1Password vs. iOS Keychain vs. ....

I apologise if this has been brought up before however I am new here, be gentle with me :pirate:

I would like people opinions on which is the "best" password storing software? As an example, before I started (on my iPhone) using 1Password all of them were saved in the keychain - as most people's would. However after installing and correctly setting up 1Pasword I'm contempating the pros or cons with moving over all those authentication details only to 1Password and make (and keep clean) the keychain. Surely this is a lot more safer, more secure (with things such as 2FA turned on +++) then:

  1. Having all my details sprawled over 2 (or more) devices/apps
  2. Easier to find - no having to think "Have I saved password x in the other app?"

And I think my question can also be more generalised. For instance, nearly all browsers have the capability to store passwords however keeping all one's details in one stop kind of urks me!! And of course you can use other tools such as 1Password Browser's extensions for assistance so the "excuse" of it's more inconvenient doesn't really hold water with me.

Anyway, just curious of other people's opinions and/or how they deal with this conundrum (many passwords, many login locations, many apps trying to be "helpful", etc, etc.)


1Password Version: 7.3.684
Extension Version: 1.15.7
OS Version: Windows 10 Home
Sync Type: iCloud

Comments

  • AGAlumB
    AGAlumB
    1Password Alumni

    @tyrael: While browser- (or OS-) based password management/filling can be more convenient in a sense (fairly automatic, easy, and built-in), that also brings with convenience and security compromises:

    • Interoperability: passwords in one browser/OS will not be available in others
    • Security: having sensitive information quirted into webpages without your consent can have bad consequences, and even when it's not being filled it is usually not stored securely
    • Portability: these functions range from mediocre export options to non-existent; it's hard to get your data out and move it somewhere else

    That said, Keychain on iOS has actually gotten pretty good in most of these areas, if you're using only Apple devices and continue to do so. The security and usability is good...but it is not cross-platform or export friendly. I can definitely see how some people may be satisfied with that. But for many people it's just not an option because it doesn't work everywhere they need it to, and there's no easy way to get data out of it.

    *As a side note, we always recommend disabling browser autofill, both for security and privacy reasons, but also because it can cause a lot of confusion to have passwords saved in different places ("Where did I save that?!")

  • tyrael
    tyrael
    Community Member

    Thanks @brenty , I completely understand where you're coming from! I hope I didn't come across too blase with my suggestions, I'm a software engineer my self so I fully understand the mountains one must make it over to produce a viable product (these mountains can be ant hills at time, and Mt Everest at others) - so I do feel your pain.

    Taking into considering of what you replied. Do you think it's a reasonable choice to use the Apple product keychains as usual, but to be sure to sync any difference with 1Password? (one of my favourite features of the app btw). That way whilst on the Apply device you can complete access on what's both 1Password & keychain, then by sync'ing the two, when on a Windows/Linux box you can still reap those benefits?

    Of course this is more of a personal choice I guess, I am however interested in your opinion/how you manage this?

    Cheers!

  • AGAlumB
    AGAlumB
    1Password Alumni

    @tyrael: Given that Apple's Keychain doesn't have any sync or export features, it won't be possible to sync it with 1Password. A script can be used to help automate getting data out of it, but I can't stress enough that it's time consuming and not easy to do, so that's more of a one-way/one-time solution.

This discussion has been closed.