48

Windows Phone App Roundup: Password Managers

WP Central's App Roundup: Password Managers

Windows Phone Central's Roundup of Password Managers

Passwords, Usernames, Account Numbers, PIN Numbers... we all have them and it can be challenging keeping track of them all and keeping that information secure. Enter our Windows Phone where apps are readily available to help us remember, manage, secure and generate passwords for all our accounts, websites, and what nots.

We recently took a look at SplashID, a password manager from the Windows Mobile days that was recently transitioned to Windows Phone. It's a decent password manager and we were curious what else was out there. Based on your comments from the SplashID review and looking at several password apps on the Marketplace ourselves, a roundup was born.

We've gathered six password managers from the Windows Phone Marketplace that could be worthy alternatives to SplashID. As with any roundup, if a title doesn't make the short list it isn't a reflection of that app. We just have so much time in the day and space in the column. If we've missed your personal favorite, chime in down below in the comments.

Sky Wallet

Sky Wallet (free trial/$3.99): As the title suggests, Sky Wallet is a mobile wallet that holds all your banking, password, and other account information. It also is tightly integrated with your SkyDrive account for synchronizing a backup file for all your data. A backup file that can be used to sync with a desktop companion app as well.  You'll need to purchase the full version of Sky Wallet where you can request the download link for the desktop client and validation code.

Along with templates covering websites, bank accounts, email accounts, WiFi network info, and more. In addition you can create your own templates, customizing the existing templates and delete the ones you don't particularly care for. There's even an embedded password generator to help you come up with a secure password should you need it.

Data is encrypted using AES 256bit encryption and the app itself is protected by a master password. There is a free trial available for Sky Wallet so you can try things out before you buy. The full version, which will also give you access to the desktop component, is currently running $3.99.

You can find Sky Wallet here at the Windows Phone Marketplace.

Handy Safe

Handy Safe (14 day trial/$1.99): Handy Safe utilizes 448 bit Blowfish data encryption to insure data safety for all your confidential information. Handy Safe has over thirty templates for passwords, credit cards, bank accounts, websites, and more.

Handy Safe, as with other password managers, is password protected.  The layout is more in folder format with your root directory having your main folders for business, personal and sample files or cards. From there you can create sub-folders and cards for all your personal information. Cards can be built off the templates, customized or create one from scratch. The app contains more than sixty five icons for quick reference.

Database fields can be active (e.g. URLs treated as hyperlinks, phone numbers as speed dials, etc) and there is a desktop component to sync your data with.

There is a fourteen day trial version for Handy Safe to let you try things out before buying. The full version of Handy Safe will run you $1.99 and you can grab it all here at the Windows Phone Marketplace.

PasswordCryptMango

PasswordCryptMango ($.99): PasswordCryptMango may be the most basic password manager in the roundup but that shouldn't imply that it's not worth a try. Where the other members of the roundup cover a wide range of confidential information, PasswordCryptMango deals with user identifications and passwords for websites.

You simply enter the website name, your User ID, and password then tap save and a data card is generated. If you need help coming up with a password, there is a password generator available.

While PasswordCryptMango doesn't have as many bells and whistle as the other members of the roundup, if all you need is an app to keep track of all your website credentials it's not too terribly bad a choice. PasswordCryptMango is password protected but lacks a search function which may make finding things a little cumbersome and the absence of a desktop component keeps entry limited to the Windows Phone keyboard.

There isn't a trial version for PasswordCryptMango but you can try PasswordCrypt (freebie found here) to get a feel for things. The full version of PasswordCryptMango is currently running $.99 and you can find it here at the Windows Phone Marketplace.

7Pass

7Pass (free version/$.99): 7Pass is an unofficial client for the popular online password manager KeePass. With that being said, KeePass has a decent desktop component to allow you access to your protected data.  7Pass would be the mobile client to pull everything to your Windows Phone.

7Pass allows you to create databases that can be synced with Dropbox, Skydrive, WebDav, or Web Server accounts. There is a Demo Database installed to give the feel for things. You can set a password for the app itself, with each database being password protected as well.

