Some of us use the same password for every login. (Very bad idea.) If you are one of these people, you don’t require a password manager. (Unless, of course, you need a password manager to remember all your usernames. Would it then be considered a username manager? o_O) However, many of us don’t use the same password for all logins. While we may not necessarily have a different password for every login, we do use multiple different passwords for our logins and need help remembering them. (There is no shame in needing assistance to remember login information.) This is why God created password managers.
Take note while the norm for password managers in Windows is to be highly integrated with the Internet browser (i.e. how Roboform shows a popup window whenever you load a login page), password managers are more simplistic on Android: They typically aren’t integrated with the Internet browser, but rather they serve as a visual reference which you can look at before you go to login. In other words, with password managers on Android you look at the login information, store it in your short-term memory, and login before you forget the login information. Android password managers don’t perform “automated logins” – they don’t enter the username/password for you into websites. (Most of them don’t right now, anyway; Android password management may evolve in the future to include automated logins.)
Table of Contents
App Name: KeePassDroid
Developer: Brian Pellin
Download Size: 943 KB
Version Reviewed: v1.9.2
Requires: Android 1.5 and up
- Allows users to easily create and easily access login data.
- All login data are stored in an encrypted and password protected database.
- Allows users to easily copy username and/or password to clipboard for easy pasting when logging in.
- Hides passwords behind astricks, giving users the option to temporarily show passwords if they want to see them.
- Has the ability to automatically logout of KeePassDroid after inactivity.
- Has the ability to automatically clear clipboard after a username or password has been copied.
- Supports the use of keyfiles, for enhanced security.
- Allows users to have multiple different databases.
- Can be installed in/moved to the SD card.
- Does not have the option to have a KeePassDroid icon in the notification bar for app quick access.
KeePass is a free, open source (and highly popular) password manager for Windows, Linux, and Mac. KeePassDroid is the Android version of KeePass. As such, it includes all the excellence and security of KeePass… in ‘droid form.
In terms of storing passwords, KeePassDroid provides the same basic password management functionality as all other password managers for Android. What makes KeePassDroid more attractive than the competition is its combination of simplicity and security:
- KeePassDroid is very simple to operate and easy to use. There are only two things users have to worry about in regards to password management: Groups and entries. Groups are simply a way to organize login entries; you can think of them as folders. By default KeePassDroid comes with “eMail” and “Internet” groups, but you can add more if you feel the need or even delete “eMail” and “Internet” if you feel inclined to do so. Entries are what store login data. An entry is comprised of entry name, entry icon, login URL, login username, login password, and comments. All entry data is optional except for the entry name: You can pick and chose which fields to fill in and which fields not to fill in.
- Accessing login information is as easy as selecting the group the entry is located in and tapping on the login entry you desire. When you click on the login entry, two things happen. Firstly, you are shown the information associated with that login entry. For security purposes, the password is masked with astricks but you can manually temporarily show it by pressing the menu key and tapping “Show password”. Secondly, KeePassDroid adds two items to your notification bar: Copy password to clipboard and Copy username to clipboard. These notification bar entries allow you to easily copy the username and/or password to Android clipboard so you can paste it in wherever you are logging in.
- KeePassDroid encrypts its databases using Rijndael AES. For those that don’t know, this is a very secure algorithm.
- In addition to requiring a master password to access databases, KeePassDroid supports the use of keyfiles for additional authentication security. (Keyfiles, however, are optional – you don’t have to use them if you don’t want to.)
- For all login entries, KeePassDroid masks passwords with astricks. This prevents wondering eyes from seeing your passwords. You do, of course, have the ability to temporarily show passwords (Menu key -> Show password) or turn off the masking totally (from the settings).
- KeePassDroid has the ability to automatically logout of the database after 30 seconds, 1 minute, or 5 minutes of inactivity. (You select whether you want 30 seconds, 1 minute, or 5 minutes. You also have the ability to disable this option.)
- KeePassDroid has the ability to automatically clear Android clipboard 30 seconds, 1 minute, or 5 minutes after a username or password has been copied. (You select whether you want 30 seconds, 1 minute, or 5 minutes. You also have the ability to disable this option.)
- KeePassDroid does not have internet access privileges. This means piece of mind for users; without internet access privileges there is no way passwords are being shipped off to some server in the middle of not here.
That said, I would like to point out three things:
- If you use a clipboard manager, every time you copy a username and/or password from KeePassDroid, the clipboard manager will record it. KeePassDroid is able to clear Android’s clipboard but it cannot clear a clipboard manager. Your usernames and/or passwords will be recorded in the clipboard manager. Be aware of this fact.
