I refused to use a password manager for years. Now I swear by them

Sometimes when I sit down to write an article, I feel like Charlie Brown’s teacher. Nobody I know loves to talk about security software. They especially don’t love hearing how it’s good for them. (My small talk game at family gatherings isn’t strong.)

But here’s the thing—I used to be the exact same way about password managers. I went years without one. And honestly, my stubbornness was kind of dumb.

Further reading: Best free password managers 2025: Online security doesn’t have to cost a thing

The evolution toward trusting my passwords to anyone but myself took awhile. At first I kept them all in my head and there were definite repeats among services that I didn’t put value on.

Next I switched to variants on a base password. (Think &ran6889domwalmart.) By today’s standards, not impressive. But it was better than using repeats, and I could at least better guess what the password was. This safety measure was especially helpful since the number of services I used was ever growing.

Then I started separating out more sensitive accounts (e.g., work email) and gave them unique and strong passwords. However, I kept forgetting them.

Eventually, about ten years ago, I started a free account with LastPass—I had started a new job, needed to track a lot more passwords for it alone, and my brain didn’t have the capacity to hold them in addition to my personal ones.

I didn’t like it at first. It slowed the process of logging in—it introduced extra time, since I had to look up the password, then type it in manually. I didn’t trust browser extensions to remain secure (a partially vindicated paranoia when successive LastPass security woes came to light).

Mobile access was a pain too, since I didn’t pay for a subscription that let me use the app.




My life would have been easier with mobile app access, but I started as a cheap (and poor) young editor.Martyn Casserly / Dominick Tomaszewski

But eventually, the years ground on. I got used to relying on the service to generate and remember credentials. Eventually, there came a point where I began to put lesser personal accounts (shopping sites I didn’t use as often) into a separate manager. Over time, the collection grew.

I still keep tabs on more sensitive accounts manually, but with already hundreds of relatively low-stakes entries managed by the password manager, it leaves my increasingly crowded brain free to remember them. (Especially the two most important passwords.)

Passkeys are a boon too, because they’re built to be phishing resistant—and you can still store them in a password manager.

Basically, here are all the reasons I now use a password manager:

It automatically generates and stores strong passwords, which should be unique and complex.

You can automatically enter (populate) a login form with your password through the service, saving you on typing time.

A good service (even free ones) offers storage of unlimited credentials—a boon given how many apps and services require a login.

Passkey storage is an option, which are so much better than passwords. For starters, they’re resilient against phishing attacks.

Each password manager has its pros and cons, as well as its quirks. I wouldn’t say any one is perfect—at least, not for my Goldilocks self. But the reputable services all meet a baseline of expectations.

You don’t have to pay to get a solid service, either. Apple and Google have more basic but very well-integrated password managers for their ecosystems. (The only drawback: Migrating or crossing between platforms is harder, particularly for Apple.) Bitwarden is more bare-bones but platform agnostic.




Bitwarden’s interface isn’t as sleek as some rivals, but you absolutely cannot beat its value.Bitwarden

As you start to pay, you get nicer features, like the ability to share passwords, view them in large, legible letters, or receive alerts if a credential turns up in a data breach.

If by chance you’re now convinced that a password manager is the right way to go (good, you should learn from my life mistakes), but aren’t sure what features to look for, here’s what I suggest:

Password generation 

Passkey storage

Form fill (manual preferred)

Two-factor authentication to secure account

Viewing letters, numbers, and characters in different colors

Secure sharing (unless you are a stalwart island in the sea of humanity)

Additional features that are nice to have (but aren’t deal breakers) would include emergency access for a trusted contact, passwordless login options for your account, and 2FA token storage.

You might have different needs. Try a free service first—I highly recommend Bitwarden, but if you secure Chrome with Windows Hello, it’s not too bad as a more distant runner up. 

The nice part about a password manager is that setup doesn’t actually take much work. Creating an account is fast, as is installing a browser extension and mobile app. As you log into sites, those pieces of software will capture your credentials. You can also begin slowly upgrading your password complexity, starting with the most valuable accounts (financial services, your primary email address, etc, stores you regularly visit), and move outward from there.

Overall, I wish I hadn’t taken well over a decade to consider a password manager. Not all of them are cloud services—different options exist, so I could have cleared room in my memory far sooner for important things. Like where I left my keys, or the fact I meant to buy a Tile tracker for them.