Each database on 7Pass can be set up to meet your needs and follows a folder layout. Folders or groups can be generated to sort similar items together (e.g. email accounts, bank accounts, internet, etc). Entry fields are limited to the title, user name, password and URL. There is a free form section in each entry for notes (here's where you could add account numbers). The Entry style can not be modified but there is a free form text area for notes. You also can add text fields from the three-dot menu but they are viewed on a separate screen than the main entry screen.

One nice feature on 7Pass is the password generator. Not only can you set the parameters for the password but it generates a grouping of passwords so you can select the one that stands outs.

7Pass is a decent option to consider but some may find the navigation a little cumbersome. There are two versions of 7Pass available on the Marketplace. You have 7Pass Free and a paid version, 7Pass, that is currently running $.99.

LastPass

LastPass (free fourteen day trial/$12 for annual service): LastPass is developed by the same group who brought us XMarks, a fantastic browser bookmark manager. Like XMarks, LastPass is a very impressive application that not only covers your Windows Phone but also has a desktop application and desktop browser integration. In many ways, LastPass is the complete package for password management.

As far as the Windows Phone angle is concerned, the app itself is password protected and allows you to have access to all your confidential information LastPass protects. The app itself is password protected and you can create entries from within the app. The app has a built in browser with the ability to key in your passwords as needed. The desktop application goes a bit further with automatic form filling, one click log in, and synchronization across multiple browsers.

LastPass comes across as a desktop solution with a mobile client where other apps are mobile solutions with desktop components. Can't say that one is better than the other but if you're looking for a password manager that has more reach, LastPass is worth a look.

The app itself is free with a fourteen day trial period. From there it will cost you $12 annually for the LastPass service. There is a free version of the LastPass service available but it lacks the mobile support for your Windows Phone. You can find the LastPass app here at the Windows Phone Marketplace and you can find the LastPass desktop app here at the LastPass website.

Cryp2Pass

Cryp2Pass (free trial/$2.99): Let's get the technical lingo out of the way for Cryp2Pass first. The app uses AES256 for saving your data and SHA256 algorithms to generate passwords. In practice, Cryp2Pass manages your passwords for accounts in a nice, dare I say Metro, layout.

Cryp2Pass, the app, is password protected and has pages for favorite accounts, all entries, account listings, and menu) options. There are ten predefined templates with the capability of editing them as well as creating your own templates. Each entry contains two pages of data. A General Page has your title, group listing, description, and username. Then you have the Fields Page where you can add more specific information such as passwords, account numbers, URL, network details, etc. The templates will have predefined fields that will populate this page or you can add custom fields to your liking.

You can generate passwords for each entry and set a date to generate a new password. If you have an account that requires you to change your password every 90 days or so, this is a nice tool to keep you up to date.

While there may not be a desktop component to Cryp2Pass, you can back up your data to your computer (Cryp2Pass desktop utility required). Cryp2Pass lacks cloud storage compatibility, which might be not appeal to everyone. This feature is reportedly in the works so we'll keep our fingers crossed it appears in an update in the near future. Nonetheless, Cryp2Pass comes across as a nicely laid out, quality app for your Windows Phone.

There is a trial version for Cryp2Pass with the full version running $2.99. You can grab Cryp2Pass here at the Windows Phone Marketplace.

WP Central'a Password Manager Roundup

Asides from these apps, another solution to password management is creating an Excel document that covers all your passwords, usernames, PIN numbers, account numbers and other confidential information. Store the document on your Skydrive account and it can be accessed through your Windows Phone Skydrive app.

But if you're looking for a more secure method of managing your passwords, accounts and other confidential items any of these apps might be what you're looking for. It's just finding which one fits your needs the best.

Feel free to sound off in the comments as to which password manager is your favorite or if we missed one.

-
loading...
-
loading...
-
loading...
-
loading...

Reader comments

Windows Phone App Roundup: Password Managers

48 Comments

No, they really aren't you ignorant twit. They are bound to keep you safer than you re-using the same half a dozen passwords on every website. The good managers can even have you set-up multifactor authentication. I have a Yubi-key tied to my Lastpass account while restricting mobile access to just my single Focus Flash.

