Help me choose the right password manager
June 29, 2019 7:38 PM   Subscribe

I've used the macOS keychain since forever, but don't like the way it forces me to use Safari for smooth integration. Help me choose the best option for security and convenience.

I've been interested to play around with the newer versions of Firefox and Brave browsers, but the seamless integration between Safari and the macOS keychain for populating (and especially) generating passwords on both desktop and mobile keeps me using Safari for nearly all my day-to-day browsing.

If I want to have more freedom, I figure I need to switch to a different password manager. Which would be the best given my priorities?
  1. Ability to import (or even better, regularly sync) all the passwords I have stored in my macOS keychain
  2. Interoperability with various browsers on desktop and mobile (and non-browser apps which need logins) for populating and generating usernames and passwords
  3. Excellent security track record
posted by Cogito to Computers & Internet (15 answers total) 11 users marked this as a favorite
Another vote for 1Password. It has a Firefox extension and appears to support Brave too.
posted by Johnny Wallflower at 8:25 PM on June 29, 2019 [1 favorite]

From the other end: Firefox has built-in password management that may suit most of your needs; nothing extra required.
posted by SaltySalticid at 8:28 PM on June 29, 2019

LastPass, for sure.
posted by kirkaracha at 10:40 PM on June 29, 2019 [1 favorite]

To provide another option, I use Bitwarden. It's open-source, so I can vouch for its ease to use on any platform and its security (Points 2 and 3). But I'm not tech-savvy enough to vouch for Point 1.
posted by galleta monster at 12:24 AM on June 30, 2019 [1 favorite]

Wirecutter has good rundown of the better-known managers. I've used the free tier of LastPass for many years and have been pretty happy with it. It includes all the features I want without having to pay for the premium version (the premium version recently increased to $36/year for one user). There's no limit to the number of items you can save, it has cross-device syncing, supports two-factor authentication, generates secure passwords easily, can save other types of secure notes, and it can be set to auto-fill and auto-submit.

As a Mac user, one thing LastPass won't do for you is work with non-browser apps. If this is a priority take a look at 1Password. With LastPass I save application passwords as secure notes and just copy/paste from LastPass to the apps.

Regarding point #1 in your list of priorities -- transferring your Keychain passwords to a password manager is not easy to do, regardless of what manager you go with. Basically you would need to convert them to a .CSV file first, as explained here, but that comes with some risks. Also it may be the case that this isn't possible to do in recent versions of MacOS (I haven't tried it).

Once you decide on a password manager such as LasPass, a safer - but slower - method for transferring your data from Keychain is to simply log in to each of the websites that you have saved in your Keychain. Each time you log in to a site that LastPass hasn't seen before it will ask if you want to save that login info and you just click Yes.

Btw, as a side-note, there are some very good reasons NOT to use Brave.
posted by theory at 1:11 AM on June 30, 2019 [4 favorites]

Personally, I moved KeePass2 to Bitwarden a couple of months ago - and have been very happy with that. Oddly I became aware of it initially via the many supportive comments about it left on the above linked Wirecutter review (which did not include it).

In my case it was able to import my Keypass database without problems - I like the fact there is a well built iOs app that goes with it. Free also, in most scenarios.
posted by rongorongo at 1:57 AM on June 30, 2019

Bitwarden seems extremely good. I went to the effort to switch to it from LastPass because the UI is nicer and it's FOSS. I am glad I did.
posted by value of information at 3:54 AM on June 30, 2019 [1 favorite]

Another vote for Bitwarden. I use it across Mac, Linux, and Android devices.
posted by COD at 5:38 AM on June 30, 2019 [1 favorite]

As a Mac user, one thing LastPass won't do for you is work with non-browser apps.

Unless I'm misunderstanding the issue, the LastPass Mac app does this exactly.
posted by zamboni at 6:28 AM on June 30, 2019

I use a journal, real paper book to store my passwords. Most od the daily stuff I have memorised. Low use words I have to look up. Granted it is a wreck of erasures and all but it is absolutely secure. No one or algorhythm makes up my passwords and no one else has access.
posted by Oyéah at 11:59 AM on June 30, 2019

Zamboni - I was under the impression that the LastPass Mac app only provides a desktop version of your vault, the ability to log in using the Touch ID bar (if your computer has one), and a couple of other minor benefits compared to using the browser extension.

I haven't actually installed the desktop app though, only the browser extension, so I defer to you if your experience is different.
posted by theory at 3:40 PM on June 30, 2019

I use 1Password personally and LastPass for work. I love 1Password and despise LastPass: LastPass has a desktop app, but it's a hobbled thing and it doesn't even let you know how insufficient it is and some parts of it plain don't work. For instance, I have not been able to make a folder in LastPass's desktop app, despite going through the dialog in the interface. Changing the sharing settings of folders? Just not even mentioned anywhere in there, not even linking to the web interface to do it. And using it feels pretty clunky compared to 1Password, web or desktop.

1Password's desktop app really shines on the Mac, it's decent on Windows, and it has browser integrations. What's more, I've found that it integrates pretty well with Firefox and many other apps on iOS despite not being KeyChain.
posted by foxfirefey at 9:18 PM on June 30, 2019

theory: It's the quick search and hot keys bit that makes the LastPass desktop app actually useful. Need to log into a non-browser thing? Invoke the hot key shortcut, search for the required password in a Spotlight style bar, then it drops you right back to the thing you're trying to log in to. Paste, done.
posted by zamboni at 9:26 PM on June 30, 2019 [1 favorite]

Mike Pound talks about password managers: how they work and why they are important. If you had been wondering how key encryption works for systems with Cloud stored password files - then this is a good primer. (and his "How to Choose a password" video is also a lot of fun)
posted by rongorongo at 1:10 AM on July 3, 2019

Another vote for LastPass, even at the free level it does what you want and does it well.
posted by nenequesadilla at 6:17 PM on July 6, 2019

« Older How do I make a million lifestyle changes at the...   |   Talking to Babies for Dummies Newer »
This thread is closed to new comments.