Today, password security is truly compromised. According to the Specops report, 1,089,342,532 passwords were cracked in 2025, which means new, stronger, and more resilient ones must be created against hackers. However, a problem can arise in these situations. Indeed, a long, resistant password with many special characters can be difficult to memorize. To solve this problem while still maintaining secure access, a solution has been imagined: the Password Manager.
I / What is a Password Manager?
According to FranceNum, a password manager is like a digital safe in which you can store all your credentials and passwords. Instead of having to remember dozens of them, there is only one code to memorize: the master password. It allows you to open your safe and serves as the key to protect all your data. The stronger and harder to guess it is, the more secure your safe becomes. The system is designed so that no one else, not even the company providing the manager, can access your information. Your master password is generally not stored by the provider, which prevents an attack on their servers from endangering all users. On the other hand, if you lose it, no one will be able to remind you of it, and you will have to create a new one to regain access. In short, it is a practical and safe tool to avoid juggling dozens of passwords, but the key to everything remains your master password: it must be strong, unique, and well protected.
II / How to choose a Password Manager?
a) Respect for private data.
First of all, when choosing a password manager, you must ensure that the tool fully respects private data, including for the provider. Indeed, when choosing a password manager, it is not enough to look at its technical features such as encryption, synchronization, or compatibility with different devices. The real issue is the trust you place in the company that offers it. Entrusting all your access keys to a third-party service means ensuring its practices regarding privacy. Carefully reading the privacy policy helps you understand how your data is processed and what the company can do with it. This is essential, as a manager holds all your credentials, from the most trivial to the most sensitive. Even if the most well-known solutions offer solid security, no system is completely invulnerable. You must remain vigilant and check that your information is not used to track your habits, feed targeted advertising, or be resold. Finally, the country where the company is based plays an important role: it determines the legal framework that protects your data—or, conversely, exposes it to intrusive laws. In short, choosing a password manager is above all choosing a relationship of trust. (Sources: FranceNum, Clubic)
b) Encryption and database security.
After verifying the reliability of the password manager regarding privacy, you must ensure the security of the tool itself. When using a password manager, it is essential to ensure that data is well protected, both in transit and at rest. Serious services rely on robust encryption algorithms, such as AES or ECC, which guarantee that your information remains unreadable to anyone without the key. Passwords and storage servers must be encrypted to preserve confidentiality. But security does not stop there: the servers themselves must be designed to resist intrusions, including from the company’s internal teams. This is why it is important to favor solutions that offer zero-knowledge guarantees, meaning that even the provider has no way of accessing the content of your digital safe. In summary, strong encryption and the absence of provider access are the two pillars that ensure true protection of your credentials.
c) Which Password Managers can be chosen?
There are several types of password managers. Three main categories can be distinguished (Sources: FranceNum, CIRA):
- Desktop-based managers: directly integrated into your computer or installed on a company’s internal network.
- Cloud-based managers: they use remote storage. Data is not stored in the company’s premises but in the cloud.
- Browser-integrated managers: they do not require downloading but are not recommended for security reasons.
Here are some password managers recommended by www.francenum.gouv.fr:
- KeePass: a secure and free password manager. This open-source software, available in French and certified by ANSSI, allows you to safely store your passwords for use in your applications. KeePass also has a function to generate complex random passwords.
- LockPass: a French password manager, certified by ANSSI, that allows users to manage access to all their applications. The solution stores credentials in a digital safe, accessible via two-factor authentication.