The most basic task for a password manager is to keep track of your passwords and supply them at need, but products in this field have expanded their goals to make things even easier for their users.
First came checking saved passwords to identify weak ones or duplicates.
Some went beyond that, actively helping users update problem passwords.
Others ventured into the realm of password sharing, and handling password inheritance.
During all this evolution, alas, AceBIT Password Depot has pretty much remained the same.
In the two years since my last review, the password manager had a user interface makeover, but that's about all.
It definitely needs updates that are more than skin deep.
Price and Platforms
Based in Germany, AceBIT prices Password Depot strictly in euros, at €39.95 per year.
What you pay will depend on the exchange rate.
That's about $45 as I write this, which is not very different from what it cost when I tested it two years ago.
At nearly $60 per year, Dashlane costs more, but most password managers range from less to quite a bit less in price.
Keeper and Sticky Password cost less than $30 per year, LastPass goes for $24, and Zoho Vault is just $12.
In addition, you may find a free password manager that has all the features you want.
LastPass and Myki, our free password Editors' Choice picks, both outperform Password Depot.
You can download and use Password Depot for free, but with some significant limitations.
The full product allows for the creation of multiple password databases, perhaps to separate work passwords from personal passwords.
The free edition allows just one database, and limits you to 20 saved passwords.
Naturally, the premium edition has no such limit.
Tech support is also a perk of the premium edition.
Just about every competing product lets you install on as many devices as you want, and sync passwords between them.
Password Depot limits you to just two Windows installations.
You're free to install it on as many macOS, Android, and iOS devices as you want, and sync passwords using third-party cloud storage.
However, the product's features are limited on these other platforms.
Note that the Panda Dome Complete security suite offers password management through a licensed edition of Password Depot 11.
The current version, reviewed here, is Password Depot 12.
Getting Started with Password Depot
The trend these days is toward simplicity, starting with the installation process.
For many password managers, you launch the installer and click one button to agree to the license terms and install the program.
Password Depot's installer is decidedly old-school, with many pages to click through.
It asks things like what folder you want to use for installation, and whether to install for all users or just one.
It also invites you to pick and choose which components to install.
Most users would rather just get the program up and running.
When you do launch the program, it's a bit opaque.
The welcome screen says you must create a database and offers just two choices, DB Manager and Exit.
The DB Manager window is a big blank, with a menu at left and no explanation.
Most of the menu choices describe storage locations: Local System, Enterprise Server, USB Storage Device, Internet Server, Dropbox, Google Drive, OneDrive, HiDrive, and Box.
You can choose Local System for a local-only one-computer password database, or choose the USB option for a portable installation that you carry wherever you go.
If you want to sync between devices, you'll have to choose one of the online storage options.
Unlike RoboForm, LastPass Premium, Dashlane, and most competing products, Password Depot doesn't provide online storage for your data.
Once you've selected a storage location and (if necessary) signed in, you must find the right icon to create a new database (it's the standard page-with-bent-corner icon used for a new document in many programs).
Click that icon to create the file that will hold your passwords and other private data.
You can also use the DB Manager to open an existing database.
If your aim is to switch from another password manager to Password Depot, you have more choices than when I last reviewed this product.
Password Depot can import from Dashlane, Keeper, LastPass, RoboForm, and a dozen others, including a few that are better known in Germany than in the US.
Dashlane, LastPass, and Trend Micro Password Manager can import passwords stored insecurely in your browsers, delete the browser's copy, and turn off password capture by the browser.
Other products at least import from the browsers.
Password Depot doesn't import browser passwords.
Master Password Helper
As part of creating your new password database, you decide whether to authenticate using a master password, a key file, or both.
Key file authentication means that Password Depot generates a file containing encryption keys, and that you must supply this file to unlock your database.
The key becomes extremely valuable, so the help recommends keeping it on a USB drive.
Good luck supplying that key to your Password Depot installation on a mobile device with no USB port.
Assuming that's not a problem, choosing key file plus master password gives you two-factor authentication.
I don't recommend using the key file alone, though.
Password Depot offers an unusual helper module for coming up with a master password.
You type a memorable phrase of at least eight words, and the helper generates a password using the first letters of each words, converting some of them to leet-speak equivalents.
I entered "We're Gonna Build a Wall, and Mexico's Gonna Pay For It." The helper returned "W9b4W4M6Pf1." I can puzzle out the connection, but I don't know that I'd remember that password.
There are better ways to create memorable passwords.
If you're truly paranoid, you might worry that some malefactor has managed to install a software or hardware keylogger on your PC.
Never fear; Password Depot has you covered.
When you enter your master password (or any other password) using the virtual keyboard, there's no way a keylogger can capture it.
Better still, if you enable its flock of fake cursors, even a shoulder-surfer can't see which keys you click.
Reliant on Local App
Many password managers de-emphasize local apps, existing as browser extensions and storing encrypted data in the cloud.
With Password Depot, the local app is essential.
While the interface has been updated since my last review, it retains a somewhat dated look, with a standard menu at top and toolbar just below that.
At left is a panel listing your password databases, along with items for favorite and deleted items.
If you've created folders, they appear as a tree below the database.
Yes, you can create folders within folders, and it's easy to move your saved items into the folder of your choice.
Sticky Password Premium, LastPass, and RoboForm are among the few others that support a multi-level folder layout.
The middle column shows the items in the current folder.
A search box at the top searches all items, not just the current folder.
The rest of the window, at right, displays details of the selected item, and lets you edit those details.
This three-column view is pretty standard, seen in many other password managers.
