Following today’s release of the top 25 worst passwords used in 2014, if the passwords you use are among them, or if you are using your same password over and over for your various online services, then you might consider the use of a password manager. These options allow you to create random and unique passwords for services outside of your computer (such as those on Web sites), and then securing them all with one master password.
Apple’s Keychain
Apple offers a robust password manager with its built-in keychain, so at a minimum you might consider trying this out. Since the keychain is active by default, when you log onto sites, or create new accounts or passwords for them, then you will be prompted to save your passwords.
In addition, they should all provide you with a safe and secure way to store your passwords and other sensitive information, including features like AES encryption for stored data, auto-entry into Web sites and other password services, password generators, backup options either locally or on hosted servers, and more.
If you have used Apple’s keychain access and are frustrated by some of its limitations, then one of the following password managers might be more to your liking:
1Password — This option is $49.99 for OS X and $14.99 for iOS, and is one of the more popular alternatives to Apple’s keychain.
LastPass — Only today offering desktop integration into OS X, this allows for use on practically all desktop and mobile operating systems. Its basic features are free, with a minimal $1 per month for premium features.
eWallet — This basic option gives you a simple interface, and is built primarily as a data storage option. It costs $19.99 for OS X, and $9.99 for iOS.
DataVault — At $9.99 for both iOS and OS X, this option is a relatively cheap, and offers both desktop and Web integration of services. Its more visual approach gives you a quick way to recognize and select your desired passwords.
Wallet — Priced at $19.99 for OS X and $9.99 for iOS, Wallet will give you a similar approach as DataVault with visual groupings of your various sites and services.
mSecure — Available on Windows and OS X for $19.99, as well as Android and iOS for $9.99, this option allows you to secure your data in groupings and also securely share your credentials with others, which may be good for managing shared accounts for workgroups.
RoboForm — Even though this package costs $29.95 for OS X, it is free for iOS and will also sync with many other operating systems. Its interface is more of a bookmarks list for your secured sites, which will launch and auto-fill them when you open them.
SplashID Safe — This option is available for most platforms except Linux, and is available on the Mac App Store for $19.95, and for iOS at $9.99. One of its unique features is the option to use a visual password by tracing a pattern using your mouse or iOS touch screen.
These are only a few of the options out there, and will allow you to best secure sensitive passwords, notes, credit card information, and other details. In addition, you might consider some alternative security options for your Mac, which include setting up encrypted disk images for sensitive data, encrypting your entire Mac, using firmware passwords, and otherwise securing your data.
Note that the latest version of 1Password will allow you to unlock it with Touch ID (fingerprint) on iOS devices that have the TouchID sensor. You’ll still need to use your 1Password Master password to unlock it the first time, but after that you can use Touch ID. This added fucntionality was included in a free upgrade from earlier 4.x revs of the software.
Not affiliated, but a very happy customer.
I use Dashlane that has not been mentioned. I’m very happy with it.
Lastpass for me, I have been using it for years (Reviewed on Security Now! Podcast) Encryption and Decryption done locally on your machine BEFORE synchronisation, cyber threats constantly being monitored my Lastpass, about as secure as it get get today ….
I’ve been using Password Wallet for years. It’s also available on OS X, Windows, iOS and Android.
I have also been using Password Wallet since back in OS9.
“If you have used Apple’s keychain access and are frustrated by some of its limitations”
Like what?
I’m not a beginner in Mac-land by any stretch. And I try to understand new stuff that comes along. But I just can’t see the benefit to any of the Keychain replacements. Yes, some of you love AES encryption. Fine. But I run a very (very) small business. Keychain tracks them on all of my devices. Yes, you do have to set it up correctly. But you have to do that on any of the alternatives.
I tried 1Pass. on a 30 day deal. It’s swell. Better than Keychain? Well, it’s flashy. And it’s still sitting there in my MenuBar waiting for me to find the uninstaller. (and do NOT get me started on Backblaze. Different product, same annoying behavior).
I’ve gotta be missing something here…
Did I mention that i hate passwords? That I think that for the most of us they are overdone, overused, over analyzed, and in general people get too excited about them? Those of you in the corporate world, knock yourselves out. For the other bazillion of us–well, we don’t need the paranoia.
I’m with msadesign. I don’t see the point of the alternatives to Keychain.app. I’ve tried some of the 3rd party products and have been underwhelmed.
I sometimes see people using 3rd party password products. I ask them why they don’t just use Keychain.app and they respond with something along the lines of “I didn’t know about it.”
I’ve been using Keychain.app for a loooooong time. I currently have 1051 items in my Login keychain. I simply never have any problems with it. It has never been made to not work with an OS update. It just keeps on going.
A reason to not use Keychain is that it only supports the apple ecosystem. As someone that works on multiple platforms, I need my passwords on Macs, Windows, and Linux. Also, keychain doesn’t offer services such as auditing password for strengths, notification of hacked websites (with semi-automatic changing of passwords), two factor login, etc.
Most people hate passwords and the necessity of using them. If your computer is never exposed to the Internet, or to other people, maybe you don’t need to worry about them. I suggest that’s an infinitesimally small number of computer users. There are, of course, other ways for your computer’s security to be compromised. And for your online accounts to be invaded. Passwords are our first, and often our only line of defense against malicious exploits. Most of the tools mentioned here, including Keychain Access, can generate random passwords that you don’t have to remember that are generally more secure than any you can invent yourself. How important security is to you will depend on how important your data is to you – or to someone else who might take advantage of that data. You are the ultimate judge of your security needs. Whether you are a competent judge is another question.