Password Managers: LastPass vs 1Password vs Bitwarden vs KeePassXC

In a recent post, I talked about the need to replace passwords with more secure forms of authentication. While the industry is taking steps in this direction, a truly passwordless future is several years away. In the meanwhile, good password hygiene is of utmost importance to reduce our exposure and resulting data loss.

While there are different streams of thought on password hygiene, I believe that the best password is one you don't know have to remember. Barring a handful of passwords (social accounts used for recovery, critical financial institutions, device passwords and, of course, the master password used to unlock the database), you should consider a password manager for everything else. Are you a techno-enthusiast, early adopter who loves to sign up for new services? You most definitely should use one. Modern password managers are generally secure, easy to use, sync across devices; overall, a much better bet than remembering passwords.

The table below explores standalone personal solutions only, and excludes native options offered by OS/browser vendors e.g. Apple iCloud Keychain or Google Password Manager. It also ignores Enterprise or Business features and pricing plans, as well as dedicated corporate solutions like Hashicorp Vault. Granted, this list does not cover all the password managers out there, but it would be my short list of options if I were searching for one today.

One other thing - support for hardware security keys was high on my list, so I've only included options that support security keys e.g. Yubikey (USB-A/NFC, USB-C/NFC or USB-C/Lightning).

ⓒ alphasec	LastPass	1Password	Bitwarden	KeePassXC
Strong encryption	AES-256 E2EE	AES-256 E2EE	AES-256 E2EE	AES-256 / Twofish
Open source	No	No	Yes	Yes
Supported desktop OS	Windows, macOS, Linux	Windows, macOS, Linux, ChromeOS	Windows, macOS, Linux	Windows, macOS, Linux
Supported mobile OS	iOS, Android	iOS, Android	iOS, Android	No
Supported web browsers	Chrome, Firefox, Opera, Safari, Edge	Chrome, Firefox, Brave, Safari, Edge	Chrome, Firefox, Brave, Safari, Edge, Opera, Vivaldi, Tor	Chrome, Firefox, Brave, Chromium, Edge, Vivaldi, Tor
Two-factor authentication	Yes	Yes	Yes	Yes
- Hardware security key	Yes	Yes	Yes	Yes
- Biometric login (mobile)	Yes	Yes	Yes	NA
Secure password generation	Yes	Yes	Yes	Yes
Secure password sharing	Yes	Yes	Yes	No
Sync between devices	Yes	Yes	Yes	No
Password autofill	Yes	Yes	Yes	Yes
Password health dashboard (weak/reused/old)	Yes	Yes	Yes	Yes
Password leak detection	Yes (Enzoic)	Yes (HIBP)	Yes (HIBP)	Yes (HIBP)
Digital records wallet	Yes	Yes	Yes	Yes
Import passwords from	Browsers, password managers, CSV	Browsers, password managers, CSV	Browsers, password managers, CSV, more	1Password, CSV
Export passwords to	CSV, XML	CSV, 1PUX	CSV, JSON	CSV
Emergency access/recovery	Yes	Yes	Yes	NA
Pricing (individual plan)	$36/year	$36/year	$10/year	Free
Free plan	Yes	No / 14-day free trial	Yes	Yes

So, what's the verdict? Clearly, each option has strengths and weaknesses, and your decision will boil down to your use cases, pricing or must-have features. LastPass is very easy to use and has a generous free tier, but has been plagued by security issues recently. 1Password is quite popular among security enthusiasts, but does not offer a free tier. Bitwarden is open-source and offers a free as well as an affordable premium tier. Finally, if you do not want to sync passwords over the internet and prefer a local database, KeePassXC offers a good open-source option.