Sticky Password Premium – Review 2020
If you don’t use a password manager, you’re putting your online accounts at risk, since it is impossible to remember a random, unique password for every website without help. Sticky Password records and securely stores all your login credentials and generates new, strong, and unique passwords to protect your accounts. It does everything you’d expect from a password manager, but it doesn’t quite match the advanced features or usability of our top choices.
Pricing and Platform
For $29.99 per year, you can install Sticky Password Premium on all your Windows, macOS, Android, and iOS devices, as well as sync your passwords across those platforms. With the premium plan, a portion of your payment goes to protect endangered manatees. Why manatees? Well, the parent company of Sticky Password is Lamantine Software, and emlamantine means manatee in French. The product’s mascot is a friendly, bespectacled manatee. For comparison, Keeper Password charges the same annual fee, Dashlane costs double at $59.99 per year, and Lastpass is $36 per year.
If you don’t need cross-device syncing and password sharing, Sticky Password’s free version is available to install on as many devices as you like. However, these limitations prevent it from making our roundup of the best free password managers. Bitwarden, LastPass, and MyKi offer more-capable free versions that support cross-device syncing.
Sticky Password no longer offers a Lifetime edition. Previously, you could pay a one-time cost of $199.99 to get all the Premium features indefinitely.
Get Started With Sticky Password
First you need to create an online StickyAccount by providing a user name and a master password. Make sure to create a strong and unique master password, as this protects all your other passwords. An easily guessable, reused, or weak password negates the benefits of using a password manager; if someone finds out that one password, they get access to everything. For its part, Sticky Password never stores your master password on its servers. That means that if you forget it, you’re out of luck; Keeper and LastPass, by contrast, offer recovery processes for lost master passwords.
To sync your passwords between devices, Sticky Password stores an encrypted copy of your data in the cloud. For the super-paranoid, Sticky Password offers an even more secure option: Wi-Fi sync. In this mode, your devices sync directly with each other when they’re connected to the same Wi-Fi network. Your data never goes to the cloud.
Desktop Application
Sticky Password offers a desktop app for Windows and macOS; we tested the Windows 10 version. The program’s blue-and-white desktop application features a simple left-hand menu that gives you quick access to your accounts, identities, secure memos, and more. When you select a category in the menu, the main window populates with a list of relevant entries. Double-clicking an item opens it for editing. The experience is not as elegant as Keeper Password’s or Dashlane’s desktop app, but it works fine.
The StickyAccount link in the lower-right-hand corner takes you to your online profile. Settings are hidden in a menu at the upper-right part of the window, along with tools for exporting, importing, and generating, passwords. Like RememBear Premium, Sticky Password offers thorough online help resources. In addition to your account settings, you can also set synchronization, security (including two-factor authentication), hotkey (for using Sticky Password with applications), and database options (such as the backup folder).
By default, you must enter your master password every time you log in to Sticky Password. The password manager now supports a standard two-factor authentication that works with time-based one-time password (TOTP) apps. To set it up from the Settings, you scan a QR code the app generates with a TOTP app, such as Microsoft Authenticator or Google Authenticator. Sticky Password does not currently support U2F keys like the YubiKey; Dashlane does.
A few password managers take the two-factor concept to another level, with built-in TOTP capabilities. Naturally, this is for authenticating other logins, not for logging into the password manager itself. Among the products boasting this feature are Dashlane, Keeper Password, 1Password, and Myki Password Manager & Authenticator.
Alternatively, you can configure a USB drive or Bluetooth device as your authorization method to log in to your Sticky Password account. This is not a true two-factor authentication implementation though, as these devices take the place of your password. As such, we recommend you use the TOTP-based method.
Rounding out the basic features, you can organize passwords into Groups (folders) as well as share your login credentials with other Sticky Password users via the Sharing Center tab. You specify permission levels for each password you share: Limited (users cannot edit, share, or revoke access) or Full (the same rights as you, including to revoke access). Sticky Password allows you to share multiple passwords with multiple people at a time, although you cannot share a Group. Keeper Password allows you to share your organized folders of passwords.
Web Passwords
During installation, Sticky Password can import stored passwords from browsers such as Chrome, Edge, Firefox, Safari, and Opera as well as from less-common browsers, including SeaMonkey, Yandex, and Comodo Dragon. If you’re switching to Sticky Password from LastPass, RoboForm, Dashlane, KeePass, 1Password, or Kaspersky Password Manager, you can import your existing passwords from there too. There’s also the option to import passwords exported by another instance of Sticky Password, which can be handy if you’ve chosen the no-sync free edition.
A very popular reason for using a password manager is to store credentials for important websites, such as your bank or email. As you visit secure websites, Sticky Password’s browser plug-in captures your credentials and displays a pop-up notification to save them after you log in. You can edit the entry’s name at capture time and assign it to a Group, though Sticky Password only allows you to create new Groups via the desktop application. Alternatively, if the web detection does not work for some reason, you have the option to manually add password entries and any other category of information to Sticky Password.
