, , , , , , ,

Overview of 3 password managers for iPhone, iPad & Mac

, , , , , , ,

In this post, I’ll review three password managers that can be used on iPhone, iPad and Mac.

Please note that to take advantage of the apps mentioned later on, you'll need at least the following versions of the operating system:

  • iOS 9 on iPhone/iPad

  • OS X 10.9 (Mavericks) on your Mac (preferably 10.10 Yosemite and up)

Actually, this is the third article from a 6-part series on password management that will be released over the next few days:

  • Part 1: Why should my password be unique & strong?

  • Part 2: How to generate unique and strong password

  • Part 3: Overview of three password managers for iPhone, iPad & Mac

  • Part 4: How to use iCloud Keychain on iPhone, iPad & Mac

  • Part 5: How to use 1Password on iPhone, iPad & Mac

  • Part 6: How to use LastPass on iPhone, iPad & Mac

Recap from my previous posts:

The main reasons why online account get hacked are the following:

  • passwords are either too short or too simple

  • the same or very similar passwords are reused across multiple accounts

  • the answers to security questions can be found easily from publicly available information

This is why we need passwords (and answers to security questions) that are unique and strong.

In my previous post, you’ve discovered 4 methods to generate these kinds of passwords:

  1. Padding technique

  2. Passphrase technique

  3. Paper-based methods

  4. Electronic Password Managers

Electronic password managers review

Today you'll learn more about the three software solutions that I endorse:

  1. iCloud Keychain

  2. 1Password

  3. LastPass

There are more software solutions out there (some free, some paid) like Dashlane, Keeper, Locko, KeePassX, and more.

After having tried a few of those, here are the reasons why I don't recommend them:

  • Some don't provide an iPhone/iPad app

  • Some have not been long enough on the market 

  • The way that some protect or transport data is not explained or opaque

  • Their data retention policies are either vague or inexistent or unacceptable

  • Some don't provide an easy way to export data and move to another service

(1) iCloud Keychain

Apple_devices_with_Safari_and_iCloud_Keychain_-_Annotated_800px_Optimized.png

This is the most integrated solution as it is available right inside Safari and does not require to download any third-party application.

The thing is, you may already be using Safari's built-in password manager without realising it and go back to this post if you want to check what is already stored there. 

To merge the login information stored in the local keychain of different devices into a single one, you'll need to activate what is called "iCloud Keychain" via the iCloud configuration pane:

  • iPhone/iPad: Apple ID > iCloud > Keychain

  • Mac: System Preferences > iCloud > Keychain

Synchronising your keychains via iCloud is secure in the sense that, unlike your photos, contacts and other data stored in iCloud, the keychain is encrypted a second time by a password that only you know (different from your Apple ID account).

In addition to passwords, it can safely store credit card information too (but not the CVC for obvious security reasons) and allow you to synchronise Wi-Fi passwords between multiple devices (which can be quite handy at times).

The downsides of iCloud Keychain are that:

  • It only works with Apple devices

  • It does not manage security questions easily

  • On OS X 10.11 and earlier, the Keychain is opened when you log into your user account, which makes it vulnerable if your computer gets infected

  • On iOS 11 and earlier, as well as on macOS, passwords are autofilled without the need to type your device passcode or use Touch ID/Face ID

  • Some websites block iCloud Keychain from suggesting passwords, which means that an alternative approach is needed in those cases

  • On iOS 11 and earlier, all passwords have 15 characters and the same structure (4 sets of 3 characters with a minus sign in-between) which may not work when websites limit the password length and/or its structure (no special characters for instance). On top of that, the predictability of the password structure makes it much weaker than if it was truly random.

To alleviate those limitations, you could use a hybrid approach by:

  • Using a paper-based method to generate passwords and answers to security questions

  • Using iCloud Keychain to store and synchronise these passwords

  • Using password-protected notes (see this post) to store answers to security questions

Despite all these drawbacks, it's still a better and more secure solution than not using anything. 

System requirements:

  • iOS 7.0.3 and up

  • OS X 10.9 (Mavericks) and up

(2) 1Password

Courtesy from 1Password

Courtesy from 1Password

This tool is the best one for individuals and families who use many Apple devices and want a slick and intuitive user interface, though it works also on Android, Windows 10, Chrome OS and even Linux.

