Already using a password manager? Smart move—you've increased your security by not relying on written reminders, spreadsheets, or other insecure forms of tracking passwords. Don't stop there, though. To fully benefit from the magic of a password manager, you should be using as many of its features as possible. When you do, strong, random passwords become an even more seamless part of your daily routine.
To help you get to that place, we've made a list of 10 features you should give a go (or at the very least, be aware of) in a free or paid password manager. Perhaps they're not right for you at the moment, but as life changes, they could preempt a minor headache.
These tips are easiest to implement with a cloud-based service (which is virtually every major service these days), so most people can start using them straight away. For local-storage-only password managers like KeePass, you can typically work out similar solutions with a little extra elbow grease (e.g., installing plugins, manual syncing across devices, etc).
Use the password generator
Still trying to come up with your own passwords, and then transferring them to your password manager after? Save yourself the hassle and use your service's password generator. It'll create far more secure passwords that are truly random, and you can easily adjust the settings so they match the website's password requirements.
To make this process absolutely seamless, use your password manager's browser extension. (Spoiler: This is our next tip.) It'll not only handle the password generation, but also save it to your account.
Install the browser extension and mobile app
Installing the browser extension for your password manager in Chrome or Firefox dramatically increases ease of use.
After signing up for an online password manager, some folks continue to only log in via a browser to retrieve their login info. A faster way to manage your passwords is to install your service's browser extension, which you can use to automatically fill in your user id and password.
Likewise, installing your service's mobile app on your phone means that you can quickly and securely use your login information while on the go. It also has an added benefit—for sensitive apps (banking, Zelle, etc.) that can't be locked down with a PIN or biometric authentication, it's little hassle to stay logged out until you need them again.
For password managers that store your login information only on your computer, rather than in the cloud, you usually can create this experience yourself. For example, KeePass's plugins include browser extensions that pull info from a KeePass database. KeePass also has mobile app ports, so if you sync copies of your password database across devices, you can still maintain a local-storage-only experience.
Make free with password sharing
Sharing your Netflix password with your household members in a spreadsheet might be easy, but it's not secure. A better idea is to share the info through your password manager.
This particular feature is generally available for both free and paid accounts, but paid users typically get more flexible sharing capabilities. One notable exception is the free version of Bitwarden—sharing isn't available on the standard free personal account. You must create a different type of account in order to share passwords between two people for free.
Turn on two-factor authentication
An authenticator app is the easiest way to setup 2FA for your password manager account.
Because a password manager centralizes all of your login information, it's smart to protect your account as much as possible. Setting up two-factor authentication in addition to having a strong password provides far more security—if anyone cracks your password, they still must input a second set of information that only you have in order to gain access.
Even for free accounts, major password managers universally support the easiest form of 2FA—authenticator apps that generate a one-time use, temporary numeric code that you'll input after successfully entering your password. You can use options like Authy or Google Authenticator for mobile, and something like WinAuth if you don't have a smartphone. Paid users can take advantage of more advanced forms of 2FA like YubiKeys, which are USB security keys that you have to plug into a computer (or hold against your smartphone, if your version has NFC). It's a good idea to set up more than one version of 2FA to give yourself options in case you lose one.
Run a password audit
Having a password manager is half the battle of securing your login info, but the other half is choosing strong passwords. The good news is that managing password health (as some services call it) is much easier with a password manager. Most have a feature that not only verifies your passwords' strength, but also checks to make sure they haven't turned up in a data breach. If you find any website logins that need updating, changing them should be a snap, especially if you've got your password manager's browser extension installed.
Change your passwords automatically
So you ran a password audit (see above), and now you've got some passwords to replace. With some password managers like LastPass and Dashlane, this chore can be dealt with very quickly, thanks to automated password changes. The amount of time-savings varies depending on your service, as the feature only works with supported websites—typically very popular ones—but it's still a huge boon when trying to quickly address your weakest spots.
Sign up for alerts
Other password managers may not have 1Password's whimisical vibe in their security alerts, but they still get the job done.
Data breaches are an unfortunately common occurrence these days. Many password managers offer monitoring for any of your data spotted in a breach or on the dark web, though some only send out email alerts to paid users. If you're already shelling out for a subscription, make sure you're signed up to get these notifications—they help you act quickly if your information gets compromised and you need to change your password.
Set up emergency access
Not all password managers offer this option, but for the ones that do, this feature is very handy. Life sometimes happens—setting up an emergency contact allows them to access your account on your behalf (or your estate's). The details vary between each service, so be sure to read up on how it works. For example, Bitwarden allows you to grant either viewing or full takeover permissions to a contact, while LastPass makes a one-time copy of your entire vault and saves it to a folder in the emergency contact's account.
Add other often-used sensitive info
Store your credit card info in your password manager to lower your financial risk online.
CardMapr / Unsplash
Lots of people allow their credit card information to be stored on individual websites. Improve your security by instead loading that information into your password manager, so that only one source has that financial data. It reduces the chances of having to request a new credit card number after the next breach of an online store or service.
Paid users can often take advantage of file storage as well, in order to upload copies of important documents—like travel docs or a photo of your COVID vaccination card. You may have different preferred methods to store these kinds of files, but for some people, this can be extremely convenient as part of an overall strategy related to travel or granting emergency access to a trusted contact.
Take advantage of unique features
A few password managers have novel features that you can't find anywhere else—for example, 1Password offers a Travel mode that allows you to hide specific groups of passwords. The idea is that if you're traveling, you can keep sensitive information private if forced to unlock your phone and hand it over to authorities.
Not every service has a standout feature in this vein, but you'll only know that if you dig into the details of your plan. Don't miss out on something useful, especially if you're paying for it already!