I don't usually waste time on posts I view as ignorant, but this one struck me as particularly deserving of comment. I'm an IT guy professionally, and I wish more people used a service like LastPass (the one I use and recommend) or an alternative rather than using the same lame password (pet name, spouse/kid names, sports team, etc).

Solidstate89 and GoodThings2Life are absolutely right.  You're less likely to have your accounts hacked if you use a password manager.  I too wish everyone would use some sort of password manager.  I've been using LastPass for the past two years and it just keeps getting better.  I'll never, ever go back to not using a password manager.  LastPass is excellent as it has options to restrict the country from where login attempts to your account can originate, and it also allows you to restrict mobile logins to only certain devices.  It's really, really good.  I have converted my entire family to LastPass and in the end they've all thanked me as it's made their lives easier.

I'm not a troll.. Just look back at the last few years of security breaches and then tell me why I should trust apps to be more secure.. Wake up

You may not be a troll, but you are certainly ignorant on how some of these apps work.  Take the time to read about how LastPass works and you'll see clearly why you can trust it.  That's what I did before I signed up for LastPass.  I was terribly ignorant on password managers.

If you are the average web user, you probably have dozens of username/password credential sets for all the sites you visit around the web.
If you make them all the same (or similar), then your most important logins are only as secure as the websites with the weakest security...ie, your email or bank password could be stored in plaintext on a forum that you visit. That is why breaches to sites like the recent attack to linkedin is such a big deal.
Option two is to use relatively weak passwords that change on a site-by-site basis, ones that you can remember. If they are easy to remember, they are likely easily obtained by a brute force attack.
Option three is to actually use strong secure passwords, that are long (at least 12 characters with today's brute force computer speeds...8 characters won't do), have a mix of upper case, lower case, numbers and symbols. Now the problem with passwords like that is that they cannot be remembered. If you are not using a secure password vault, then you are still storing the passwords somewhere. You are writing them down in a notebook you keep by your computer, have a slip of paper in your wallet, or trust your passwords to an Excel spreadsheet. None of those options offer much security.
Take a good look at the security model by a company like Lastpass (a company recommended by several in this thread, and the password vault that I use), and you will see a company that is dedicated to security from the ground up. They use a model for security that means that no one can get your password, not even a Lastpass employee with access to their database. A company that can put their security model in writing on their website  ( http://lastpass.com/whylastpass_technology.php ) and not get attacked by security researchers is a company that is using cryptographically secure methods.

I have tried most of these and keep going back to "All My Passwords" which I think is a better app.  I just wish for things like bank accounts... most of today's online banking is userid, password and PIN.  A PIN is not just for ATM these days.

Aaaaaa, bad bad design in some apps.
Sky Wallet looks like android app. I didn't buy Windows Phone with beautiful design to install android like ugly cr*p on that.
And Handy Safe: I almost threw up when I've seen screenshots of that ugly hideous awful something.
Other apps look solid.

I think sky wallet looks the LEAST like an android app out of all of these. I use it, maybe they should have included the list view of your apps instead of where you input your user info. It doesn't use icons like most of the other apps. It uses tiles. IMO.

You need to get your eyes checked. Sky Wallet has a fantastic UI that follows the Metro design very well. Screenshots do not do it justice.

My mother (I kid you not!) wrote a nice app for storing any text (or photo) data securely - it is called Secret Keeper and can store passwords as well. All data is encrypted of course, and she spent a lot of time ensuring that it will be as secure as possible.

I'm a long-time LastPass user after originally seeing it suggested by Paul Thurrott. I'm a huge fan of the service now, and I honestly don't think I could function without it.

You missed another Wallet app that I have used for many years - SafeWallet. Becuase I use Windows, Mac, Android, BlackBerry and Windows Phone I needed an app that went across all of them and that is why I choose SafeWallet.

The 1Password app is so broken on Windows Phone, I recommend no one even bother using it. In fact, I think I'll be switching to LastPass today.

