The best-known password managers seem to come from one-product companies, software publishers whose energies are all focused on password management. However, that doesn’t mean other vendors can’t join the party. Kaspersky Password Manager performs all expected password management tasks, but it doesn’t measure up to the best single-focus products feature-wise.
At $14.99 per year, Kaspersky is among the less expensive password managers, especially now that LastPass Premium is going up to $24 per year. LogMeOnce and Dashlane cost $39.99 per year, and Sticky Password goes for $29.99. All of these are list prices, of course, and they’re often discounted.
You can start using Kaspersky Password Manager without paying a thing. With the free edition, you can save 15 passwords and one form-filling identity, but you’ll totally have a chance to take the product for a test drive. Like it? Then simply upgrade to the paid edition.
The installer adds a Kaspersky browser plug-in to Chrome, Firefox, Internet Explorer, and Russia-based Yandex. It also offers to import passwords stored in the browser and turn off password capture (for Chrome, it explains how to turn off password capture manually). New since my last review, you can import browser passwords at any time, not just during installation.
As part of the setup process you’ll create an online Kaspersky account (or log into your existing account) and define a strong master password. As always, the master must be strong enough that nobody could guess it, yet memorable enough that you won’t forget it. Kaspersky rates master password strength as you type, which is helpful.
With the browser plug-ins in place, you interact less with that main window. As expected, Kaspersky captures your credentials when you log in to a secure site. In testing, I found that it handled normal logins just fine but missed some two-page logins and logins with a non-standard layout.
When you return to a site with saved credentials, Kaspersky fills in what it has. If you’ve saved more than one set of credentials, it displays your choices in a menu near the login field.
Click the toolbar button and click All Accounts to get a menu of your saved logins. As with most password managers, choosing one of these both launches the website and logs you in. You can also start typing in the search box to find an item quickly. That’s handy, because while you can assign logins to groups in the main application, those groups don’t become submenus under All Accounts.
When I last reviewed this product, its offered few import options. You could only import passwords stored in browsers, and then only during installation. Now you can import those browser passwords any time, and can also import from 1Password, Dashlane, KeePass, LastPass, and Symantec Norton Identity Safe.
You can also save a local backup copy of your data, as insurance. And you can export a text file containing all of your data, perhaps in order to create a printed copy. Do be sure to store that printed copy in a safe place, and securely delete the text file.
The application’s main window displays a menu of five choices down the left side: Favorites, Web, Applications, Identities, and Notes. You’ll probably spend most of your time on the Web tab, which lists all your saved sites in a narrow column down the middle and displays the selected item’s details at right.
You can only see eight or nine saved sites at a time, so if you’ve saved a lot you’ll want to organize them into groups. Just click the icon to create a group, then drag the matching items into that group. Kaspersky doesn’t support nested groups the way LastPass Premium and Sticky Password do. There’s also a handy search box that narrows the list to show only matching items with each character you type. If you really have a ton of saved logins, you can click a star icon to make your most-used ones show up on the Windows-only Favorites tab.
Getting all your passwords into the password manager is an important step, but if they’re all “password” then you haven’t accomplished a lot. To fully take advantage of a password manager, you must upgrade all those weak and duplicate passwords. Kaspersky now helps with that process, in two ways.
For a security check of your stored passwords, click the menu icon at bottom right and select Show password problems. Doing so adds a sixth item in the left-rail menu titled Password problems. Any duplicates show up in the list, as do passwords with low or average strength. When you select an item from the list, you get a red-circled exclamation-mark icon; clicking it explains just what’s wrong and offers suggestions for correcting the problem.
If the password is weak, Kaspersky advises using the new Password Generator to gin up a strong one. Like Dashlane and Keeper, Kaspersky defaults to creating 12-character passwords. I usually recommend 16 characters or more, since you don’t have to remember the password. You request a password of any length up to 99 characters, but doing so doesn’t change the default. On the plus side, Kaspersky defaults to generating passwords using all four types of characters: uppercase letters, lowercase letters, digits, and symbols.
As for putting the new password into use, Kaspersky totally leaves that task to you. The most help it gives is an option to copy the new password to the clipboard, so you can paste it into the website’s password-change page. For security, it clears that data from the clipboard after a short time.
LastPass, Keeper, and Dashlane, among others, offer a complete, actionable password strength report. They list all your passwords, ordered by strength, with links to go make necessary changes, LastPass and Dashlane take this concept one step farther, with automatic password updating for supported websites; LogMeOnce Password Management Suite Ultimate also automates updating passwords.
