Glossary · Definition
Password managers
A password manager generates and stores unique strong passwords for every account, encrypted with one master password you memorize. Top picks: Bitwarden (free + open-source), 1Password (paid, polished), Apple Keychain (free for Apple users). All use zero-knowledge encryption.
Definition
A password manager generates and stores unique strong passwords for every account, encrypted with one master password you memorize. Top picks: Bitwarden (free + open-source), 1Password (paid, polished), Apple Keychain (free for Apple users). All use zero-knowledge encryption.
What it means
Without a password manager: most people reuse 5-10 passwords across hundreds of accounts. One breach exposes everything. With a password manager: every account gets a unique 20+ character random password; you only memorize one master password. <strong>Architecture</strong>: master password + KDF (Argon2id, scrypt, PBKDF2) → encryption key → encrypts vault. The provider stores only the encrypted vault; they cannot read it. Even if their servers are hacked, attackers get useless ciphertext. <strong>Modern features</strong>: TOTP storage, breach monitoring, secure password sharing for families/teams, hardware key (YubiKey) support, passkey support.
Advertisement
Why it matters
Credential stuffing (using leaked passwords from one site to try other sites) accounts for billions of unauthorized account accesses annually. Have I Been Pwned reports show ~12 billion known breached credentials. Password managers + unique-per-site passwords completely defeats credential stuffing. The cost is one new habit (master-password use). The benefit is multi-orders-of-magnitude security improvement.
Example
Without: same password across email, bank, social media. One leak = total compromise. With: 200 unique 20-char passwords stored in encrypted vault, master password 6-word passphrase. Even if 50 sites are breached, the attacker gets unique passwords useless for other sites.
Related free tools
Frequently asked questions
Bitwarden vs 1Password?
Bitwarden: free unlimited use, open-source, paid version $10/yr for advanced features. 1Password: $3/mo, polished UX, Apple-ecosystem integration. Both are zero-knowledge encrypted; security is comparable. Pick on UX preference and budget.
Is Apple Keychain enough?
For Apple-only users: yes, Keychain is excellent. Cross-device sync via iCloud. For mixed-OS households (some Windows, Android): Bitwarden or 1Password works across all platforms; Keychain has limited non-Apple support.
What if the password manager itself is breached?
Vault data is encrypted with your master password (zero-knowledge). Attacker gets useless ciphertext. The risk is master-password compromise — phishing, keylogger. Mitigate with 2FA on the manager itself + strong (passphrase) master password.
Related terms
- DefinitionPassword entropyPassword entropy measures randomness in bits. Formula: <code>log2(pool_size) × length</code>. 80 bits is the modern minimum for unfeasible brute-forcing; 128+ bits is best practice. Length wins over complexity: 20 lowercase letters (94 bits) beats 10-char symbol soup (66 bits).
- DefinitionPassphrase vs passwordPassphrases (4-7 random words) optimize for memorability. Random-character passwords optimize for entropy density. For master passwords or anything you must memorize: passphrase. For everything else: random characters in a password manager.