Should you use your browser's password manager or a dedicated app?

Martin Brinkmann
Mar 28, 2023
Updated • Mar 28, 2023
Security
|
18

Password managers are one of the most important security tools for computer users. They store passwords securely and help with the generation of strong and unique passwords.

Computer users have two main options when it comes to password managers: use a browser-based solution or a dedicated program or application.

To better understand how these differ, it is important to look at the functionality that they provide. Browser-based password managers, like Google Chrome's password manager, work inside the browser. They are comfortable to use, as they are integrated natively, and the developer of the browser is already trusted, otherwise the browser would not be used.

The main downsides of using a browser-based password manager is that it is tied to that browser. It can't auto-fill passwords in other programs, e.g. a VPN desktop program or Spotify app, and also can't help users directly when it comes to the generation of passwords.

Password manager programs and apps  work system-wide, when they are available for the platform. Some come with browser extensions for better integration in certain web browsers. Another advantage of them is that they, usually, offer more features, some of the advanced. To name just a few common ones: storing the password history, recovery options, password sharing, multi-factor authentication, advanced import and export options, or the storing of file attachments, e.g., screenshots. Some of the password managers are open source.

These dedicated password managers may have a few downsides, depending on which is selected. Many require a subscription for advanced functionality, and they may not be as easy to set up, as multiple apps, programs or browser extensions may need to be installed.

5 Reasons why dedicated Password Managers are superior

Using a browser's password manager is better than not using one, but it is usually not as good as using a dedicated password manager. Applications like Bitwarden, 1Password or KeePass offer many advantages.

Reason 1: Support 

A browser's password manager works in that browser and in all instances of the browser on other devices. It does not work outside the scope of the browser, which means that users need to use manual actions, such as the copying of passwords, to enter them in programs outside of the browser's interface.

Users who work with different browsers will notice that it is difficult to keep the data in sync. Browser's don't support syncing stored passwords to web browsers created by other companies, and manual imports and exports are not really a solution for that issue.

Dedicated password managers support all major platforms, and they often come with browser extensions to add improved support for popular web browsers.

Reason 2: Security

keepass security

Password managers need to be have the best security, as they unlock access to a user's entire digital life if breached. All password managers use encryption to store and sync data, but that is where feature sets divert.

Browser password managers may be accessed immediately if the system is up on Linux. On Windows and Mac, the operating system's PIN or other forms of authentication are required before all passwords may be accessed (on first access only).

Dedicated password managers require the master password, and they usually come with features to lock access after a set period. Additionally, users may add more security to most apps, including two-factor authentication or security key support.

Some password managers may support multiple accounts, to further protect different databases.

Reason 3: More than just password storage

bitwarden secure notes

The password manager in browsers supports the storing of passwords, but that is often the entire scope of the feature. While some browsers may support form filling and the saving of card information, it may not be tied to the password manager.

Dedicated password managers may support a whole range of items that they may store securely next to passwords. This may include the storing of file attachments and notes, and these items do get synced across all devices.

Notes may be useful to add security questions, software license codes, and other information associated with a particular account.

Reason 4: Better management options

Browsers save passwords to a single list, but they lack management options. Users can't create folders to sort passwords into groups, and there are not any options to make a login work on different services.

In Bitwarden, for example, users may add multiple URIs to a single password identity. A single account, for instance an Amazon account, could be configured to work on all of Amazon's website.

1Password supports tags that users may assign to identities for better search functionality.

Reason 5: Extra features make a difference

Dedicated password managers support a wide range of features. KeePass, for example, supports plugins, which users may install optionally to add more functionality.

Some applications may support account recovery options using different methods, the sharing of passwords with trusted users, a password history to look up previous passwords, or improved search capabilities.

Closing Words

Dedicated password managers are the better fit, most of the time. While there may be some edge cases, they do offer better security options, system-wide support, and advanced features. Still, using a browser's built-in password manager is better than not using one, in most cases.

Now You: built-in browser password manager or dedicated app, which do you prefer?

Summary
Should you use your browser's password manager or a dedicated app?
Article Name
Should you use your browser's password manager or a dedicated app?
Description
Is a dedicated password manager or a browser's built-in password manager the best option for computer users?
Author
Publisher
Ghacks Technology News
Logo
Advertisement

Previous Post: «
Next Post: «

Comments

  1. me said on March 29, 2023 at 10:22 am
    Reply

    Dedicated app, end of story.

  2. boris said on March 29, 2023 at 12:51 am
    Reply

    Despite everything LastPass is still my password manager. To be more safe I just deleted credit card information and phone number.

  3. Anonymous said on March 28, 2023 at 10:59 pm
    Reply

    KeePass or PasswordSafe is all I need.

  4. Nero said on March 28, 2023 at 5:36 pm
    Reply

    App password manager vs browser based? both hosted in the Cloud so no difference.

