You Don’t Have to Be a Rocket Scientist to Manage Passwords

Passwords. They’re one of the banes of modern life. I know I should be using unique and strong passwords for every account or service I use. But when you consider that the minimum requirements for a strong password can include:

  • 12 or more characters
  • Lowercase, uppercase, numbers, and symbols
  • No character repetition, use of a keyboard pattern (such as qwertyasdfg), dictionary words, character sequences, pet names, relatives, usernames, or romantic interests

It’s enough to make my head explode, just thinking about trying to remember all the passwords I would need. That’s why I gave up a while ago, and moved on to using a password manager to keep track of my login details for me.

(Password generators, included in various forms with all of the apps we mention, automate the creation of complex and strong passwords.)

Password Managers
Nowadays, a password manager is a must-have app. Your Mac even comes with Keychain Access, an app for making use of the Mac’s Keychain manager for storing passwords, certificates, and even encrypted notes. Keychain simplifies password management for Mac-based services and apps, such as Mail. But while it does a great job of handling system-related passwords, it’s not the friendliest password manager for general use.

That’s where third-party password managers come into play. In this guide, we’re going to look at some of the popular password managers available for the Mac, and other computing devices you may use.

1Password
Currently at version 6, 1Password may be the most well-known password manager for the Mac. And why not; it’s been around for ages, has an easy-to-use and easy-to-understand user interface, and eliminates the burden of keeping track of a gazillion passwords, allowing you to use large, very strong passwords without the need to memorize any password except the one that lets you access the 1Password app.

(1Password provides an app for securely storing passwords, as well as a browser extension for auto filling login data. Image courtesy of AgileBits.)

1Password keeps your data safe, stored in encrypted vaults using AES-256 encryption and PBKDF2 key derivation. Everything in your 1Password vault is encrypted; passwords, notes, website names, and URLS. If it’s placed in the vault, only you can see the information.

1Password stores and can auto-fill web forms with login, credit card, and other information you choose to store within the app. Generating a new highly secure password couldn’t be easier with the included password generator. You can choose from a number of “recipes” for generating a password, which allows you to adjust the complexity to meet a site’s password requirements.

1Password isn’t just for web-based logins. A large number of apps also support 1Password, allowing you to automatically log in to Twitter, Dropbox, Slack, Buffer, eBay, and more.

1Password also includes a security audit that goes well beyond the basics offered by other password managers. Besides checking for weak or duplicate passwords, and making sure passwords get changed in a timely fashion, 1Password also keeps track of websites that have had security breaches and checks to see if you have an account for that website in 1Password. If so, the security audit will catch the problem and let you know to change the password associated with the site.

1Password is available not only for the Mac, but just about every platform you may use. And it can keep all your devices synced to ensure that a new login you create on your Mac is available from any of the devices on which you’re running 1Password.

1Password supports unlimited installation on devices you use, so there’s no reason to be carrying around pieces of paper with your login information anymore.

LastPass
LastPass is chiefly a web-based password manager. That’s not to say it can only handle web logins; it can indeed store just about any type of secure data you wish. The interface is predominantly supplied through your browser via a browser extension.

(LastPass not only saves passwords and login data, it can also create general-purpose profiles for auto filling web forms.)

LastPass also includes a separate Mac app, but it’s primarily just a view into the local vault on your Mac where all your passwords and related information are stored in an encrypted format. The local vault provides access to site notes, logins, and other such information.

The local vault is synced with the LastPass cloud-based vault, which allows you to keep your logins and passwords synced across all your devices. Your password information is also available by logging in to the LastPass web site, giving you secure and easy access to your passwords when you’re not at your own device.

LastPass can store Site information, the best way to store login and password information associated with a web site.

Secure Notes is a free-form method of storing notes, credit card info, logins not attached to a website, software licenses, just about anything you wish to keep in an encrypted format.

Form Fills lets you create predefined forms with information such as name, address, and credit card, that can be used by LastPass to automatically fill in web forms you may encounter while shopping, logging in to a banking system, providing mail information, and more.