Not only can 1Password generate and store passwords, but it can also:

  • store secure notes and sensitive files

  • store credit and debit cards information, as well as bank account details

  • easily generate and manage human-readable answers to security questions

  • store personal information, like your passport number, social security number, driving licenses

  • associate multiple domains with the same credential (i.e. Amazon has a unified system for all its countries: amazon.com, amazon.fr, amazon.co.uk, etc.)

  • manage two-factor authentication tokens like Google Authenticator

  • manage other types of information like software licenses, memberships, reward programs and even wireless routers

This tool integrates very well on both the iOS and Mac platforms by providing a dedicated app, Apple Watch support as well as browser extensions. 

Besides, it works with Touch ID & Face ID, on iPhone & iPad as well as the latest MacBook Pro with Touch Bar and the latest MacBook Air with Touch ID.

What a pleasure to automatically fill your password using your finger or facial recognition!

Courtesy from 1Password

Courtesy from 1Password

A great feature of 1Password is WatchTower: a service that alerts you when there is a security breach for one of the services that you're currently using. When needed, the app will tell you to change the password for said service.


1Password provides two ways to synchronise your password vaults:

  1. Via iCloud or Dropbox (one-time purchase)

  2. Via their own servers (monthly subscription)

In both cases, you have a free 30-day trial, then you'll have to 

  • either purchase a license (10,99€ on iPhone/iPad and 64,99€ for the Mac)

  • or subscribe to a subscription plan ($2,99 for individuals and $4,99 for families of 5)

With the family plan, each member has their own separate password vault and there is a shared vault (accessible by everyone) that can be used for things like school login items or shared bank accounts.

This is also a great way to get children familiar with password management from a young age.

System requirements:

  • iPhone/iPad

    • iOS 12 for 1Password 7

    • iOS 9.3 for 1Password 6

  • Mac:

    • macOS 10.13 (High Sierra) for 1Password 7

    • OS X 10.10 (Yosemite) for 1Password 5 and 6

    • OS X 10.8 (Mountain Lion) and 10.9 (Mavericks) for 1Password 4

    • OS X 10.6 (Snow Leopard) & 10.7 (Lion) for 1Password 3

(3) LastPass

Courtesy from LastPass

Courtesy from LastPass

This tool is the best one for individuals and families who have devices in multiple eco-systems (Apple, Android, Windows, Linux, Kindle, Chromebook) and prefer using a browser extension rather than a native app.

Like 1Password, LastPass does more than generating and storing passwords and works well with Touch ID and Apple Watch.

Unlike 1Password, the only way to synchronise your password vault is through their own centralised server

This means that it's highly recommended to setup two-factor authentication after signing up for this service.

Although the user interface is less polished than the one from 1Password, it's still an easy to use app.

A great feature of LastPass is the Security Challenge which gives you an overall score regarding your password vault, as well as suggestions for improvements.

LastPass_security_challenge_-_Annotated_800px_Optimized.png

The good news is that it's free for individual users. 

There is a Premium plan at $2 per month if you want to share folders with other LastPass users, priority support, 1GB of encrypted storage and more.

Similarly to 1Password, LastPass now offers a family plan costing $4 per month for up to 6 family members.

System requirements:

  • iOS 9 and up

  • OS X 10.7 (Lion) for the browser extensions

  • OS X 10.10 (Yosemite) for the standalone Mac app

Summary

iCloud Keychain is a good place to start if:

  • you exclusively use Safari for web browsing

  • your online footprint is limited to a few accounts

  • you only need to manage login and credit card information

1Password is a no brainer if:

  • you have more than a couple of Apple devices

  • you want a slick interface and manage more than just passwords

  • you would like to use Dropbox or iCloud to synchronise your password vault

  • you’re looking for a solution to manage password for your entire family (through a subscription)

Finally, LastPass is the best solution for you, if:

  • you're looking for a system that works across many different platforms beyond Apple

  • you're OK with having your password vault stored on LastPass' servers

  • you want a free, yet versatile solution

Are you already using an electronic password manager?

  • If so, which one and what do you like about it?

  • If not, would you consider using one and which would you choose?

Please let me know in the comments below!

<--Add a dash before the > on this line to activate the language selector with flags->