When you revisit a site for which you’ve saved your credentials, Sticky Password automatically fills in the stored username and password. If you’ve saved more than one account for the site, a popup window lets you select one. You can also click the product’s button in the entry fields or the Extension icon in the toolbar. In testing, Sticky Password had no trouble with regular logins and the two-part login style used by sites like Gmail.
Sticky Password is slightly awkward in the way it handles multiple logins for the same site, though; for example, if you try to save a personal and work email account. When Sticky Password captured our personal Gmail account, we named it Gmail personal. Then, when we added our work Gmail, Sticky Password added it as a login under the existing Gmail item. To get the two logins named the way we wanted, we had to edit the entry, select each login in turn, click the Add Description button, and type in the desired friendly name.
Some login pages are just plain weird. Sticky Password handles such pages by letting you capture all data fields on the page, not just the ones that look like a username and password pair. As with the similar feature in 1Password, you won’t find it without digging. Click the button to add a web account, enter the login URL, and check the Show advanced settings box. Several new options appear, including a Define Settings Manually button; click that one. Sticky Password loads the page internally and lists all data fields. You assign the necessary login values to the fields and save the result. It’s not quite as easy as with LastPass and RoboForm, which let you simply fill the form and capture all data fields, but it works.
Online Account and Web Extensions
Sticky Password finally added online access, joining LastPass, Dashlane, RoboForm, and many others. However, its implementation is lackluster. For instance, you can only view your web accounts via this interface; app accounts, identities, and secure memos are all missing. Our contact from Sticky Password noted that some of these features would arrive on the web soon.
By default, Sticky Password requires you to enter your user name and master password to authorize a new device. You also have the option to require Sticky to send a one-time PIN to your registered email address or block any new devices from connecting to your account. You can monitor a list of trusted devices from this web interface.
To round out the web features, Sticky Password includes an option to wipe out all of your personal data, or delete your account entirely. We don’t know how often the average user would do this, but we appreciate software that makes it easy to delete data.
Sticky Password offers extensions for the same browsers that it allows you to import passwords from. However, the mechanism for installing the extension on some browsers is convoluted; Sticky Password requries you to open the desktop app and then go to Settings > Supported browsers and click install. Note that the extension does appear in the Firefox Add-ons portal and can be installed via the Chrome Web Store on Opera. Other password managers make it easier to install their web extensions on more browsers.
Sticky Password’s Chrome extension lists all your web accounts, identities (you can’t add an identity from here), and bookmarks and even has a section called This Website for manually copying over your credentials or adding an additional login. The extension offers a shortcut for launching the desktop app as well as a password generator tool.
Application Passwords
In addition to web passwords, Sticky Password can help you fill login credentials for desktop applications. When you add an account entry in the desktop app, you can select any program from a file browser or by dragging a crosshairs icon onto the password-entry window. A representative noted that Sticky Password handles applications differently based on whether they have a top menu bar. Older apps will show a Sticky Password logo in their menu bars, while you will need to use keyboard shortcuts or manually copy over credentials for modern apps without a menu bar. Note that there is currently no keyboard shortcut for copying over your username.
We tried adding login credentials for three different applications, Adobe Lightroom CC, the Twitter app from the Microsoft Store, and the Twitch app. Sticky Password successfully provided credentials for Lightroom and Twitter applications, but did not do so for Twitch. We noticed that you may need to click outside of the active window before Sticky Password fills in your credentials.
LastPass and Keeper Password Manager & Digital Vault are among the few competing products that handle application passwords.
Password Generation and Rating
When you click in the password field when creating or updating an entry, Sticky Password offer
s to generate a strong password. Choose a length from 4 to 99 characters, select the character sets you want (uppercase letters, lowercase letters, digits, and punctuation) and click Generate. Like LastPass, 1Password, and others, it lets you exclude too-similar characters, for example, capital O and the digit 0. However, that exclusion reduces the pool of available random passwords. Since you don’t have to remember the generated passwords, we suggest disabling this option.
The password generator flags password strength as Weak, Normal, or Strong. Using the default settings, you get 20-character passwords using all character sets. Those settings result in passwords in the Strong range. For comparison, Dashlane defaults to 12 characters and RoboForm’s standard passwords are eight characters. Password Boss Premium matches Sticky Password’s 20-character minimum, while MyKi defaults to 32 characters.
To check the strength of your existing passwords, click Quick Access in the menu at left and then click the Security Dashboard tab. You get a list of all your passwords along with a security status, such as weak or reused.
Password ratings continue to improve with each revisit of Sticky Password. In the past, a six-character all-alphabetic password like “abCDef” could receive a Normal rating, meaning it wouldn’t get a weak rating. That example now rates Weak and Sticky Password rejects other simple alphabetical passwords as weak, too. However, “Administrator” and “Password1234” meet the minimum requirements for the Normal strength classification, and “[email protected]#$%^&*()” meets the Strong classification, which is concerning.
