The palm of my hand is not big enough
August 1, 2011 6:08 PM   Subscribe

OS X - recommend either password/info management applications, or tell me how you handle passwords and info!

I'm on OS X 10.6.8., and yes, at some point, I'll move on to Lion.

BACKGROUND: Over the weekend, I had to do a complete re-install of my operating system due to a corruption issue. That meant, I had to re-install all my applications. Which I did, except for the password management app. The password management app I used (let's call it PMA), came with an installation code which I have, but since a few months ago, PMA became abandonware. The lovely developer removed his entire site and servers. When I install the app from the dmg (which I kept), and input the key, the app phones home - and when it does not find a server, it goes into demo mode which is of absolutely no use to me. So there. I need a new app. The section "more background" can be skipped, it's just informational.


Fortunately for me, I had a fairly recent bootable disk image of my hard drive made with SuperDuper, so I could transfer my data files, and so have lost nothing. I can hook up the external drive with the bootable image, and transfer files, but I can also select the external drive as the drive to boot from and boot my iMac into that drive. I don't want to simply re-image this back to my iMac, because one of the applications is causing fatal system corruption (long story), and so this is a no-go. I can actually open the password management application when I'm booted from this drive, and it works fine (I exported the database into an rtfd file, so I lost no passwords). I also have a time machine (in addition) so there is an option to use Migration Assistant to transfer applications to my newly installed OS, but I don't think it's possible to transfer just one application (the PMA) - or at least I don't know how to - and I don't want to transfer all of them on account of that one rogue application that has deep system hooks. Finally, if I were a l33t haxor, there's probably some way to get around all this and extract the PMA from either the bootable external drive or the Time Machine and install it on my new OS, but I'm not a l33t haxor, so there. In any case, this is now abandonware - although the last iteration (which I have) has been updated to Snow Leopard, there is no guarantee it'll work with Lion (to which I'll move eventually), so really, I have to move on and find some other application.


Finally onto my question. I have a ton of passwords, and also a bunch of data that I need to protect (such as passport numbers etc.), and right now it's all sitting in an unprotected rtfd file. Yes, I know I can make a sparse image and put any file into it, but it's not exactly an elegant solution, because I have no sorting ability here. What I liked about the now abandonware PMA, was the fact that it all had a bunch of fairly sophisticated ways of categorizing and finding relevant info (in addition to other good things) - when you have a ton of data, it is simply not very practical to keep it all in a big rtf/word/excel/etc. file - it becomes visually overwhelming.

So - what do you recommend as a good password *and information* management application? I've looked at some obvious choices such as 1password (not good with simply storing and accessing non-password information), supergenpass (same issue), Data Guardian, Data Vault etc. and yes, I trawled macupdate and versiontracker (cnet), but I haven't found anything even remotely acceptable. I certainly could have missed something though.

I am willing to pay up to $50 for a good app.

However, it is also possible that this is another instance of the poverty of the OS X application ecosystem, and no *good* options even exist. In which case, my question changes to: what is your tried and true system of password and secure data management? Something that is not only secure, but flexible and user friendly?
posted by VikingSword to Computers & Internet (31 answers total) 10 users marked this as a favorite
Before I moved everything to LastPass (because I wanted to share info with a spouse between multiple computers) I just kept everything in Keychain Access, which is built into the OS, and includes the ability to save secure notes as well as passwords.
posted by odinsdream at 6:12 PM on August 1, 2011

Lastpass? It runs on OSX I believe and most any other platform. I am always recommending it to people because of how much I love it and use it.
posted by MrBobaFett at 6:18 PM on August 1, 2011

Sorry, I don't want to entrust my password database to any cloud - they can have problems... see LastPass.

Local user only, thanks.
posted by VikingSword at 6:25 PM on August 1, 2011

I use passwords with a theme - let's say I'm a really, really big fan of Indiana Jones. I would generate passwords like:


and so on and so forth. It allows for different passwords for every site, but you have a strong idea of what they are. You could do it with characters or phrases from a TV show, players on a sports team, locations from a video game, etc. Works for me, anyway.
posted by Rinku at 6:25 PM on August 1, 2011 [1 favorite]

I use 1Password, and it's great. It has built-in support for syncing with Dropbox, browser plugins, and an iPhone app. It has a feature called Wallet specifically for storing things like passport numbers. Take another look.
posted by designbot at 6:29 PM on August 1, 2011 [2 favorites]

Just saw your cloud concerns; the Dropbox stuff is totally optional.
posted by designbot at 6:30 PM on August 1, 2011

KeepassX. Local storage, cross-platform, can store documents, and includes cool features like auto-typing. And it's free.
posted by TruncatedTiller at 6:41 PM on August 1, 2011

I use Password Gorilla as it has the added benefit of being cross-platform. And since I'm on the Mac at home and PC at work, that has been a huge lifesaver.