- KeePassDroid uses .KDB databases. Since KeePass also uses .KDB databases, that means you can import/export data from your Windows (or Linux or Mac) to/from your Android phone. (However, take note KeePassDroid does not use .KDBX databases. It can read, but not write, .KDBX databases.) You can use an app like Dropbox to sync the databases across all your devices and machines.
- KeePassDroid does not have the native ability to import passwords from other password managers (such as Roboform passwords). However, as I just mentioned KeePassDroid can import/export .KDB databases from the desktop version of KeePass. The desktop version of KeePass has extensive support for importing passwords from other password managers. If you use a password manager on your desktop other than KeePass, you can download KeePass, import the passwords from the other manager into a .KDB database using KeePass, then export the .KDB database onto your Android phone so KeePassDroid can use it. In about 10-15 minutes you can have the passwords stored on your desktop onto your phone.
Lastly, there is one issue I have with KeePassDroid. In my opinion, it is reasonable that a user may heavily use KeePassDroid. It gets very annoying to have to navigate to KeePassDroid on the homescreen (or in the app tray) whenever you want to access it. I would like KeePassDroid to have the option of placing an icon in the notification bar which would allow users to access KeePassDroid with the tap of a button.
To conclude, sure KeePassDroid may not have a very fancy interface, but the combination of simplicity and security and interconnectedness with the desktop version of KeePass puts KeePassDroid at the top of my list as the best free password manager for Android.
App Name: Pocket
Developer: Tim Clark
Download Size: 1.3 MB
Version Reviewed: v2.5
Requires: Android 1.6 and up
Like KeePassDroid, Pocket allows users to save login (username, password, and notes) information. However, in addition to that, Pocket provides users with the ability to save many other types of information such as bank account details, credit card information, insurance information, and a lot more other categories. Pocket also has built-in support for Dropbox sync, whereas you must manually do it with KeePassDroid. Supporting more types of information, however, makes Pocket a bit more cluttered and “harder” to use than KeePassDroid. I put harder in quotes because Pocket really isn’t that hard to use.
In regards to login information, like KeePassDroid, Pocket masks passwords and allows users to copy usernames and/or password. (Uou must tap the username/password in Pocket to copy it; there are no shortcuts put in the notification bar.) Pocket also has the ability to automatically logout after X time of inactivity.
In my opinion, the biggest attraction of Pocket over KeePassDroid (aside from the obvious fact that Pocket supports more types of information) is Pocket’s interface. Pocket’s interface is very well designed, as opposed to KeePassDroid which is basically just black. On the other hand, however, Pocket shows ads so it requires internet access privileges. (You can purchase Pocket Pro about $2.20 USD to get rid of the ads.) According to the developer, Pocket uses AES encryption and SHA hashing to protect you, so there shouldn’t be anything to worry about regarding internet access. However, for the truly paranoid (like myself) internet access in a password storage app is a deal-breaker.
Overall, I feel the final decider between KeePassDroid and Pocket will come down to simplicity vs features. If you are looking for a simple, secure password manager KeePassDroid is the way to go. If you are looking for a password manager with other functionality, Pocket is superior.
If you do end up going with Pocket, let me give you a heads up about something so you are aware. When trying to access Pocket, you are asked to enter the master password. At that same screen there is a question mark button in the top right corner. When the question mark button is tapped, it tells users a password is required to login and shows a “Forgot” button for users that forgot their password. This “Forgot” button does not remind you of the master password. Rather, it gives you the option to completely delete the whole database and start from scratch. Anyone can access this and erase the database. If you piss someone off and they know about Pocket, they can get back at you by wiping your whole database via the method I just described. I highly suggest you consider using an application locker on Pocket to avoid being ****ed by someone.
App Name: B-Folders
Developer: JointLogic Ltd.
Download Size: 327 KB
Version Reviewed: v2.9.2
Requires: Android 1.6 and up
Like Pocket, B-Folders manages users’ login information and then some. However, in regards to password management B-Folders is not as good as KeePassDroid; in regards to support for other types of information, Pocket has B-Folders beat. Plus out of all three apps, B-Folders probably has the most confusing interface. (Although, it isn’t that bad either.) However, what makes B-Folders a competitior is its native sync feature.
B-Folders has the ability to sync your data with other B-Folder apps on your desktop, laptop, smartphone, and/or tablet. It should be noted, though, while B-Folders is free on Android (smartphone and tablets), it costs $29.95 USD on desktops/laptops.
- Password Safe Pro
- Password Keepox Free
- OI Safe
- Password Safe Lite
- Keeper Password & Data Vault
- Pass Safe Free
- Password Manager Free
- Universal Password Manager