  5. NoPanic said on March 28, 2023 at 4:51 pm
    Reply

    @Gregor Chant
    You can save your time and stress by scrolling down the page and click on Martin Brinkmann name, save to bookmark, say thank you. No problem have, good day.

    1. Gregor Chant said on March 28, 2023 at 5:53 pm
      Reply

      Nah, I’d rather not. I’ve been on ghacks a few years and it’s a recent thing to see a flurry of mainstream news articles here. I mean, why? They shouldn’t be on this site at all imo. However, some will agree and some will disagree about that. Meh. I’ll just continue scanning the article headers and picking mostly Martin’s.

  6. Gregor Chant said on March 28, 2023 at 3:56 pm
    Reply

    I like paid Roboform, which I use for form-fill (which I do a lot of) and password manager. I wouldn’t even bother with a browser password manager.
    Thankfully Martin still puts out his own good articles like this…I was losing heart and getting tired of reading about all the ‘next asteroid to hit the earth’ etc-type articles, which are basically like mainstream news, from a bunch of other contributors…and have nothing to do with computer stuff!

  7. Tom Hawack said on March 28, 2023 at 3:55 pm
    Reply

    After passwords vs. passkeys,
    [https://www.ghacks.net/2023/03/27/passwords-vs-passwordless-a-debate-on-online-security/],
    browser’s password manager vs. a dedicated app.

    Master-words : credentials, passwords, authentication, key, padlock, privacy, intrusion and so on …

    Well, given our world, mankind are what they are, let’s carry on.

    Dedicated app as far as I’m concerned, no browser password manager at least not Firefox’s, no idea about other browsers.
    Dedicated app it is. Online or offline? I have one, offline, which doesn’t communicate with whatever other app be it a browser, and one online : Bitwarden.

    I’m aware of privacy and security imperatives but as the web is moving on precautions are bound to be greater than those of “normal” life, exception done of countries who legalize letal weapons of course : at least no risk of ending in a grave in the world of the Wild Wild Web.

  8. TelV said on March 28, 2023 at 3:49 pm
    Reply

    @ Martin,

    Grammatical error in the third paragraph with the sentence beginning, “The main downsides of using a browser-based password manager is that it is tight to that browser.”

    “tight” should be “tied” (past tense of the word “tie” as in “to tie your shoelaces”). ;)

    1. Martin Brinkmann said on March 28, 2023 at 4:19 pm
      Reply

      Thank you ;)

    2. Tom Hawack said on March 28, 2023 at 4:13 pm
      Reply

      Not to mistake with tight ties :=)

  9. Brandon said on March 28, 2023 at 2:01 pm
    Reply

    I use Mozilla Lockwise. I have tried paid apps, but they don’t work as well.

    1. Tim Cooper said on March 31, 2023 at 1:06 pm
      Reply

      There is no better solution than KeePass format ftm, Keeweb on desktop and KeeMobile on my phone.

    2. RogerW. said on March 28, 2023 at 2:38 pm
      Reply

      Lets go Brandon.

  10. Tony said on March 28, 2023 at 1:54 pm
    Reply

    KeePassXC FTW.

    1. Norio said on March 29, 2023 at 1:18 am
      Reply

      I concur! KeePassXC is far superior to KeePass, in security (it was not susceptible to CVE-2023-24055), performance, and appearance.

  11. aaa said on March 28, 2023 at 12:15 pm
    Reply

    A piece of paper or your memory.

    1. ECJ said on March 28, 2023 at 2:16 pm
      Reply

      Memory is not a good solution because in order for a human to remember say 50-100 passwords in their memory, it will mean either using weak passwords, or using some type of “system” to remember them. Whatever convoluted human-created “system” people can come up with, it’s still going to be a pattern. Therefore, both the weak passwords and the “system” will almost certainly crumble with an attacker being able to plough through passwords at a rate of billions of guesses per second.

      A piece of paper is actually not bad, however it’s not practical for a lot of people. For example, that piece of paper may be fairly safe in your own home, however when you need to travel outside of the home, then that would mean carrying around a piece of paper will all your passwords.

      Also, both human memory and a piece of paper are vulnerable to being phished. As is most 2FA.

      Offline password managers are susceptible things like keyloggers and memory attacks – or in the case of Keepass, just use a trigger and older version of Keepass to export the passwords to a plain text file using the built-in export feature…

      Online password managers inject JavaScript into every webpage you visit, which leaves them open to attacks, I.E. https://lock.cmpxchg8b.com/passmgrs.html

      So, unfortunately there is no good solution when it comes to passwords and never will be. Password managers are perhaps the least bad option we have right now. Realistically, the only way forward is replacing passwords with FIDO passkeys, however it’s going to take a while to gain mass adoption.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.