There's also KeePass which is also cross-platform though I'm not quite sure what differentiates it from KeepassX.
posted by fifteen schnitzengruben is my limit at 6:43 PM on August 1, 2011

For passwords, I use my Javascript password generator (which was the inspiration for supergenpass). For other information, I use Evernote with a generated password.
posted by nicwolff at 7:05 PM on August 1, 2011

There's Pastor.
posted by Addlepated at 7:10 PM on August 1, 2011

1Password for OS X and iOS
posted by Brian Puccio at 7:14 PM on August 1, 2011

LastPass with a YubiKey should alleviate your concerns about their security, which is excellent anyway.

For local storage, what's the issue with Keychain Access exactly? It's overlooked so frequently, but as I mentioned already, it does everything you want, is free, and is already built into the OS.
posted by odinsdream at 7:31 PM on August 1, 2011

National Velocity is excellent for storing unrelated snippets of text and to make them quickly findable. It can be set to encrypt its data file and/or require a password when starting the app. (It'll also allow you to store its data in plain text files plus sync to Simplenote online, but those are newer features you can completely ignore for your purposes.)

It's been around since the early 2000s, is still under active development, and is free.
posted by D.C. at 7:34 PM on August 1, 2011

I use 1Password with Lion on my Air and iMac and with my Android phone.
posted by dobbs at 8:09 PM on August 1, 2011

I use 1Password with content of all kinds - passport numbers, secure notes, credit card numbers, etc, and I love it. I'd suggest having another look at it.
posted by impluvium at 8:10 PM on August 1, 2011

Nothing 1password...
posted by jz at 8:16 PM on August 1, 2011

Nthing...stupid autocorrect.
posted by jz at 8:16 PM on August 1, 2011

Honestly, it sounds like you're looking for 1Password.
  • You can keep all of your data locally.
  • You can organize information with both tags and folders.
  • Entries can be one of a rich set of types, including logins, general accounts, identities, software licenses, freeform secure notes, and "wallet" items like credit cards or passports.
  • You can attach arbitrary files to any entry.
  • The native data store includes a pure html + javascript based viewer for your information, which means you'll never have to worry about losing access to your info should 1Password be discontinued.
The data is really portable, too. If you're willing to use the built-in Dropbox support, it's downright simple to sync it amongst your computers and mobile devices. If not, you can also manually copy it onto a flash drive and use the built-in viewer, or copy it to your Android phone and use the free 1Password Reader.
posted by SemiSophos at 8:20 PM on August 1, 2011

I have been using mSecure and I really like it. Sorting through information and adding new data is really easy. There's a Mac version as well as versions for iPad and iPhone. There's a utility to allow you to sync them to each other. (No cloud storage.) I just use the iPhone version, which has a handy feature that allows you to email yourself an encrypted backup. Came in handy when my phone got stolen last year!
posted by web-goddess at 8:25 PM on August 1, 2011

Thank you everybody, there are quite a few apps I need to explore now. Given the strenuous advocacy, I may even have to reconsider 1password. I'm marking a few answers, but feel free to lob more suggestions my way. I'll pick something by the end of this week. Thanks again, everybody!
posted by VikingSword at 11:42 PM on August 1, 2011

Seconding KeePassX, it's lightweight, free and excellent.
posted by Happy Dave at 12:54 AM on August 2, 2011

1password user.
posted by gen at 1:06 AM on August 2, 2011

Jumping on the 1password bandwagon.
posted by neilbert at 3:45 AM on August 2, 2011

Just wanted to throw out that Mac OS's built-in Keychain Access app works very well. You can make new keychains and drag passwords to them and set different rules, so you can make ones for less important Websites, one for banks & other critical accounts, one for work, etc., and have some open at login, and some prompt for a password every time. I'm sure 1Password has improved vastly in years but it used to break frequently when you'd upgrade the OS.
posted by davextreme at 6:57 AM on August 2, 2011

You can try Splash ID Safe. It doesn't have browser integration but it has good mobile support and is cross platform. On the plus side for splash ID, the record format is entirely customizable on a per-record scale, if you like. So if you have one record that requires extra fields, it's not a problem. On the down side, it has UI bugs that make some things difficult.

Oh, there's no cloud involved, either.
posted by chairface at 7:11 AM on August 2, 2011

I just want to give another resoundin recommendation for 1password.
posted by Faintdreams at 7:17 AM on August 2, 2011

Just an update. I never used, and thus don't have any user interface expectation of password browser integration, and I think it's too much of a hassle, because every time Apple updates Safari, the application can go berserk.

