MacTalk

October 2023

Best Password managers to protect your data on iOS and macOS

Using unique and strong passwords for every website is a must for internet security. Too few people know how to do this, and that’s where password managers come in and can make online life easier.

There’s no doubt about it, actually doing the work to stay safe on the web is hard — and getting harder. In order to be truly secure online, each and every login you use needs its own strong, unique password.

 

We’re starting to see the spread of “passkeys” that make this process easier, since it doesn’t rely on passwords. Until this is universal, however, users should consider a password manager to help them create, manage, and fill in strong passwords.

The password managers we’ve picked here are excellent, free or low-cost, and user-friendly. Furthermore, we’ve checked each company’s privacy policies to ensure that they can’t read any of your stored passwords, thanks to end-to-end encryption.

 

All six of our managers offer features like two-factor authentication, secure password sharing, and importing existing passwords. They all help you create strong passwords, auto-store them, and report on any passwords that are weak or compromised.

We’ve checked to see if any of the companies reported a compromise or server breach, such as “what happened to LastPass. Thanks to their “zero-knowledge” policies, none of the password managers we list here have been compromised.

 

Keychain

Being built-in to Apple’s Mac and mobile devices, this is the obvious first choice. Whenever you first sign in or create an account on a website in Safari, Keychain — called “Passwords” in system settings — will pop up and offer to store this new login.

You should always, always say “yes” to this. That login is then stored and encrypted on your device, and then stored on iCloud and synced across your Apple devices.

 

At one time, what is now called iCloud Passwords only worked with the Safari browser on Mac. As of macOS Sonoma, it now also supports Edge, Chrome, Opera, and other Chromium-based browsers — sorry, Firefox.

 

You can even use Keychain on PCs by downloading “iCloud for Windows” application, and signing in to your Apple ID. It can then import and sync any logins you have stored in the default Edge browser, or Google’s Chrome browser.

 

Keychain includes some features for free that require a paid subscription on other password managers. Keychain will let you know if your passwords have been compromised or reused.

It will also let you know if a password is insecure/weak. It can direct you to the website so you can reset them to something better.

If you access “Passwords” through Safari on the Mac, you can more easily edit or remove duplicates or old passwords than in Keychain itself. Really, its main weak spot is the lack of an option for multiple users in one account.

 

On iPhones and iPads, you can go to Settings -> Passwords and do the same. On the Mac, the Keychain app is still a bit intimidating to inexperienced users, so use Safari to get to passwords instead.

 

The password list is covered by Apple’s standard privacy policy, so Apple doesn’t know the contents of your keychain. Some basic and anonymized “telemetry” data may be collected to help Apple determine how often an app is opened, for how long, or if the app crashes.

 

Given that it’s built-in, feature-rich, and supports passkeys, why would any Apple user want to use anything else? One reason is its lack of support for Firefox, but there’s also the lack of support for users who are cross-platform on smartphones or tablets — sorry, Android.

 

You can export your passwords easily from Keychain/iCloud Passwords, and import them into most other browsers on other platforms. However, imported passwords don’t sync back to the Mac or iOS devices.

 

This is where third-party password managers come in. You can also easily import those passwords into them, and they do stay current across platforms, so let’s take a look at some of those.

 

1Password

All five of the alternative options we’ve picked securely store your passwords as Keychain does, but also have additional features for managing and sharing passwords.

 

Although it is a very close choice, our favorite amongst the third-party companies is 1Password. As with the others, 1Password is multi-platform, supports all major browsers, and has zero knowledge of the contents of your password vault.

 

The main reason we prefer it over its competitors is its ease of use and tutorials for new users. It features support for multiple and shared “vaults,” and ensures it is communicating with 1Password’s real servers, foiling imposter sites.

 

Its one real drawback for potential customers is that it has no free tier. There is a free two-week trial — and it’s worth noting that most managers that do offer a free tier limit them in various ways.

1Password has you create a master password — which the company will never know — as well as a “secret key” as secondary protection. You should store them in a physical safe or other secure place, because if you lose both of these, the company cannot help you recover them.

 

The price for 1Password beyond the trial is $2.99 per month, or $4.99 a month for up to five family members, with both plans billed annually. As with the other options listed here, they have team, business, and enterprise pricing as well.

 

Bitwarden

Bitwarden is a bit less friendly-looking than 1Password, but it is the gold standard for password managers. It offers a limited free tier, which makes it a good choice for people new to the idea of a password manager.

Like most of the other options, the company has no knowledge of what users store in the vault. Like 1Password, it helps you if you lose your master password. It doesn’t collect any user data beyond your signup info and doesn’t sell that user data to anyone.

 

Bitwarden’s free tier is fairly generous, allowing an unlimited number of stored passwords on an unlimited number of devices. You can only share vault items with one other user, and the free tier doesn’t include the site authenticator or security reports.

Pricing for Bitwarden’s paid tiers ranges from $10 per year for individuals to $40 per year for up to six family members. What Bitwarden calls “collections” — also known as “vaults” — are limited to two except for the family plans.

 

Dashlane

Dashlane, like Bitwarden, is another excellent product if you want more control than Keychain can offer. Its paid plans include compromise reports, as well as dark web monitoring.

Like the ones above, your passwords are only readable by you, not the company. Bitwarden does collect and store — but doesn’t sell — email and payment info.

 

There is a free tier, but it is limited to a single device — and doesn’t include reports. A personal plan costs $33 per year, but the Premium plan for $60 adds a Hotspot Shield VPN for extra anonymity.

 

Dashlane is one of the few here that offers a method to “pass on” your vault to a trusted family member or friend.

If you need a shared plan for a large group, Dashlane’s Friends and Family plan allows up to 10 users and costs $90 per year.

 

Keeper

 

Keeper is another choice that respects user privacy. We’re less enamored of its nickel-and-diming way of getting users to spend more, but like the others, Keeper has zero knowledge of what you store in your account.

 

It does not market or sell what little user data it has, but does share your email and IP address with its service partners. It has a limited free tier you can try out, but it is only for one device — so go for the one-month unrestricted free trial instead.

 

The individual plan costs $35 per year, with unlimited password storage on unlimited devices. The family plan is priced at $75 per year for a total of six people.

 

Other features often included in other companies’ paid plans are add-ons with Keeper. For example, the company’s Breachwatch feature for alerting you of compromises is a paid add-on.

 

NordPass

NordVPN is a well-regarded brand for its VPN service, so we also looked into NordPass as a password manager. As with Keeper, its free tier restricts you to one device at a time and is very limited.

The paid version is the most expensive on our list: $60 per year. This allows up to six devices and includes a password-strength checker and a Data Breach service.

 

As with most of the others, you have to set up two passwords — your normal account login password, and a “master password” if you forget your account password. All of your information is encrypted before being backed up to Nord servers, so the master password needs to be securely stored.

 

One feature NordPass has is a true “password inheritance” feature. You can set a trusted family member to have access to your vault in the event of your incapacitation or passing.

 

The service also has paid tiers that are really aimed more at businesses. Under a business plan, employee accounts are free, but if an employee is let go, administrators can transfer those logins to another employee.

 

We find it annoying that there is no option to combine the benefits of NordVPN with NordPass, apart from just paying for both. NordPass also doesn’t offer a family plan, only the individual option.

Upcoming Events

Click for special offers to Mac Users Groups members.

Website design by Blue Heron Web Designs

Click the image for information about advertising on this website.