I use eWallet Go! It's a solid piece of software, but indeed, it doesn't get updated much...or at all. I wish they would implement auto syncing with Skydrive. It uses Dropbox, but I prefer Skydrive... Still a simple but very useful app imo.

I use KeePass on the desktop and 7Pass on the phone, great combination as you can access the same DB. The setup could be easier as the DB name needs to be modified for Skydrive access but the functionality is fantastic.
 

"creating an Excel document that covers all your passwords, usernames, PIN numbers, account numbers and other confidential information."
You can't be serious. Or is this a joke?
Why would I upload an unencrypted Excel file anywhere or worse have it on my computer?
This kind of data MUST be encrypted BEFORE you store it somewhere!
 

When I was first on iPhone I used an app called "iAccounts". It is reasonably priced and includes a free direct sync-to-desktop back-up client. It does not use the Cloud service for back ups. I still use the app since I use the iPhone as an iPod now anyway. When I made the smart switch to Windows Phone (Lumia 800) I first grabbed the WP app equivalents I relied on on iOS. Unfortunately iAccounts isn't made for WP.
After browsing the Windows Marketplace and much googling, Sky Wallet is the one I decided on for an password account manager. However, I hardly use it since I'm still on the fence about how secure it is to keep sensitive info such as credit cards and e-store/e-game logins backed up solely relying on SkyDrive as the link between WP and the desktop backup software.
This WP Central roundup comes in handy since it introduces apps I have not heard of before. Maybe I'm being too paranoid with Sky Wallet & SkyDrive but perhaps I'll give LastPass and Cryp2Pass a try.

LastPass may have been hacked last year.  But even if they were I won't lose sleep over my encrypted vault being downloaded by a hacker.  It's encrypted and he doesn't have the key, nor does LastPass have the key.

I use LastPass, and I think the above article is a perfect example of a company doing security properly. First, their technology is such that even if they were subject to a compete database security breach, the bad guys aren't going to get anybody's passwords.
Second, they didn't try to sweep the problem under the carpet, they announced it to the public. Customers can then decide whether to change their passwords, change their LastPass master password, whatever.

"Possibly" being the key word. Nothing has ever been posted about it. If someone did actually get access, nothing ever came of it.

I'm currently using password jinni, so far I'm pretty happy with my choice. The ability to backup to SkyDrive is one of the main reason I decided to stick with it, UI is pretty nice as well.

I'm surprised nobody mentioned e-Wallet to Go. Its a great password manager with apps available on all the major phone OS', PC and Mac, and includes syncing across all the devices you use.

No they thought that *something* might have happened had and rather than cover it, they immediately alerted users - as other people pointed out, that meant at best someone could have got an encryptioned vault - which is useless to them, even more useless for those of who use two-factor via either google authitication or yubikey (I use a yubikey) because even with the password, they don't have the physical key needed to unlock the vault.

I wish Microsoft's wallet for WP8 had included this option i.e. Accounts and passwords and had integration with internet explorer both on WP8 and Windows 8. I'd ask for Firefox integration but that would be too much for now :)

The best manager I have found so far is Passwords created by Thomas Gerber. Simple, extremely user friendly and quick and so in line with the great Metro design. I wished the guys from SplashData could team up with Thomas to create the best of 2 worlds: the design and efficiency from Thomas and the Security accreditation from SplashID. While I prefer Passwords, I have been using SplashID for the last 10 years and knowing my data is safe, is still more important than aesthetics. Why are these reviews not more focussed on the security aspect of these apps, rather than features?

Was hoping RoboForm would show up for windows phone, complete with form filler and password generator. Love automatically logging logging into web sites! I've used the desktop version for years, and love it. For my phone I use sky wallet for now, until I find one I like.

Shameless plug here. We created entryvault a couple of months ago. So far our downloads have been dismal and we'd really like some feedback. It's free, it's got skydrive support and we believe it is the most secure app out there.

thesteef,
I installed the entryvault and it was a disaster. It left me with the strangest feeling of being violated that I have felt since the last computer virus I encountered more than 10 years ago.
If you want entryvault to be a serious contender you need to go back to the drawing board and put a lot of work into it.
I did review the app, giving it one star and would have given zero if possible.

Hi Laurence,
first of all my apologies for the late reply. I didn't get a notification someone had replied. Luckily one of our users alerted me to your review.
I'm sorry to hear you had such a bad experience. From what I can gather, your phone crashed when first trying our app. This is the first time since we've had the app out in the wild that we've heard of this. Without getting too technical, I have to say that with how the phone operating system is built it would be very difficult for an app to actually crash the phone. I'm sure if we really tried we could do it eventually, but doing this on accident seems highly unlikely.
As for your other two points we're trying to reproduce. We have no way of contacting you so I guess we'll just have to try ourselves. Sadly so far no luck. Again this is not something we've encountered before. Which is not to say it didn't happen, just that reproducing is always the first step in fixing a bug.
FInally I'd like to note that you seem very angry about this situation. Although please keep in mind that we're doing this as a hobby. We're trying to create the most secure password manager out there (and believe we have done so) with a well functioning user interface. Hopefully other people will also like it and actually use it.
Again my apologies for wasting your time, hopefully you will give us a chance in the future, and thanks for your feedback.
 

My problem with these apps is that I don't know who these devs are or how these apps use the data connection. There's nothing stopping them from sending the data you enter to their server along with being encrypted in the 'official' app. This should be built in to the phone, I trust Microsoft.

Overall, this review/"roundup" is extremely disappointing and the apps I've had time to try are equally disappointing.
Some of the comments were insightful and intriguing, sending me off to try LastPass, which I would not have done based on the review. However, LastPass is nowhere near the complete information vault I am looking for. It appears to be only aimed at securing website passwords, preferably generated randomly by the app, along with other form information for websites. That doesn't do me any good for the plethora of bank account, frequent flyer, store rewards cards and other notes I'd like to keep secure.
Overall, there is much to be desired in the field of password and other private information protection apps.
I really would like to see wpcentral do a much better job of rounding up any and all serious contenders and putting them into clear perspective. And it would be helpful to name all the non-contenders along with a brief explanation of their faults in order to save people the effort of trying obviously flawed products.

I have used Roboform for years on PCs / laptops and I love it. When they did not do an app for WP7 I tried various other password apps and selected LastPass for a fuller trial, but I hated it - maybe I did not try hard enough but I could not get it to pop up like Roboform whenever I was on a page that required a login - all I could do was use it as a spearate web page to go to for looking up a password - but then I had to copy the password and return to the login page I was trying to use. So basically it was no more than a safe cloud storage system - totally inadequate compared with Roboform. Did I misunderstand? I still have not found an app that will do all Roboform does on my PC but I will have to look again within the next month or two as I move to a WP8 phone and a Win 8 tablet. Any suggestions?

 
To cross your fingers did help to add a cloud backup to your Skydrive to Cryp2pass and the price is dropped to $2.49 .
I did read that some people are afraid that their data could become transmitted to the developer of a WP password manager. I can understand that some people mistrust small developers without a big company behind them and it is a good mistrust but without any reason because Microsoft does check every app in a very hard certification process. I'm quite sure that a password manager which does transmit any data to the developer or someone else will become rejected and won't find it's way to the wp marketplace.
Best regards,
Holger (Developer of Cryp2pass and Birthday Hub)

Try Keyfob, a cross-platform cloud-based password manager for Windows Phone and Windows PC. The Windows Phone app is well-designed and solid. It lets you create custom fields for each password, so you can store any type of data, including security questions, PIN numbers, product keys, etc. It includes a random password generator that is powerful and easy to use. The Windows desktop app integrates with your web browser and has password auto-fill functionality. If you are away from your computer or phone, you can also log into Keyfob through the web interface at keyfobapp.com. Keyfob is free to use for the first 25 passwords.

Currently i use lastpass but i think i'll switch to a not cloud based solution. Probably to Cryp2pass or 7Pass. 7Pass the open source advantage but i prefer the design of Cryp2pass. I'm not sure yet.