I have taken another look at 1password, and have decided against it again. It's just a disaster area with the recent move to Safari 5.1 - they changed the 1password interface dramatically and left tons of functionality behind (temporarily, they say), but the key is that it left 1password as enormously buggy and practically unusable, it looks like they really botched the latest edition - just read the reviews and feedback, it's pandemonium. Now, no doubt the developers are very nice guys and super responsive, but I ask myself, do I want to deal with this kind of insanity in a password manager, every time there's a browser update... and the answer is a firm NO.

As far as I'm concerned, 1password is off the table for me, I have no further interest in it.
posted by VikingSword at 10:22 AM on August 2, 2011

I hate to be That Guy, but have you actually downloaded and given the demo a fair shot? From what you're written, 1Password actually sounds like exactly what you're looking for. The browser integration is completely optional.

As much as I hate to admit it, 1Password and LastPass are by and large the market leaders right now, and if you're adamantly opposed to cloud storage (I am, too), then LastPass is off the table.

The available options are generally pretty dismal, even outside of Mac OS X, in that exceedingly few programs are being actively maintained.

Of those that are maintained:
  • Password Gorilla doesn't gracefully handle non-login information, nor can it store arbitrary file attachments.
  • KeePass requires Mono (100 MB download, 300 MB installed) to run on Macs and seems extremely and unusably buggy at the moment (basic screen drawing and input recognition issues, for instance). It does, however, look like it supports everything you want, so it could be a good option in a year or two.
  • KeePassX is a native application, but is currently under sporadic development as the lone maintainer attempts a complete rewrite. It's fairly login-centric, but it does support secure notes and arbitrary attachments on items.
  • SplashID Safe looks interesting, but it doesn't offer a demo version, and much like old versions of 1Password, it uses SIMBL hacks for its Safari browser integration.
  • Pastor doesn't allow for categorization or searching of entries. It's UI is optimized for storing logins over arbitrary data, but all entries do have a freeform "Notes" field. It can't store arbitrary attachments.
  • mSecure is kinda weird, but it does let you create arbitrary datatypes. Its organization options are pretty limited (everything is in one big bucket), but you can choose to only view items of a give type, and it has decent search options. It can't store arbitrary attachments.
And beyond using Keychain Access, I can't find anything else really worth investigating. Of the options above, I have a feeling that Password Gorilla, KeePass, and Pastor are right out.

SplashID and mSecure are smaller players (I hadn't heard of them before this thread), but both seem like they have a chance at doing what you want. You might find the organization options in mSecure lacking, and as far as I can tell, many of your critiques of 1Password would apply equally to SplashID.

Which leaves KeePassX. I've frequently seen KeePassX mentioned in password management discussions, and it generally seems to have a pretty sizable and happy user base. It's open source, which allays some of my concerns about its maintainership. Plus, you can't beat the price.

In short, I'd suggest giving KeePassX a shot, then mSecure, then 1Password. Only then, once you've exausted the options that you can try before buying, would I recommend looking into SplashID.

But honestly, as much as I hate to admit it, 1Password really is the best of breed right now, and for good reason.
posted by SemiSophos at 1:17 PM on August 2, 2011 [1 favorite]

I've been using 1Password since v2 at least and it has never given me a problem. I upgraded from SL to Lion and 1Password has not given me a lick of trouble. It is being actively developed, I think there's been two new builds since Lion was released. This Safari 5.1 situation is atypical in that (I believe) there's been a change to sandboxing that affected the extension.

Again, I haven't had any problems with 1Password, and I like to think I'm pretty picky when it comes to software. I'm not affiliated with 1Password or Agile at all, FWIW.
posted by entropicamericana at 1:19 PM on August 2, 2011

Crazy alternative idea: Build a custom Bento database and store it in an encrypted sparse image? I've never used Bento, but I hear it's good at managing information.
posted by SemiSophos at 1:37 PM on August 2, 2011

Aah, Kerrist on a cross, you folks really know how to persuade. All right, I'll give 1password another shot - I admit, I have not downloaded the demo - I was about to, when I read the horrible reviews of what just happened to the last iteration, and it stopped me dead in my tracks. I also admit to having an aversion to 1password - many, many moons ago (years and years ago, back in the PPC days), I downloaded 1password and had a horrible experience with it, where the removal of it, completely borked my OS X installation, and I grew enraged by the developer(s) sinking such deep hooks into the system that it was possible to hose it. I swore to never touch anything by these bastards again.


SemiSophos has written such an eloquent post with such a comprehensive outlining of options that I just have no choice but to give it a try again. And here I thought I was safe from 1password for all time. (and SemiSophos, don't be such a sneaky bastard - you can drop the "Semi" part of your nick - you're a full on Sophos The Persuader:)).
posted by VikingSword at 1:48 PM on August 2, 2011

« Older American History, the comic book version   |   Caterwauling Newer »
This thread is closed to new comments.