Your browser, your iPhone, or a password manager — which should you trust with your passwords?

security
Written By jonathan hanna

Every time you log into something, something offers to remember your password. Your browser. Your phone. Your laptop. A dedicated app. Here's what the difference actually is — and which one is right for you.

Every time you create a new account or log into something, a prompt appears. "Would you like to save this password?" Your browser asks. Your phone asks. Your laptop asks. Maybe a dedicated app asks too.

Most people click yes and move on. Which is fine — until you're on a different device, something stops working, or someone gets into your accounts and you can't figure out how.

So let's look at what your options actually are, what they do differently, and which one makes the most sense for you — whether you're on a phone, a laptop, or both.

First — why this matters more than most people realise.

Most people use the same password — or a small variation of it — across most of their accounts. It's understandable. Nobody can remember thirty different passwords.

But here's the problem. When a website gets hacked — and websites get hacked regularly — attackers get a list of email addresses and passwords. They then try those same combinations on every other major site. Your email. Your bank. Your Amazon account.

This is called credential stuffing. It's automated, extremely common, and it works precisely because people reuse passwords.

The single most effective thing you can do to protect your online accounts is use a different password for every single one. A password manager makes that actually possible.

That's the whole point of a password manager. Not just convenience — security.

Option one — saving passwords in your browser.

When Chrome, Firefox, Edge, or Safari offers to save your password, it stores it in the browser itself. Quick, easy, and how a lot of people manage passwords without really thinking about it.

The problem is that browser-saved passwords are the weakest option available to you.

  • They're tied to that browser. Passwords saved in Chrome don't reliably appear in Safari. Switch browsers, or use different ones on different devices, and your passwords don't follow you.
  • They're a target for malware. Certain types of malicious software are specifically designed to extract passwords stored in browsers. It's one of the first things attackers look for.
  • Anyone who uses your computer can potentially see them. Browser-saved passwords often require no additional authentication to view.
  • No security checks. Your browser won't reliably tell you which passwords have appeared in a data breach or which ones are dangerously weak.

If you're relying entirely on your browser — it's worth moving to something better.

Option two — Apple's Passwords app.

If you use an iPhone, iPad, or Mac, you have a dedicated Passwords app already built in. On iPhone and iPad it's on your home screen — look for the key icon. On a Mac running macOS Sequoia or later, you'll find it in your Applications folder.

This replaced the old iCloud Keychain system, which used to be buried inside Settings. Apple took everything that was already being saved quietly in the background and gave it a proper home. If you've been using Apple devices for a while, all your saved passwords are already in there — nothing to set up.

What the Passwords app does well:

  • Completely free and already on every Apple device — iPhone, iPad, MacBook, iMac
  • All your existing saved passwords are already there automatically
  • Generates strong, unique passwords when you create new accounts
  • Fills passwords in automatically — Face ID or Touch ID on iPhone and iPad, your login on Mac
  • Alerts you if any of your passwords have appeared in a known data breach
  • Flags weak or reused passwords so you know which ones to change
  • Stores two-factor authentication codes, Wi-Fi passwords, and passkeys all in one place
  • Lets you share passwords securely with family members using shared groups
  • Syncs automatically across all your Apple devices — change something on your iPhone and it updates on your Mac instantly
  • Everything is end-to-end encrypted — Apple cannot see your passwords

Where it falls short:

  • Only works well if you stay within Apple devices. Use a Windows laptop or an Android phone and it becomes awkward quickly.
  • Doesn't store things like card details, passport numbers, or secure documents — for that you'd need a third-party app.
  • If your Apple ID is ever compromised, your passwords are at risk alongside everything else in your Apple account.

For most people who use Apple devices — an iPhone, a MacBook, an iPad — the Passwords app is genuinely good. It costs nothing, it's already there, and it's a big step up from relying on a browser.

Option three — a dedicated third-party password manager.

Dedicated password managers — apps like Bitwarden, 1Password, or NordPass — were built specifically for one job. They tend to go further than Apple's Passwords app, particularly if you use a mix of devices.

Bitwarden is worth mentioning because it's free for individual use and open source — meaning its security has been independently verified by experts. The others have paid plans, typically around £2–4 per month.

What a dedicated password manager does well:

  • Works across every device and every platform — iPhone, Android, Windows, Mac, any browser
  • Stores more than passwords — secure notes, card details, important documents, passport numbers
  • More detailed security reports showing weak, reused, or compromised passwords
  • Family sharing plans that make it easy to share specific passwords securely with people you trust
  • Your data is encrypted before it ever leaves your device — the company cannot see your passwords
  • Works independently of your Apple ID — a separate layer of security

Where it requires more from you:

  • Takes more time to get started — you need to install it on each device and browser
  • You have a master password to remember — the one that gets you into the app itself
  • There's a small monthly cost for the better options
  • For people new to this, the setup can feel unfamiliar at first

One thing that applies to all password managers: your master password needs to be strong and memorable. Write it down and keep it somewhere safe — not on your phone. If you lose access to it, recovery is possible but not always straightforward.

So which one should you use?

The honest answer is that the best password manager is the one you'll actually use. Here's a straightforward way to think about it:

  • You use Apple devices — iPhone, MacBook, iPad. The Passwords app is already on your devices and it's good enough. Open it, check what's in there, and start using it properly.
  • You mix Apple and non-Apple devices, or use Windows. A third-party app like Bitwarden works everywhere and removes the platform problem entirely.
  • You want to store more than just passwords — card details, important documents, secure notes. A dedicated app handles this better than Apple's Passwords app.
  • You currently save passwords only in your browser. Either option above is a significant improvement. Start with whichever feels most approachable — the Passwords app on your iPhone or Mac is the easiest place to begin.

What matters most isn't which one you pick. It's that you stop reusing the same passwords — and start using different, strong ones for every account. A password manager makes that possible without having to remember anything.

Not sure where to start?

Getting everything set up properly — finding your existing passwords, sorting the ones that are weak or duplicated, making sure it all works across your devices — takes a bit of time if you haven't done it before. It's not complicated, but it helps to have someone walk you through it.

That's exactly the kind of thing I help with.

Want some help getting this sorted?

Get in touch
jonathan hanna
Next

Why your child can't just stop — and what actually helps.