In this post, I’ll review three password managers that can be used on iPhone, iPad and Mac.
Please note that to take advantage of the apps mentioned later on, you'll need at least the following versions of the operating system:
iOS 9 on iPhone/iPad
OS X 10.9 (Mavericks) on your Mac (preferably 10.10 Yosemite and up)
Actually, this is the third article from a 6-part series on password management that will be released over the next few days:
Part 1: Why should my password be unique & strong?
Part 2: How to generate unique and strong password
Part 3: Overview of three password managers for iPhone, iPad & Mac
Part 4: How to use iCloud Keychain on iPhone, iPad & Mac
Part 5: How to use 1Password on iPhone, iPad & Mac
Part 6: How to use LastPass on iPhone, iPad & Mac
Recap from my previous posts:
The main reasons why online account get hacked are the following:
passwords are either too short or too simple
the same or very similar passwords are reused across multiple accounts
the answers to security questions can be found easily from publicly available information
This is why we need passwords (and answers to security questions) that are unique and strong.
In my previous post, you’ve discovered 4 methods to generate these kinds of passwords:
Electronic Password Managers
Electronic password managers review
Today you'll learn more about the three software solutions that I endorse:
There are more software solutions out there (some free, some paid) like Dashlane, Keeper, Locko, KeePassX, and more.
After having tried a few of those, here are the reasons why I don't recommend them:
Some don't provide an iPhone/iPad app
Some have not been long enough on the market
The way that some protect or transport data is not explained or opaque
Their data retention policies are either vague or inexistent or unacceptable
Some don't provide an easy way to export data and move to another service
(1) iCloud Keychain
This is the most integrated solution as it is available right inside Safari and does not require to download any third-party application.
The thing is, you may already be using Safari's built-in password manager without realising it and go back to this post if you want to check what is already stored there.
To merge the login information stored in the local keychain of different devices into a single one, you'll need to activate what is called "iCloud Keychain" via the iCloud configuration pane:
iPhone/iPad: Apple ID > iCloud > Keychain
Mac: System Preferences > iCloud > Keychain
Synchronising your keychains via iCloud is secure in the sense that, unlike your photos, contacts and other data stored in iCloud, the keychain is encrypted a second time by a password that only you know (different from your Apple ID account).
In addition to passwords, it can safely store credit card information too (but not the CVC for obvious security reasons) and allow you to synchronise Wi-Fi passwords between multiple devices (which can be quite handy at times).
The downsides of iCloud Keychain are that:
It only works with Apple devices
It does not manage security questions easily
On OS X 10.11 and earlier, the Keychain is opened when you log into your user account, which makes it vulnerable if your computer gets infected
On iOS 11 and earlier, as well as on macOS, passwords are autofilled without the need to type your device passcode or use Touch ID/Face ID
Some websites block iCloud Keychain from suggesting passwords, which means that an alternative approach is needed in those cases
All passwords have 15 characters and the same structure (4 sets of 3 characters with a minus sign in-between) which may not work when websites limit the password length and/or its structure (no special characters for instance)
To alleviate those limitations, you could use a hybrid approach by:
Using a paper-based method to generate passwords and answers to security questions
Using iCloud Keychain to store and synchronise the passwords
Using password-protected notes (see this post) to store answers to security questions
Despite all these drawbacks, it's still a better and more secure solution than not using anything.
iOS 7.0.3 and up
OS X 10.9 (Mavericks) and up
This tool is the best one for individuals and families who have almost exclusively Apple devices, though it works also on Windows 10 and Android.
Not only can 1Password generate and store passwords, but it can also:
store secure notes and sensitive files
store credit and debit cards information, as well as bank account details
easily generate and manage human-readable answers to security questions
store personal information, like your passport number, social security number, driving licenses
associate multiple domains with the same credential (i.e. Amazon has a unified system for all its countries: amazon.com, amazon.fr, amazon.co.uk, etc.)
manage two-factor authentication tokens like Google Authenticator
manage other types of information like software licenses, memberships, reward programs and even wireless routers
This tool integrates very well on both the iOS and Mac platforms by providing a dedicated app, Apple Watch support as well as browser extensions.
Besides, it works with Touch ID & Face ID, on iPhone & iPad as well as the latest MacBook Pro with Touch Bar and 2018 MacBook Air.
What a pleasure to automatically fill your password using your finger or facial recognition!
A great feature of 1Password is WatchTower: a service that alerts you when there is a security breach for one of the services that you're currently using. When needed, the app will tell you to change the password for said service.
1Password provides two ways to synchronise your password vaults:
Via iCloud or Dropbox (one-time purchase)
Via their own servers (monthly subscription)
In both cases, you have a free 30-day trial, then you'll have to
either purchase a license (10,99€ on iPhone/iPad and 64,99€ for the Mac)
or subscribe to a subscription plan ($2,99 for individuals and $4,99 for families of 5)
With the family plan, each member has their own separate password vault and there is a shared vault (accessible by everyone) that can be used for things like school login items or shared bank accounts.
This is also a great way to get children familiar with password management from a young age.
iOS 12 for 1Password 7
iOS 9.3 for 1Password 6
macOS 10.12.6 (Sierra) for 1Password 7
OS X 10.10 (Yosemite) for 1Password 5 and 6
OS X 10.8 (Mountain Lion) and 10.9 (Mavericks) for 1Password 4
OS X 10.6 (Snow Leopard) & 10.7 (Lion) for 1Password 3
This tool is the best one for individuals and families who have devices in multiple eco-systems (Apple, Android, Windows, Linux, Kindle).
Like 1Password, LastPass does more than generating and storing passwords and works well with Touch ID and Apple Watch.
Unlike 1Password, the only way to synchronise your password vault is through their own centralised server.
This means that it's highly recommended to setup two-factor authentication after signing up for this service.
Although the user interface is less polished than the one from 1Password, it's still an easy to use app.
A great feature of LastPass is the Security Challenge which gives you an overall score regarding your password vault, as well as suggestions for improvements.
The good news is that it's free for individual users.
There is a Premium plan at $2 per month if you want to share folders with other LastPass users, priority support, 1GB of encrypted storage and more.
Similarly to 1Password, LastPass now offers a family plan costing $4 per month for up to 6 family members.
iOS 9 and up
OS X 10.7 (Lion) for the browser extensions
OS X 10.10 (Yosemite) for the standalone Mac app
iCloud Keychain is a good place to start if:
you exclusively use Safari for web browsing
your online footprint is limited to a few accounts
you only need to manage login and credit card information
1Password is a no brainer if:
you have more than a couple of Apple devices
you want a slick interface and manage more than just passwords
you would like to use Dropbox or iCloud to synchronise your password vault
you’re looking for a solution to manage password for your entire family (through a subscription)
Finally, LastPass is the best solution for you, if:
you're looking for a system that works across many different platforms beyond Apple
you're OK with having your password vault stored on LastPass' servers
you want a free, yet versatile solution
Are you already using an electronic password manager?
If so, which one and what do you like about it?
If not, would you consider using one and which would you choose?
Please let me know in the comments below!