Are password managers secure?

Man sitting in a coffee shop holding a mug of coffee and looking at his phone.

Password managers offer encrypted solutions for creating and storing strong passwords that help keep your data more secure.

Password management can be tricky. You might resort to using the same password over and over — or tweaking each password just a bit — so you don’t forget your passwords and get locked out of your accounts. You might go for something easy to remember. But that also makes it easier for cyberthieves to figure out.

Each password for every service should be unique, complex, and long. While there are potential drawbacks to any software, password managers offer encrypted solutions for creating and storing strong passwords that should help keep your data more secure.

What is a password manager?

A password manager, also called a password vault, is a software application that stores and organizes your usernames and passwords. Some password managers even have the capability to generate complex passwords unique to each of your online accounts. A password manager also provides strong encryption. All you need to do is remember one vault password to unlock them all.

Password managers offer a variety of services that may include:

  • Auto-filled information on forms
  • Two-factor authentication or multi-factor authentication
  •  Fingerprint and facial recognition
  •  Syncing across multiple devices
  •  Site and password breach alerts
  •  Family-sharing
  •  Automatically changing weak passwords
  • Encrypted file storage vaults for your financial and other sensitive data
  •  Industry-standard encryption
  • 24/7 customer service

While some password managers sync across your devices (which is super important if you’re trying to login from both your phone and your PC), others don’t--or it’s an added fee. Others are built into your web browsers, such as Chrome, Safari, Firefox, and Edge. Still others store your passwords locally in a file on your Mac or PC or mobile device, whether Android or Apple iOS.

Are password managers secure?

You might worry about trusting a program or app with your vault password and other private information. Can't app makers be hacked, too?

The quick answer is “yes.” Password managers can be hacked. But while cybercriminals may get "in" it doesn't mean they will get your vault password or other information. The information in your password manager is encrypted. And deciphering that encryption, which is usually industry-standard encryption like Advanced Encryption Standard (AES), is almost impossible.

Much of the security of your password manager depends on the strength and safety of your vault password. And for many password management systems, that vault password is not stored by the password manager or the company that owns it. This adds an additional layer of security.

Password manager pros

Password managers are very popular right now—and for good reason. Here are a few great things about them.

Pro: Ease of use

Most password managers are easy to use. They save you time because you no longer have to remember all of the passwords you need. You’ll only need to remember one vault password that will unlock all of your passwords.

Another benefit? You’ll no longer be locked out of your accounts because you couldn’t remember one of your many passwords.

A password manager’s browser extension or mobile app can also automatically fill in your user information.

Pro: Strong, random password creation

Password managers generate, store, and keep track of a unique and different password for each of your online accounts. The passwords are often random sets of at least 12 characters that include numbers, uppercase and lowercase letters, and symbols.

If the password management system you select includes a password generator, it can help create logins that probably mean nothing to you, and that’s good. Cybercriminals would be unable to figure them out based on any information they have about you.

Pro: Strong encryption

Password managers provide strong encryption, which serves as a strong defense against cybercriminals. Many password managers are protected by strong encryption like AES, the industry-standard protection the U.S. government uses to protect its sensitive data.

Pro: Family sharing

Some password managers enable secure sharing of passwords with family members, which can be a bonus for helping to keep your family’s data safe and secure.

Password manager cons

Like most security solutions, there are potential drawbacks to password managers, depending on the software. Here are some cons:

Con: Password manager breach

Another potential negative aspect of a password manager is if the password manager itself is breached. However, even if a breach occurs, the data in your password manager should be encrypted and stored elsewhere, and good password managers do not retain your vault password.

Con: Forgetting your vault password

What happens if you forget your vault password? Most password managers will lock you out of your vault. That means you’ll have to fill in the passwords you can remember, at least until you can back in again.

Con: Setup

One thing you will have to do when initially setting up your password manager is to remember and enter your current usernames and passwords for every site and account. (Although some password managers—including Norton’s—will ask to store your password the first time you log in to a site after you’ve installed their software.) After you’ve entered each username and password, your password manager will then remember that login information for you going forward.

Con: Cost

While some password managers have free versions, they’re usually pretty bare bones. For those that cost more, you're often paying for ease-of-use, breach alerts, priority customer service, automatic changing of old passwords, cool interfaces, and ease of syncing across multiple devices.

Does Norton offer a password manager?

If you're looking at different password managers, you might consider Norton Password Manager to help you create, store, and manage all your complex passwords, as well as credit card details and other sensitive data.

Norton stores all of this information in your own encrypted, cloud-based vault that only you can access. Whether it’s filling in forms or syncing devices, Norton offers easy-to-use solutions for making password management safer and more secure. It was also recently upgraded to focus on more intuitive design, improved vault security, and vault access recovery, which helps you recover your vault password if you’ve forgotten it.

In today's digital age, safeguarding our personal and financial information is of paramount importance. The complexity of managing numerous passwords for different accounts can be overwhelming, but the “solutions” most of us have actually put us at a higher risk of attack. So while vigilance and prudence are essential, embracing tools like password managers can significantly elevate our digital security, making our online experiences more seamless and secure.

Clare Stouffer
  • Clare Stouffer
  • Gen employee
Clare Stouffer, a Gen employee, is a writer and editor for the company’s blogs. She covers various topics in cybersecurity.

Editorial note: Our articles provide educational information for you. Our offerings may not cover or protect against every type of crime, fraud, or threat we write about. Our goal is to increase awareness about Cyber Safety. Please review complete Terms during enrollment or setup. Remember that no one can prevent all identity theft or cybercrime, and that LifeLock does not monitor all transactions at all businesses. The Norton and LifeLock brands are part of Gen Digital Inc. 


    Want more?

    Follow us for all the latest news, tips and updates.