Password Depot installs browser extensions for Chrome, Firefox, and Internet Explorer.
There's no extension for Microsoft Edge at present, leaving Edge-loving Windows 10 users high and dry.
The product also claims Opera support, but there's no Opera-specific extension.
Rather, you must install Chrome extension support and then install the Chrome extension in Opera.
Doing so gets you the discouraging message, "Please, be aware that this extension requires APIs that aren't fully supported in Opera."
If you've used other password managers, you'll find that the browser extensions don't work the way you expect.
Clicking the browser toolbar button just brings up the program's main window.
If the main program isn't running, the browser extensions don't work, period.
You can minimize the app to the notification area, or shrink it to its top bar mode, but if you exit the program, it's game over.
I found the top bar view to be distracting and obtrusive.
It occupies the top edge of the desktop, partially covering the top row of icons, and hiding the title bar of any window that's up against the top edge.
A lengthy string of icons offers access to the program's most important features.
You can dig into settings to make it partially transparent, adjust the icon size, re-order the buttons, and even configure which monitor it will use.
I'm not sure why you'd bother, though.
As expected, Password Depot notices when you log in to a secure site and offers to save your credentials.
At capture time, you can give the entry a friendly name and assign it to an existing folder.
You can't create a new folder during capture, but it's easy to organize your logins into folders later.
Clicking Advanced in the capture dialog gives you a vast amount of configuration detail for the entry.
You can assign it to a new or existing category (distinct from folders), set an expiry date, rate its importance, add equivalent URLs, specify which browser to use, launch a program, and more.
You can even choose whether it fills in passwords using keyboard simulation, clipboard cut/paste, or a combination of the two designed to obfuscate the process and thereby foil keyloggers.
The list goes on and on, but most users have no need whatsoever for this level of detail.
In testing, I found that captured credentials for most sites, and had no trouble with multiple logins for the same site.
However, it failed to capture several well-known sites, among them Fandango and EventBrite.
When you revisit an already-saved site, Password Depot fills in the saved credentials for you.
If there are multiple sets of credentials, it pops up a biggish window with a list for you to choose from.
This works, but I prefer a small, simple menu near the password entry field, like what Dashlane and Keeper use.
Their numbers are dwindling, but websites that use nonstandard login screens are still around.
Some password managers just can't handle these.
Others, among them Sticky Password, LastPass, and Keeper, let you fill in all fields and then capture the whole form.
If Password Depot can't recognize and capture a page, your only recourse is to create the login manually, filling in the internal name of each field and the desired value.
Few users will know how to do this; fewer will bother.
There's no menu of logins attached to the toolbar button like what you get with AgileBits 1Password, LastPass, RoboForm, and many others.
You must locate the desired login in the main window, and, even then, it's not immediately obvious how to launch the saved item.
By default, double-clicking an item just opens the advanced editing window.
Right-clicking the item and choosing URL just copies the URL to the clipboard, as does clicking the internet icon.
To launch and log in to the saved site, you press F5, or open a menu to launch the site in Chrome, Firefox, Internet Explorer, or Opera.
Powerful Password Generator
I mentioned the peculiar master password helper, which generates allegedly memorable passwords using leet-speak characters.
For websites, Password Depot uses a completely different password generator.
I found that out of the box it created 20-character passwords, the same as Sticky Password and 1Password.
Myki Password Manager & Authenticator goes even farther, defaulting to 30 characters.
Using its default settings, Password Depot creates passwords containing lowercase letters, uppercase letters, digits, and symbols, as it should.
An option to suppress similar-looking characters such as lowercase l and digit 1 is enabled by default.
That feature is only important for passwords you're going to type or memorize; most users should turn it off.
Almost all password managers offer some form of random password generator, but most rely on a pseudo-random number algorithm.
In theory, an adept hacker could crack the randomization algorithm and determine the sequence of passwords waiting to be spewed by the password generator.
The probability of someone successfully cracking your passwords using this method is vanishingly small, but just in case, Password Depot makes you part of its random number generator.
As you mouse over a Matrix-style screen of falling characters, it uses your activity as a non-algorithmic, non-crackable source of randomness.
It's a clever idea, and using it is quite a bit easier than building your own password generator.
There's a whole page of advanced password generator settings.
You can limit the generator to a user-defined set of characters, or tweak the relative frequency of different character types.
Other options let you exclude runs of identical characters, characters easily mistaken for others, and passwords containing dictionary words, to avoid the remote (but real) possibility that the random algorithm will come up with "password" or "aaaaaaaa" as its output.
Most users should leave these advanced options alone.
Application Passwords
Not every password belongs to a website—sometimes you must log in to a local application.
Password Depot can handle those situations too, though setting up an application password is totally a DIY affair.
Clicking the toolbar button to create a new entry brings up the same multi-page dialog that you get by clicking Advanced during password capture.
On the first tab, you give your entry a name and enter the username and password.
Instead of typing in or pasting a URL into the URL tab, you click to browse and select the program.
On the Additional tab you can add any necessary command-line parameters.
Filling in your credentials from the saved entry is once again a manual process.
Buttons in the main Password Depot window serve to copy the username and password to the clipboard; you have 60 seconds to paste in the copied data.
Admittedly, few password managers handle application passwords, but others do so much more gracefully.
RoboForm attaches a toolbar at the bottom of login windows, letting you capture or replay credentials.
With LastPass, you drag a crosshair cursor onto the login window to identify it; when you log in so LastPass can capture your actions.
Sticky Password uses a similar special cursor.
Password Policy and Analysis
By default, Password Depot imposes a policy that requires a...
