@@ -163,6 +163,18 @@ When a password manager includes password rotation it transcends being just a st
Passwords are typically associated with user accounts and are a form of secret that users know and use to authenticate themselves to a system. They play a role in secure authentication and access control and verify a user's identity or authorisation to access a system or resource. They are integrated into applications, systems and services to verify user identity during login processes. The activity of using a password is the entering of this secret information at authentication points to gain authorised access to protected information.
## 1.3 Use cases
Password managers can be characterized along several dimensions that influence how users interact with them and the benefits they provide. At a high level, these tools address distinct user segments: solutions for individual use, solutions for family groups that require selective sharing while preserving privacy, and basic enterprise configurations in which credentials may be injected into connections dynamically to provide a transparent experience for end users.
Synchronization is a central point of differentiation. Some solutions synchronize credentials across devices through general-purpose cloud services, enabling access from any device associated with the user’s account. Others provide synchronization that is native to the password manager itself, resulting in a more integrated but potentially narrower ecosystem. A third category comprises non-synchronized deployments that operate as resident or standalone systems, retaining all credentials locally on a single device or within a defined environment.
The deployment model also varies by where the solution resides in the technology stack. Browser-integrated managers provide convenience for web authentication. Operating system level managers offer deeper integration across applications and services. Standalone managers operate as independent applications, typically offering greater flexibility and feature breadth, while requiring separate management by the user. The boundary between browser level and operating system level solutions has become increasingly indistinct as platform integrations have deepened.
On mobile platforms, this integration manifests differently across ecosystems. Some provide a native keychain-style service with cloud-backed synchronization, delivering a uniform experience across devices within that ecosystem. Others adopt a more open model in which the password management provider may be selected from multiple services through system APIs or plugins, increasing choice but potentially creating ambiguity about which component is responsible for managing credentials.
These distinctions reflect the evolution of password management from a basic browser convenience to a mature security capability. Each approach entails specific tradeoffs among convenience, security, and flexibility. For the purposes of scope, this document considers solutions across these user segments, synchronization models, and deployment models, with particular attention to the interactions and overlaps among them.