Like many password managers, Kaspersky includes the ability to save personal details and payment options and use them to fill Web forms. To get started with this feature, you’ll define an identity and enter the relevant data. Basic data includes full name, phone, email, and preferred Web login, as well as your company name and title. You can expand these items to add more detail, things like gender and age, snail-mail address, IM accounts, and business details.
You can also add one or more credit/debit cards or bank accounts to each identity. In addition to basic information like the card number, CCV, and cardholder name, you can add details like the issuing bank and that bank’s customer service numbers. Remember this information syncs to your mobile device; having your bank’s phone numbers handy while traveling could be a godsend.
When I tested this product two years ago, I just couldn’t make this feature work. I spent hours with tech support, to no avail. Later, I learned from my contact at Kaspersky that indeed, the form filling feature was broken. She assured me that the next update would fix the problem.
This time around, I tried once again to see the form-fill feature in action. As before, I couldn’t make it work. I connected with Kaspersky’s live chat support and asked for an example of a website where this feature does work correctly. I asked again and again, while the agent gave me what I can only describe as the runaround. After an hour of time wasted, the agent admitted he could not supply such an example.
Once again, after a delay, my Kaspersky contact confirmed that despite the passage of two years, this feature still doesn’t work. The tech support agent either did not know that fact, or had instructions not to mention it. Either way, it’s bad.
Application Passwords and Secure Notes
Most password managers stick to handling passwords for your numerous secure websites. Kaspersky, like Sticky Password, LastPass Premium, KeePass, and a few others, can also manage your application passwords. However, Kaspersky doesn’t auto-enter your saved passwords the way KeePass and LastPass do. Rather, you must copy and paste the essential information.
Kaspersky saves non-electronic secrets like padlock combinations and identification numbers in the form of secure notes. You just enter your unformatted information and Kaspersky keeps it safe, with your passwords. The key here is that you can access that secure note from any device. LastPass takes this concept further, with predefined templates for various types of secure notes, among them health insurance data, software licenses, and Wi-Fi passwords.
You can install Kaspersky Password Manager on all your Windows, macOS, Android, and iOS devices, and keep all of them in sync. The Windows and Mac editions are roughly parallel, and the mobile editions come as close as operating system constraints allow.
As with many mobile password managers, Kaspersky’s iOS version opens websites in its own proprietary browser. Apple’s tight control over inter-app communication makes doing otherwise quite difficult. Like LastPass, Dashlane, Keeper, and a few others, Kaspersky now offers TouchID authentication. You use the clipboard to copy/paste application passwords and personal data from saved Identities.
The Android edition is quite similar. It, too, launches sites in its own browser, and handles application passwords and personal data using copy/paste. On selecting an identity, I was pleased to see the credit card data depicted as an actual picture. Dashlane takes this concept further, adding bank logos to a credit card image in a user-specified color.
You can now access your passwords online, within the My Kaspersky portal. To gain access, you need both the My Kaspersky password and the password manager’s master password. You get full access to view and edit your passwords and other data, though of course automated password capture and replay require installation of the actual application. Use caution; you wouldn’t want to log in to your trove of secrets from an unsecure computer.
The password manager defaults to logging you out automatically after 10 minutes on the desktop editions or 1 minute on the mobile editions. Beyond that, you won’t find a lot of advanced features.
Two-factor authentication greatly increases the security of your vitally important password collection. Keeper, LogMeOnce, and Intuitive Password are among those that support authentication via a code sent by text message. LastPass and Dashlane support Google Authenticator for two-factor login. True Key focuses strongly on multi-factor authentication. Kaspersky relies solely on the master password, so be sure it’s very strong.
Dashlane, LastPass, Keeper, and LogMeOnce let you securely share login data with other users. RoboForm 8 Everywhere, Password Boss, and several others deal with the problem of passing on your credentials in the event of your demise. Kaspersky sticks with the basic password management features, making no attempt at password sharing or inheritance.
I’m amazed that Kaspersky Password Manager’s form-filling glitch is still present after two years, and that tech support either doesn’t know about it or won’t talk about it. On the plus side, the product has gained several important features, among them a check for weak passwords, a password generator, and expanded import and export abilities. Even so, I’m guessing that most users of this product get it as part of Kaspersky Total Security, not as a direct purchase.
LastPass Premium offers everything you get from Kaspersky plus a significant dollop of advanced features. Dashlane is feature-rich too, underneath its smooth and simple appearance. For sheer number and variety of features, LogMeOnce Password Management Suite Ultimate beats the crowd. The unusual features of Sticky Password Premium include an option for extra-secure Wi-Fi-only syncing. These four Editors’ Choice password managers do cost more than Kaspersky (except when they’re on sale), but they give you much more as well.