Suggestion Import/sync Keychain

Hi,

It would be great if there were a method in 1Password to import/sync from keychain. So if a password (e.g. WiFi WPA key) is added to keychain it is automagically imported into the 1Password store.

Thoughts?

Thanks,

MC

Comments

  • sjk
    sjk
    1Password Alumni
    edited December 1969
    mike548141 wrote:
    Thoughts?

    Only that I made a similar suggestion years ago, am too tired to search for it (and any followup discussion) right now, and would still like that functionality. :)
  • MartyS
    MartyS
    Community Member
    edited December 1969
    Thank you for your suggestion. We may someday allow arbitrary items from your OS X keychain be imported into 1Password, but it wouldn't be automatic as you asked. I am curious, since in your example case a Wi-Fi key cannot ever be expected by OS X to be anywhere but in your keychain I'm not sure what the tie-in to 1Password having a duplicate (and possibly out-of-date copy) would be: it's encrypted in your keychain if security is your concern.
  • sjk
    sjk
    1Password Alumni
    edited December 1969
    MartyS wrote:
    We may someday allow arbitrary items from your OS X keychain be imported into 1Password, but it wouldn't be automatic as you asked.

    I'd like it to be automatic in the other direction, i.e. mirroring compatible 1P data to a specified (e.g. login) OS X keychain. That way the latter could be used on systems without 1P. Even manual "Export 1P to OS Keychain" functionality would be much appreciated. Thanks!
  • sjk
    sjk
    1Password Alumni
    edited December 1969
    Thanks, Stu. Here's an earlier related suggestion/discussion:

    Export to KeyChain ... (for peace of mind ...)
  • Nik
    Nik
    1Password Alumni
    edited December 1969
    My understanding of this situation is that the keychain can't import data. While I do see the File > Import Items option in Keychain Access, Googling this indicated that only items that can be imported are certificates and other keychains.
  • sjk
    sjk
    1Password Alumni
    edited December 1969
    justG wrote:
    My understanding of this situation is that the keychain can't import data.

    The Keychain Access app can't (AFAIK), which is why I mentioned possibly using the security command in the post with the aforementioned link, e.g.:

    % security help import
    Usage: import inputfile [-k keychain] [-t type] [-f format] [-w] [-P passphrase] [options...]
        -k  Target keychain to import into
        -t  Type = pub|priv|session|cert|agg
        -f  Format = openssl|openssh1|openssh2|bsafe|raw|pkcs7|pkcs8|pkcs12|netscape|pemseq
        -w  Specify that private keys are wrapped and must be unwrapped on import
        -x  Specify that private keys are non-extractable after being imported
        -P  Specify wrapping passphrase immediately (default is secure passphrase via GUI)
        -a  Specify name and value of extended attribute (can be used multiple times)
        -A  Allow any application to access the imported key without warning (insecure, not recommended!)
        -T  Specify an application which may access the imported key (multiple -T options are allowed)
    


    1P could export an inputfile compatible with security import ….
  • Nik
    Nik
    1Password Alumni
    edited December 1969
    Thanks for the follow-up, sjk.
  • NekoNiaow
    edited December 1969
    Being able to automatically share passwords with the OS X Keychain would be very useful.

    An important number of "internet" (actually web ones) login credentials are shared with third party applications: twitter, facebook, etc. all of which rely on the keychain for their storage.

    Having these passwords duplicated in 1Password leads to very painful maintenance: changing the password on one side won't update it on the other.

    The Keychain has the advantage that it offers a standard secure repository which all applications can access. By storing its data in its own "vault" 1Password deprives all other applications of it. The Keychain also allows for selective access to applications (ie, allow Skype to read a password, but not unrelated applications), which you don't.

    I think making 1Password a service provider built around the Keychain makes way more sense than having it secure the data by itself. The Keychain is plenty secure, it offers more versatility and flexibility, however its configuration and interface is a pain for non technical users. Why not extend it instead of trying to supplement it ?

    Best Regards,
    Laurent
This discussion has been closed.