Portable Passwords
Sticky Password allows you to create a portable USB-based edition of the program with all your passwords. This set up is a kind of two-factor authentication, as you must both possess the USB drive and know the master password.
You use the USB-based tool to log in to your saved sites just as you would using the regular version of Sticky Password. As with the portable editions of RoboForm, KeePass, and others, any new logins you capture exist only on the USB drive, not auto-synced with other installations.
Web Form Filling
Sticky Password places no limits on the number of Identities you can create via the desktop app. Identities are collections of personal information for filling web forms and include elements such as your mailing address, online contact info, business details, and financial information (such as bank accounts and payment options). Some of the form details seem outdated or otherwise inflexible. For instance, Sticky Password lists a Yahoo ID and AOL Name in the Internet category. The service would be better off including more modern social media platforms, such as Facebook, Twitter, or Instagram, or at least allowing users to add custom fields. RoboForm Everywhere lets you create multiple entries for any field.
When Sticky Password recognizes that you’ve navigated to a web form, it puts an icon in the fields it can fill, and offers a menu of available identities. As with most password managers, it won’t necessarily fill all the fields, so be sure to double-check any that don’t have that icon. It works fine for RoboForm’s “All Fields Test” page. If you are filling out a web form with details of a new identity, just ignore Sticky Password’s suggestions. Note that you can only add basic contact info on the web for each identity, such as a name, address, and phone number.
Bookmarks and Secure Memos
Along with passwords, Sticky Password can import bookmarks from your browsers during installation. Those bookmarks become available on all your devices. Some browsers, such as Chrome, Edge, and Firefox, already include this capability.
A secure memo is a formatted text document that Sticky Password stores and syncs, along with your passwords and identity data. Secure memos are also encrypted using AES-256 standard, which your run-of-the-mill note-taking apps might not do. Sticky Password offers 10 predefined templates by default, including ones for your drivers’ license, passport, and credit card. You can edit memo templates to your liking or create a new one from scratch. Note that secure memos don’t work for filling forms.
Mobile Editions
We tested Sticky Password on a Google Pixel 3 running Android 9 and had no issues signing in to our account and setting up the app’s permissions. Sticky Password’s mobile version looks similar to the desktop variant with a familiar layout and blue-and-white color scheme.
In the middle of the screen, you get the same menu items: Web Accounts, App Accounts, Identities, Bookmarks, Secure Memos, and Sharing Center. All of those sections work the same as their desktop counterparts and all of the entries and fields synced over without an issue. One exception is that you must use the desktop app to manage shared content. You also get access to the Sticky Browser and the password generator feature in the hidden left-hand menu.
The plus button in the lower right-hand side allows you to manually add a new entry to any of those categories. Oddly, we could not get Sticky Password to ask us to save any passwords when logging into our accounts on some apps. For instance, when we tried logging in to Twitter, Sticky Password did not offer to save our credentials; we had to enter them in manually to our password database in order to use Sticky Password for subsequent log ins. Our contact at Sticky Password said that data capture on mobile is a planned update
In the settings section of the app, you set preferences for app access, such as requiring a pin or fingerprint to log in. You can also set autofill preferences, as well as import or export your password database. One cool feature is that Sticky Password displays a persistent notification whenever you copy sensitive information to the clipboard.
What’s Not Here
Although Sticky Password identifies weak, duplicate, and old passwords, it doesn’t check your passwords against passwords exposed in data breaches. LastPass, Dashlane, and Keeper are among those that do. Sticky Password also does not automate password updates, which many others do. Keeper and 1Password notably do not automate password updates due to their concerns about security.
Although we like that Sticky Password allows you to share passwords and set permissions, it does not include password inheritance options. Keeper, Dashlane, and a few others let you define an heir for your account, typically with a waiting period for access. A representative from Sticky Password noted that a similar feature is coming to the service.
Effective, But Not Exceptional
Sticky Password is an effective password manager. Its ability to sync via Wi-Fi, without using the cloud, offers an extra degree of security, and it now includes two-factor authentication. We would still like to see a more-comprehensive password strength report along with some provision for password inheritance. While Sticky Password’s interface is usable, Dashlane’s and Keeper Password’s apps are more user-fr
iendly and include more advanced features, such as integrated TOTP capabilities and data capture of mobile logins. Dashlane and Keeper Password are our current Editors’ Choice password managers.
Sticky Password Specs
Import From Browsers | Yes |
Two-Factor Authentication | Yes |
Fill Web Forms | Yes |
Multiple Form-Filling Identities | Yes |
Actionable Password Strength Report | No |
Application Passwords | Yes |
Digital Legacy | No |
Secure Password Sharing | Yes |