An unusual feature of LastPass is an emergency access function. You can designate someone as a trusted person who can request access to your vault. The request for access is sent to you, allowing you to decline. If you fail to decline within a specific time period, access is granted.

This emergency feature could be handy to allow a spouse, relative, or legal guardian access to your information should you become incapacitated for any reason.

EnPass
EnPass is a locally stored password manager that offers 256-bit AES encryption to ensure no one but you can access the sensitive data stored within the encrypted files.

(The EnPass app works in combination with its browser extension to create a password manager that auto saves new logins, and auto fills existing web site logins.)

Like many of the password managers in our guide, EnPass uses a single master password to grant access to all of the passwords, logins, banking info, credit card info, and notes you may have stored in the EnPass app. As I mentioned before, this is the key feature of password apps; they allow you to create as many strong passwords as you need, while only having to remember a single one.

Once you have unlocked the app, EnPass goes out of its way to make using a stored password or login a single-click affair. This is especially true once you install the EnPass browser extension (separate download), which can capture the login information as you visit various websites, and then autofill the login information upon return to those websites, with just a click or two.

To help you create strong passwords, EnPass includes a handy password generator that allows you to set minimum requirements for a password, such as length, number of digits, symbols, and uppercase characters to be used. The password generator also supports creating passwords using multiple pronounceable words.

One feature of EnPass worth mentioning is its password audit, which looks for weak logins you may have created, accounts you created where you used the same password as another account, and passwords that haven’t been changed in a specified time period.

EnPass supports creating entries for various types of data, including credit cards, banking, licenses, passwords, secure notes, and more. If you don’t find a category to store your information in, you can always create your own storage folder to help categorize your item.

EnPass is available for free on the Mac OS, Windows, and Linux platforms. Using EnPass on mobile platforms requires a one-time fee (currently $9.99 per mobile platform) that provides a lifetime license.

Sharing data between platforms is easy with the EnPass sync service, which makes use of a number of cloud sync options, including iCloud, Dropbox, OneDrive, Google Drive, and others.

RoboForm
If you’re a Windows user from times gone by, you may remember RoboForm Password Manager from the late 90s. RoboForm still makes its password manager for Windows, Macs, and most mobile platforms.

(RoboForm includes a desktop app, but it also adds a new toolbar to the browser for quickly storing new data and accessing existing login information.)

RoboForm combines an app for the Mac that stores data in encrypted stores using 256-bit AES encryption. Access to the encrypted data is provided with a master password that only you know. Because RoboForm uses its own cloud-based storage, your information is stored on RoboForm servers in the U.S. All data is both stored and sent in encrypted formats.

Having the data stored in the cloud allows easy access using any web browser, or the RoboForm desktop and mobile apps. Being able to access the stored data via any web browser can be very useful if you ever find yourself using someone else’s computing device.

Besides the RoboForm app, RoboForm also installs a browser extension that makes it a simple task to create new logins or fill in a web-based form with just a click or two. The browser extension also provides a browser toolbar, with many of RoboForm’s features and utilities available directly from within the browser.

RoboForm includes a password generator to help you create strong passwords. You can configure the generator to meet your needs or those of the site for which you’re creating a password. RoboForm also offers a security audit that will check logins to ensure they have strong passwords, that there are no duplicates, and that you haven’t reused passwords from previously created accounts that you no longer use.

RoboForm is available for Windows, Mac OS, Android, and iOS. It’s currently offered for a yearly subscription of $19.95, which allows you to use RoboForm on all supported platforms.

Further Reading:


LEAVE A COMMENT


  • Which of the four, if any, allow you to use a public library’s computer and enter a required password? I would guess none even though, I admit, doing so is not good practice.




  • My favorite feature of 1Password is the iPhone app. Not only does it let you take all your passwords with you everywhere you go, you can use the fingerprint reader to log into it which is quick and easy.