise, so we prefer products that require minimal setup or include optional tutorials.

We also want to see attractive user interfaces on password management applications. User vaults containing endless file trees or outdated designs are harder to navigate quickly. Password managers don't need to appear slick and futuristic, but the user interface should make it easy to operate the app. 

Examining Password Generator Protocol

Every password manager we test includes a random password generator. At PCMag, we recommend readers set random password generators to create passwords that are at least 20 characters and contain a mix of lowercase and uppercase letters, digits, and special characters. 

Many of the password managers we test create weaker passwords by default. Since you don't have to remember each complex password generated, you should change the password generator's settings to include the above-mentioned parameters. 

Perusing Privacy Policies

When we review password managers, we read their privacy policies too. We want to know what kind of data the company gathers about its customers and what it does with that data. We also want to know how the company responds to requests for user data from governments and law enforcement entities.  

Any company can lie to the public in its privacy policy document, though the consequences of being caught in a lie would be dire. We ask companies about app privacy policies and publish the responses in our reviews.

Noting Customer Support Options

Over the years, we've received a lot of helpful feedback from readers about what kinds of testing they're looking for when it comes to making buying decisions. Customer service and customer support are areas where some companies shine and others flounder. In our password manager reviews, we note whether a company provides assistance via a chatbot, email, live human assistance, or phone.

What happens when you want to switch to a new password manager? What if you don't pay your subscription fee? In our newest reviews, we walk you through the account deletion and, in some cases, the subscription cancellation process and describe how easy or difficult we find the process.

Evolving Password Manager Testing

We want our reviews to be helpful to as many people as possible, so we don't include a lot of technical jargon. We also don't ask companies to share internal details about their applications that competitors or criminals could misuse. We aim to help you make the best buying decisions without confusing you.

We will continue to adapt our testing to the changing industry landscape. Remember that widespread passkey adoption may soon make password managers a product of the past. Read this article to learn how to use passkeys and get rid of your passwords.