In this week’s Mac security, we’ll look at password managers for the Mac, as it’s a topic that has been brought up here with questions from AskWoody community members.
First of all, every major web browser that runs on a Mac can offer to store your passwords, plus you can even type in “generate password” into some major search engines (DuckDuckGo is one) to get a randomly-generated password. So what are the advantages of a password manager?
The advantages of a password manager are that they generally work across various web browsers and platforms, offer ways to easily generate random passwords and update them in the event of a security breach (and some even notify users which passwords have been breached), plus some offer additional benefits such as storing software license keys to apps that are purchased directly from manufacturers (versus the Mac App Store).
iCloud Keychain: Not a Cross-Platform Password Manager
Apple has added a feature to iCloud that allows storing and syncing passwords securely in iCloud called iCloud Keychain. It is easy to set up, plus Safari can now auto-generate secure passwords that are stored in iCloud Keychain. Passwords stored in iCloud Keychain are accessible either on the Passwords tab of Safari Preferences or in the Keychain Access app. Keychain access predates iCloud Keychain and also stores Safari passwords even if iCloud Keychain is not enabled, and it stores other important secure tokens your Mac uses. Good troubleshooting for iCloud Keychain is available here.
While iCloud Keychain syncs between Mac and iOS, it will not work across Windows PC’s or Android devices, nor will it work on other web browsers besides Safari (without keeping Safari or Keychain Access open and manually copy/pasting passwords). There is also no web interface for iCloud Keychain, plus the passwords it creates are generally lengthy. I still recommend iCloud Keychain enabled across Macs and iOS devices but simply choose not to store passwords in Safari and iCloud Keychain when prompted because iCloud Keychain can still store important app tokens or security information some apps (such as HomeKit devices) need.
My Favorite Password Manager: 1Password
My personal favorite password manager is 1Password. 1Password has an excellent design that is especially Mac-friendly and easy to use. It runs well on Mac and iOS, plus it can run on Windows, Linux, the web, even the command line, plus it is cross-browser. Generating and storing passwords are simple, plus it even notifies of security breaches, stores two-factor authentication code generators, app license keys, memberships, and plenty more. I’ve found it to be the most solid and user-friendly password manager I’ve used yet.
The only “drawback” is all this polish and functionality comes at a price. The recommended method is either the monthly or annual subscription (it runs about $36/year). I’ve heard they also offer a perpetual license that is per version number and per platform, but I’ve heard the subscription is the most flexible way to go. I personally feel it’s worth the annual fee to have a solid password manager that gives me the additional level of password security and effortless management I need in an interface I love.
Freemium Option: LastPass
Another option with a similar price for the premium tier but also offers a free option is LastPass. LastPass is also cross-platform (and runs great on Windows, I used it when I had a Windows PC) and cross-browser, and it provides solid password generation and management, the ability to store app license keys, etc.
My only personal “drawback” with LastPass is the interface is a little less polished than 1Password. The interface is simple and easy to use, but 1Password has an overall more “premium” design that feels more at home on a Mac. For those who want a free password manager and primarily use Windows PC’s, LastPass is a great choice. For those paying a subscription for a password manager and using Macs in the mix, I’d recommend 1Password.
Webroot offers an older variant of LastPass for subscribers of Internet Security Plus, but I don’t recommend it. I do recommend Webroot as a solid antivirus utility cross-platform, but for password management, either go straight for the latest version of LastPass or try 1Password.
Nathan Parker
