If you’re not paying for it, then you’re the product.
Or, at least, that is what they say.
It’s this slogan that makes people question free password managers. It’s a fair criticism, but it’s missing many contexts that matter.
So let’s answer the question, are free password managers safe?
Why Do We Have Free Password Managers?
The way many businesses make more money is through advertising and it can come in many forms, some not so obvious.
One way to advertise is to give something away for free. It’s easier to upsell someone already using your product and free products spread faster and often cheaper than running normal ad campaigns.
Thus, we have free password manager accounts.
Free Accounts Are All About Advertising
When you look at password managers, you’ll notice that many have a free version and a paid version.
The paid version will always have more features than the free version.
How do you get people to pay for the paid version? Simple, by giving them a free version.
The main goal of a free password manager plan is to act as advertising; it’s to get the user “in the door.” Once you’ve used the product and gotten used to the free option, you’re more likely to stay and even upgrade.
Not only that, but you’re more likely to recommend it to others. And these other people can be businesses or people who work for those businesses.
The free versions of a password manager are merely the cost to advertise for these companies. The more people they can get to use their free products, the more customers they get who need the paid or business plans. And it’s those business plans that are the real money maker.
Business Plans Are Were The Real Money Is At
When it comes to password manager companies, they want business customers.
Business customers spend more and rarely switch due to the headache of moving all their many employees. The bigger the business they attract, the more they spend, and the more likely they’ll stay.
There is no better salesman for a password manager than a guy who’s been using it for his personal life and knows it inside and out. When it’s time for a password manager solution for the business, he will recommend what he knows, and if the password manager company can get him hooked from the start with a free account, then it is worth the cost.
It’s just that giving away free personal accounts leads them to more business customers. It’s the cost of doing business for some password managers.
They Only Care About The Business Customers?
If all the money is in the business customers, does that mean they only care about them?
Let’s be clear, the real money for password managers is getting the business customers. The individual free and premium accounts don’t hold a candle to the money business accounts generate.
But… the business accounts are built on free and premium accounts.
We’ve seen many password managers do their free customers wrong in the past, and it never works out well for them. The problem with pissing free customers off is that there is more of them, and bad news travels fast.
You must not forget the business users are normal users at home. If the password manager they use for work sucks for personal use, it could be the domino that starts the trend for the business itself to ultimately switch. After all, the free accounts are the advertising to get you in the door, and someone unhappy with the current product at home is looking for new doors.
The money is in the business accounts, but some password manager companies need to keep the other plans happy to keep from losing their bread and butter. It’s hard to gain new users, but easy to lose them.
The Outliers
There do exist password managers like KeePass that are entirely free.
There is no premium or extra charge; everything is free.
Oddly enough, KeePass and its many variations may even be the most secure password manager you can get, even though it’s completely free.
KeePass is an application that is open-sourced. Like many open-source projects, it’s free to use, even if it’s for business.
The great thing about open source projects is that anyone can see the code and offer to make changes to better the projects.
There are open-source projects that make money; Bitwarden is one example. While Bitwarden is open-sourced it does generate income with its plans and makes it sustainable. KeePass is not like Bitwarden as it doesn’t have plans or set out to make money.
Why Is KeePass A Thing?
KeePass or KeePassXC don’t have a system to generate money.
The reason KeePass can keep going is selfless and selfish at the same time. The people who code for KeePass or KeePassXC also use the software. So it’s in their best interest to make it the best it can be.
They also can’t be dishonest as anyone can view the code since it’s open-source.
Since anyone can view the code, anyone who uses the app can also write code to improve it and better their own needs too.
Since the coders need a password manager, and they trust one they help make more, and others can help to better it and confirm the code is secure, you get a self-filling application that doesn’t need money.
KeePass – It’s Like A Private Road
KeePass is like having a shared private road to your home.
You and many others need to use that road. The state won’t maintain it, so it’s up to you and your neighbors to keep it going. Tearing up the road won’t help you, and doing something to hurt your neighbor’s section won’t help either, as you both need that road. So when you can, you chip in to better or improve the road.
For software like KeePass, it’s the private road, and your neighbors are the other people who use it; when you have thousands if not millions of people using it, you’ll get many willing to better the “road” as it also benefits them.
If someone damages the road or decides to put a private investigator at the end of the road, you can “fork” the road to go a different direction. Since it’s open to the public, we can all see the changes being made, and if we don’t like it, we can change where the road goes or better it for our own needs.
Throw a few hundred people willing to better it in their free time you get something that is not only the best of the best but free too.
Can You Trust Password Managers?
You can trust the top-recommended password managers, here is a list of the ones that I consider acceptable.
- Bitwarden
- KeePassXC
- 1Password
- KeePass
- Enpass
- SafeInCloud
- RoboForm
- Keeper
I find the people who generally ask if a password manager is safe to use are new to them. It’s hard to convince them as most don’t understand the encryption and security that goes into them.
But I have one tool that convinces most people because it’s so simple.
You pepper your important passwords.
Even if someone got in your password manager, they would not know the full password. Life is too hard not to be using a password manager these days, and peppering gets people over their fears.