• Mac Security: Password Managers

    Home » Forums » AskWoody support » Apple » Apple operating systems » macOS » Mac Security: Password Managers


    In this week’s Mac security, we’ll look at password managers for the Mac, as it’s a topic that has been brought up here with questions from AskWoody community members.

    First of all, every major web browser that runs on a Mac can offer to store your passwords, plus you can even type in “generate password” into some major search engines (DuckDuckGo is one) to get a randomly-generated password. So what are the advantages of a password manager?

    The advantages of a password manager are that they generally work across various web browsers and platforms, offer ways to easily generate random passwords and update them in the event of a security breach (and some even notify users which passwords have been breached), plus some offer additional benefits such as storing software license keys to apps that are purchased directly from manufacturers (versus the Mac App Store).

    iCloud Keychain: Not a Cross-Platform Password Manager

    Apple has added a feature to iCloud that allows storing and syncing passwords securely in iCloud called iCloud Keychain. It is easy to set up, plus Safari can now auto-generate secure passwords that are stored in iCloud Keychain. Passwords stored in iCloud Keychain are accessible either on the Passwords tab of Safari Preferences or in the Keychain Access app. Keychain access predates iCloud Keychain and also stores Safari passwords even if iCloud Keychain is not enabled, and it stores other important secure tokens your Mac uses. Good troubleshooting for iCloud Keychain is available here.

    While iCloud Keychain syncs between Mac and iOS, it will not work across Windows PC’s or Android devices, nor will it work on other web browsers besides Safari (without keeping Safari or Keychain Access open and manually copy/pasting passwords). There is also no web interface for iCloud Keychain, plus the passwords it creates are generally lengthy. I still recommend iCloud Keychain enabled across Macs and iOS devices but simply choose not to store passwords in Safari and iCloud Keychain when prompted because iCloud Keychain can still store important app tokens or security information some apps (such as HomeKit devices) need.

    My Favorite Password Manager: 1Password

    My personal favorite password manager is 1Password. 1Password has an excellent design that is especially Mac-friendly and easy to use. It runs well on Mac and iOS, plus it can run on Windows, Linux, the web, even the command line, plus it is cross-browser. Generating and storing passwords are simple, plus it even notifies of security breaches, stores two-factor authentication code generators, app license keys, memberships, and plenty more. I’ve found it to be the most solid and user-friendly password manager I’ve used yet.

    The only “drawback” is all this polish and functionality comes at a price. The recommended method is either the monthly or annual subscription (it runs about $36/year). I’ve heard they also offer a perpetual license that is per version number and per platform, but I’ve heard the subscription is the most flexible way to go. I personally feel it’s worth the annual fee to have a solid password manager that gives me the additional level of password security and effortless management I need in an interface I love.

    Freemium Option: LastPass

    Another option with a similar price for the premium tier but also offers a free option is LastPass. LastPass is also cross-platform (and runs great on Windows, I used it when I had a Windows PC) and cross-browser, and it provides solid password generation and management, the ability to store app license keys, etc.

    My only personal “drawback” with LastPass is the interface is a little less polished than 1Password. The interface is simple and easy to use, but 1Password has an overall more “premium” design that feels more at home on a Mac. For those who want a free password manager and primarily use Windows PC’s, LastPass is a great choice. For those paying a subscription for a password manager and using Macs in the mix, I’d recommend 1Password.

    Webroot offers an older variant of LastPass for subscribers of Internet Security Plus, but I don’t recommend it. I do recommend Webroot as a solid antivirus utility cross-platform, but for password management, either go straight for the latest version of LastPass or try 1Password.

    Nathan Parker

    2 users thanked author for this post.
    Viewing 3 reply threads
    • #1565301

      If you want a free, local storage password manager, you could try KeePass (Windows) and MiniKeePass, KeePassXC, KeeWeb, etc (Mac/i).
      The password database is stored locally by default, but you can put it in the cloud if you want.

      cheers, Paul

      4 users thanked author for this post.
    • #1586567

      Thanks for mentioning those as well. I was hoping someone would chime in with other solutions.

      The main reason I use a cloud-synced one is since I work in a multi-device environment, but I like the idea of some being out there that allow for local storage.

      Nathan Parker

      1 user thanked author for this post.
    • #1590083

      PaulT: “ The password database is stored locally by default, but you can put it in the cloud if you want.

      I like this idea very much, as I want to have always some way to see what my passwords are, if they are created by someone, or something, else. If necessary, I want to be able to do the old copying and pasting trick, particularly when the Web site where my passwords are stored is not available because of some problem with the server. Or more to the  point, I dislike the idea of keeping such things on the Web in the first place, where, unfortunately, the raiding of data banks on line that store the personal information of many users, are a regular occurrence these days.

      Not that I think that keeping the passwords on a server in the Cloud is an essentially terrible idea, because, as Nathan has pointed out, doing that is useful to someone like him, for example. But my password needs are much simpler than those of someone like him, so keeping those passwords local and where I can make copies of them, if needed, is the way I prefer to manage them.

      Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

      MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
      Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
      macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

      1 user thanked author for this post.
    • #1594889

      I dislike the idea of keeping such things on the Web in the first place

      If the password manager uses secure encryption and your password / master key is strong, placing your database in the open is not an issue as it’s effectively unbreakable.

      cheers, Paul

      1 user thanked author for this post.
    Viewing 3 reply threads
    Reply To: Mac Security: Password Managers

    You can use BBCodes to format your content.
    Your account can't use all available BBCodes, they will be stripped before saving.

    Your information: