Just In Time For The Holidays, 1password For Mac
May 21, 2018 - the last time I purchased a license for 1password, I paid $49.99 in. Very useful and keeps all sorts of things secure - not just passwords -.
There are those seasonal moments people look forward to annually. Some might count down to that one fall day when Starbucks brings back their seasonal pumpkin spice menu. I, on the other hand, count down to the release of MAC's annual holiday collection launch.
I can always depend on the iconic makeup brand to bring the glitz and glamour just in time for the holidays every year. However, this year, the is coming early (a whole month early — even before Halloween) and it's good — really good! Just like I expected, the collection is packed with tons of sparkly and shine, metallic accents and pretty limited-edition packaging of their cult-favorite items. However, I wasn't ready for so many giftable collections packed with MAC's best essentials, all ready to have a bow placed on top of them and given to the beauty junkie in your life (even if that means gifting yourself). Ahead, a peek at the MAC holiday line, which is perfectly named the Shiny Pretty Things collection. The Mini Fix+ Trio If you're a fan of the cult-favorite Prep + Prime Fix+ spray, make sure to add this adorably packaged trio to your wish list this holiday season. In the metallic silver bag, you'll find three mini sprays in the colors pink (rose scented), yellow (coconut scented), and purple (lavender scented).
Search Wirecutter For: Search Reviews for the real world Browse Close. Browse Close. PICK SWAP November 18, 2018.
After a new round of research and testing, we still like the same password managers but have decided to flip our picks. Will be our new top pick, and will be our runner-up. Show more. After a new round of research and testing, we still like the same password managers but have decided to flip our picks. Will be our new top pick, and will be our runner-up. We also recommend if you need a free password manager.
If you already use and like another password manager, it’s probably not worth the bother to switch. We’ll be posting our full reasoning for switching the picks in an update soon.
If you’re not using a password manager, start now. A password manager makes you less vulnerable online by generating strong random passwords, syncing them securely across your browsers and devices, and filling them in automatically. After 18 hours of research and testing, we believe that is the best password manager for most people. It has all the essential features, it works with virtually any browser on any device, and most of its features are free. (A Premium version, which costs $24 per year, adds advanced security features, better sharing, and other useful tools.). Once you create a master password for, you’ve made the only password you’ll need to unlock all your other secure data—usernames and passwords, credit card numbers, secure notes (including attachments, such as images and PDFs), contact information, software licenses, and so on.
LastPass stores all this data safely encrypted in the cloud, letting you access it via browser extensions. (You can also download desktop apps, if you prefer, which give you offline access to your data.) It can create new secure passwords on the fly (or capture any manually entered credentials as you submit a form), autofill your credentials when you later visit the same site, and fill in credit card details on demand. It also includes an incredibly handy feature called Auto Change Password that works with about 80 popular sites—you can change your password on the site and update the entry in LastPass with just one click. You can organize your passwords into folders and search them easily, and the Premium version lets you share a folder full of passwords with family members or friends. Is our upgrade pick if you use Macs, iPhones, and iPads. (Some of its features don’t yet work on Windows or on Chromebooks.) It’s pricier than LastPass at $36 per year for individuals or $60 per year for families of up to five.
But its interface is the most elegant of the bunch, with numerous small touches that make it easier to use. It also offers a wide variety of syncing options, including some that bypass the cloud entirely.
1Password can also generate and display the one-time passwords used by many two-step verification systems (thereby substituting for apps like Google Authenticator, LastPass Authenticator, and Authy). And family or business subscriptions to 1Password offer secure sharing. Everyone should use a password manager. The things that make strong passwords strong—length, randomness, variety of characters—make them difficult to remember, so most people reuse a few easy-to-remember passwords everywhere they go online. But reusing passwords is dangerous: If just one site suffers a security breach, an attacker could access your entire digital life: email, cloud storage, bank accounts, social media, dating sites, and more. And if your reused password is weak, the problem is that much worse, because someone could guess your password even if there isn’t a security breach.
If you have more than a handful of online accounts—and almost everyone does—you need a good password manager. A password manager enables you to easily ensure that each password is both unique and strong, and it saves you the bother of looking up, remembering, typing, or even copying and pasting your passwords when you need them. If you don’t already use a password manager, you should get one, and LastPass is a fabulous overall choice for most users. If you already use and like another password manager, it’s probably not worth the bother to switch to LastPass.
Apart from the process of exporting and importing your old data, retraining yourself to do things the way the new app expects may be frustrating. That brief frustration may, however, be worth it if you’re gaining access to features your existing password manager lacks (such as syncing or autofill), or if LastPass is significantly cheaper than what you’re using now. How we picked and tested. There are dozens of password managers you can use, and narrowing down the list was challenging. Although I’d already spent countless hours testing password managers in the course of writing my book, for this article I redid most of the research and testing from scratch because apps in this category change constantly (and often dramatically). I looked for tools that do their job as efficiently as possible without being intrusive or annoying.
A password manager should disappear until needed, do its thing quickly and with minimum interaction, and require as little thought as possible (even when switching browsers or platforms). And the barrier to entry should be low enough—in terms of both cost and simplicity—for nearly anyone to get up to speed quickly. I began by ruling out the password autofill features built into browsers like Chrome and Firefox—although they’re better than nothing, they than standalone apps, and they provide no way to use your stored passwords with other browsers.
Apple’s iCloud Keychain is fine as far as it goes, but it goes only as far as Safari (and system-level passwords, such as those for Wi-Fi networks) on macOS; adding support for a few select apps on iOS. It won’t help if you use Chrome or Firefox, or if you happen to have a Windows or Android device in addition to your Apple gear. Next I looked for apps that support all the major platforms and browsers. If you use only one or two platforms or browsers, support for the others may be irrelevant to you, but broad compatibility is still a good sign that the developers are committed to the product.
This means, ideally, support for the four biggest platforms—Windows, macOS, iOS, and Android—as well as desktop browser integration with at least Chrome and Firefox, plus Safari on macOS. (Most of the password managers I examined also now support Edge on Windows.) I excluded apps that force you to copy and paste passwords into your browser, because life is too short.
A browser extension lets you click a button or use a keystroke to fill in your credentials. And, because most of us use more than one computing device, the capability to sync passwords securely across those devices is essential. There’s little point having a password manager on your computer if you can’t access those passwords on your phone or tablet, too. If you have more than a handful of online accounts—and almost everyone does—you need a good password manager. That still left me with about 20 contenders, so the next thing I looked for was popularity as reflected by frequent positive press coverage and evidence of an enthusiastic fan base. Popularity doesn’t always correlate with quality but does provide a sanity check that an app has passed muster with a reasonable number of experts and regular people. That narrowed my list to nine options, and after I later eliminated KeePass (see ), I had eight finalists to test: 1Password, Dashlane, Enpass, Keeper, LastPass, LogmeOnce, RoboForm, and Sticky Password.
I focused my testing on usability. I did a number of spot checks to verify that the features described in the apps’ marketing materials matched what I saw in real life use—usually they did, but not always—and I compiled a feature comparison table based on those observations. Rather than test every combination of app, platform, browser, and feature off the bat, I set up a simple set of test forms on my own server that enabled me to evaluate how each app performed basic tasks such as capturing manually entered usernames and passwords, filling in those credentials on demand, and dealing with contact and credit card data.
In a couple of cases, this initial testing on one or two platforms was enough to convince me that an app wasn’t worth further evaluation. But if my initial experiences with an app were good, I also tried that app with as many additional platforms and browsers as I could in order to form a more complete picture of its capabilities. I did portions of my testing on macOS 10.12 and 10.13, Windows 10, Chromium OS (as a stand-in for Chrome OS), iOS 10 and 11, Apple Watch, and Android. (Alas, I didn’t have an Android Wear device available for testing the apps that support that platform.) Features comparison chart Additional platforms (beyond Mac, iOS, Windows, and Android) Additional Mac browsers (all support Chrome and Safari) Additional Windows browsers (all support Chrome and Firefox) Form capture Form autofill/autosubmit Support for additional data types (software licenses, passports, licenses, etc.) Primary data storage location Data accessible offline? Data accessible on the Web?
Syncing Automatic password change Security audit e.g., password strength, age, duplicates) Two-factor authentication support Other security features LastPass Chrome OS, Apple Watch, Android Wear, Linux, Firefox OS, Firefox Mobile, Windows Surface RT, Windows Phone Firefox, Maxthon, Opera Internet Explorer, Edge, Maxthon Automatic as you submit forms Optional autofill on page load; optional autosubmit Yes, but no specific support for software licenses except as a secure note category. Cloud-based Yes, with optional desktop app Yes, with ads for non-Premium subscribers. Proprietary cloud service only Yes Yes Yes Emergency access for a trusted person.
1Password Chrome OS, Linux, Apple Watch Firefox, Opera Internet Explorer, Safari, Yandex (version 4); Edge, Opera (version 6) Automatic as you submit forms By default, autofill and autosubmit when you press a keyboard shortcut Yes Cloud-based, with local option Yes, except with 1Password X Yes, subscription accounts only. Dropbox, iCloud, folder sync, local Wi-Fi sync, or proprietary cloud service. No Yes (except version 6 for Windows) N/A for local storage. For subscription accounts, all decryption is local, and requires both your master password and an.
TOTP (time-based one-time password) generator. Watchtower (alerts you to sites with security breaches). Dashlane Chrome OS, Linux, Apple Watch Firefox, Opera Internet Explorer, Edge, Opera Automatic as you submit forms; also captures receipts Autofill on page load Yes Cloud-based Yes Yes, only for premium subscribers. Proprietary cloud service only Yes Yes Yes Emergency access for a trusted person. TOTP (time-based one-time password) generator.
Keeper Chrome OS, Linux, Windows Phone, BlackBerry Firefox Internet Explorer, Edge Automatic as you submit forms Autofill on page load Has one all-purpose record format, which includes a Notes field and supports attachments Cloud-based No Yes Proprietary cloud service only No Yes Yes Emergency access for up to 5 trusted people. Before I get to what’s great about, a word of context: LastPass, and are significantly better than the rest of the field (but see my about, which is moving up quickly). They were all so impressive, and so evenly matched in most respects, that at various points I had each one of them in the top spot. I suspect most people would be equally happy with any of them. What tipped the scales in favor of LastPass was that it now offers cross-device syncing (formerly a paid feature) for free.
Although the company still offers a Premium subscription that adds important features, free syncing makes LastPass a no-brainer for anyone who hasn’t yet started using a password manager. And even its $24-per-year premium tier is much cheaper than 1Password or Dashlane’s paid options. LastPass is a no-brainer for anyone who hasn’t yet started using a password manager.
LastPass has the broadest platform support of any password manager I considered, either free or paid. Its autofill feature is flexible and nicely designed. You can securely share selected passwords with other people; there’s also an Emergency Access feature that lets you give a loved one or other trusted person access to your data.
An Automatic Password Change feature works on many popular sites to let you change many passwords with one click, and a Security Challenge alerts you to passwords that are weak, old, or duplicates, or are for sites that have suffered data breaches. And the relatively new LastPass Families feature lets you securely share passwords among family members. LastPass works on macOS, Windows, iOS, Android, Chrome OS, Linux, Firefox OS, Firefox Mobile, Windows RT, Windows Phone—even Apple Watch and Android Wear smartwatches. (Sorry—no BlackBerry, Palm, or Symbian support.) It’s available as a browser extension for Chrome, Firefox, Safari, Microsoft Edge, Internet Explorer, Opera, and Maxthon, and it has desktop and mobile apps for various platforms.
You can access LastPass in a browser extension, on the Web, or in a standalone app. (In a previous version of this guide, I said that LastPass was your only good option for Chromebooks.
That’s no longer a fair statement, because all my other top picks can now run as extensions in Chrome OS without a separate app. Nevertheless, LastPass’s support for Chrome OS is top-notch, better than most if not all of its competitors.) When you first log in on a site for which LastPass hasn’t already stored your password, it prompts you to do so—click or tap Save Site, confirm (or edit) the details, and then click or tap Save. The next time you visit that site, LastPass fills in your credentials by default (though you can disable auto-fill per site if you prefer); you then need only click Log In or the equivalent button to log in. If even that is more effort than you want to expend, you can ask LastPass to automatically submit the login form for any given site, although doing so may increase security risks. Handling saved identity and credit card data is also simple, although LastPass always requires you to take explicit action before filling in your credit card number. If you need to give someone else access to one or more of your passwords without sending the info in plain text, you can share it using LastPass; the other person will need to have (or create) a LastPass account to view or use a shared password. However, this sort of sharing is static; any later changes you make to that login in your vault won’t sync to the other person.
(One solution here is the $24-per-year Premium subscription, which lets you set up a shared folder that’s accessible for up to five people of your choice—the contents of that folder sync automatically whenever someone makes changes. There’s also LastPass Families, which I discuss below.) In addition, you can designate someone as an emergency contact who can request access to your data under exceptional circumstances—if, for example, you die or become incapacitated. Before that access is granted, the person must wait for a period of time you set (between 3 hours and 30 days), during which time you can decline the person’s access if you’re still able to use a computing device. Dashlane and Keeper offer similar emergency contact features; 1Password does not, although it provides numerous other ways to securely share passwords.
One of my favorite LastPass features, Auto Change Password, comes in handy if a site has had a security breach (or you simply realize your old password is too weak). When you select a site in LastPass and click the Auto Change Password link, LastPass opens a new window, logs in to that site with your existing credentials, generates a new random password, changes your password on that site, and updates its own database with the new password. This otherwise tedious process couldn’t be easier; the only catches are that it currently works with only about 80 sites, and only in Chrome and Safari; and the process can break if a site’s design changes or the site adds steps to the login process. (Dashlane has a comparable feature; 1Password does not.) Most of the password managers I tested have some sort of security audit feature that checks for passwords in your database that are weak, old, or duplicates from other sites.
LastPass calls this feature Security Challenge; in addition to the checks I just mentioned, it also alerts you to passwords saved for sites known to have had security breaches. (1Password offers a similar capability, called Watchtower.) LastPass works well on mobile platforms, too. Although the mobile versions aren’t quite as convenient to use as the desktop versions (owing to operating system restrictions), all the major features (such as adding and editing logins, contact info, and credit cards; generating new passwords; and adjusting most preferences) are present on iOS and Android. Fingerprint identification is supported on compatible devices, as is Face ID on the iPhone X.
It even works on Apple Watch and Android Wear smartwatches, on which you can search and display your passwords and other secure data. At the time of writing, a Premium subscription to LastPass costs $24 per year—far less than 1Password or Dashlane subscriptions—and adds shared folders, desktop-application passwords (Windows only), several additional multi-factor authentication options for logging in to LastPass itself (such as YubiKey and Sesame), desktop fingerprint identification, 1 GB of encrypted cloud file storage (up from 50 MB for free accounts), and priority support. Enterprise accounts are also available, with prices starting at $30 per person per year and decreasing with volume. A feature called allows family members to securely share passwords, bank account information, passport numbers, and so forth.
You can add and remove family members at any time, give each person read-only or read-write access, and use shared folders to control which passwords each person can access (for example, so you can give your child the garage-door key code but not your credit card number). LastPass Families costs $48, or twice that of LastPass Premium; but it also supports six users, so if more than two family members use LastPass, the rest effectively get it for free. I found LastPass Families somewhat less flexible and convenient than 1Password Families, but it’s still reasonably straightforward and a cost-effective way for families to selectively share private data. Flaws but not dealbreakers. The most important thing a password manager needs to do is to keep your data safe, so any type of security flaw is a concern. In 2015, LastPass suffered a much-publicized in which hackers obtained “email addresses, password reminders, server per user salts, and authentication hashes.” The stolen data didn’t include either master passwords or encrypted data, but the breach is troubling nonetheless. (For example, an email address and a password hint alone could conceivably be enough for an attacker to steal someone’s data if they use the same password elsewhere.) A security researcher also uncovered in early 2017, which could have allowed a targeted user’s information to be compromised through.
Both of these flaws were quickly fixed. Other flaws and vulnerabilities have also surfaced and been quickly fixed from time to time. Although in each instance the company took prompt measures to mitigate the damage and strengthen its infrastructure, the fact that LastPass is inherently cloud-based poses a risk some people will want to avoid. Any solely cloud-based service runs this risk, however, and LastPass’s system is set up such that even with the successful hack, no one’s passwords or data were stolen. Apps such as 1Password that provide an option for local storage and cloud-free sync methods are one way to address this worry, but for most services it’s a choice between cloud sync and no sync at all, and we think the advantages of having your strong, unique passwords available on all your devices outweigh the risks. Partly because of the limitations of squeezing its user interface into browser extensions, LastPass has less visual polish than 1Password.
LastPass also has lots of preferences (per browser) in addition to account-wide settings, and far too many of them aren’t self-explanatory. But people who aren’t computer geeks and who don’t want to study the documentation can probably just ignore most of that stuff. LastPass also makes heavy use of the color red, which may be great for branding, but, given that red is often associated with alerts or warnings in the US, constantly makes me think there’s something wrong.
In fairness, LastPass’s look and feel have improved significantly in recent years and will likely continue to get better in future updates. My only other quibble with LastPass is that the free version shows ads in its Web interface. I don’t associate ads with privacy, so putting them on the same page as my passwords doesn’t thrill me. However, I can recall seeing ads (discreetly, in the sidebar) only for LastPass’s own products, the ads disappear if I enable an ad blocker in my browser, and the $24 Premium version makes them go away altogether. So, as ads go, these are as inoffensive as can be.
Upgrade pick for Apple users: 1Password. If you’re a Mac, iPhone, and/or iPad user with a few extra bucks, and you’d like even more bells and whistles in your password manager, is well worth a look.
1Password has a more polished and convenient user interface than either LastPass or Dashlane. It’s also a little faster at most tasks; it has a local storage option if you don’t trust your passwords to the cloud; it gives you more options than LastPass for working with attached files; and it can auto-generate one-time tokens for many sites that use two-step verification—LastPass requires a separate app for this. 1Password is, however, more expensive than LastPass and doesn’t work on as many platforms: Windows users, especially, are better off with LastPass. 1Password nearly always requires fewer clicks or keypresses to accomplish a task, such as generating a new password or finding an existing login, than its competitors do. (However, it always requires at least one keystroke or click to fill in and submit your credentials—there’s no option to automatically fill in and submit a form, without any intervention, when a page loads. AgileBits, the developer, says this limitation is for security reasons, as highlighted by a that works against browser password managers.) It also shows the icon of each app for which you’ve added a software license—a nice touch. I prefer 1Password’s security model, too.
Although you can sync all your passwords to the cloud in any of several ways, you don’t have to; you can store everything locally if you prefer and sync via a direct Wi-Fi connection or a folder on a local network server. Even when you opt to store your vault in the cloud with one of the 1Password subscription plans, your master password and account key are never stored in the cloud or transmitted over the network. You can create more than one vault, too—either for organizational convenience or to share each one with a different set of people. Speaking of which, the options for sharing selected groups of passwords with family members or coworkers who also have paid accounts are extensive and powerful. Furthermore, 1Password’s data format is, a type of transparency I appreciate—that you don’t get in LastPass or Dashlane. 1Password offers Mac and iOS users features not found in LastPass plus a more-polished interface. One of my favorite 1Password features, which a few other password managers have now adopted too, is a built-in TOTP (time-based one-time password) generator and viewer.
If you’ve set up two-step verification for, say, your Dropbox, Google, or Microsoft account, you probably use a separate app (such as, or ) to generate these six-digit codes that change every 30 seconds. 1Password can generate them instead, saving you the bother of opening a separate app. (And its desktop interface for setting up a TOTP is truly brilliant: It has a built-in virtual QR code reader that can scan setup codes displayed on your computer’s screen—no camera required.) And once 1Password has filled in your credentials on a webpage, it automatically copies your TOTP to your clipboard so you can immediately paste it without having to make another round trip to the app. Another feature, lets you see if your password has been leaked in a security breach by checking their hashes against the master list.
1Password is a real joy to use, and I would have loved to make it my top pick for everyone, but I got stuck on two key issues: price and platform support. At the time of writing, a subscription runs $36 per year for individuals (again, covering any number of personal Macs and PCs) or $60 per year for families of up to five people. So, although a family of five would end up paying the same per person as for a LastPass Premium subscription, individuals on a yearly subscription pay 50 percent more than LastPass Premium users.
There’s also a hidden option that costs a whopping $65, which covers usage by one person on any number of Macs and PCs but does not include Agilebits’s cloud syncing or the 1Password X browser extension, so it doesn’t work for Linux or Chrome OS. (It does include Windows and Mac browser extensions, and you can use Dropbox or—on Mac—iCloud for syncing.) Most people should opt for the subscription. 1Password also works on Chromebooks and Linux, thanks to a Chrome extension called that (like LastPass) communicates directly with 1Password’s cloud storage and doesn’t require a separate app. However, 1Password X is a bit more limited than the full version—for example, it doesn’t support local syncing, and the password generator built into 1Password X doesn’t let you choose the length or complexity of passwords. Windows support is better than Chrome and Linux support, but the fact that it hasn’t yet reached parity with the Mac version also prevents me from considering 1Password an all-around upgrade pick. The main issue here is that there are two different current versions of 1Password for Windows, and neither of them has a complete set of features.
Version 4 works fine and includes most of the great features from the Mac version, and it includes an extension for Internet Explorer, but not for Edge. Unfortunately, it doesn’t support individual, family, or team subscriptions (or the lower prices that go with them), and therefore doesn’t support secure sharing, either. And it has a rather homely, dated user interface.
Version 6, which has been rebuilt from scratch, does support subscriptions and sharing and has a lovely, modern look and feel. It includes an extension for Edge, but not for Internet Explorer.
Just In Time For The Holidays 1password For Mac Download
It also lacks support for local (non-subscription) vaults, and it’s still missing some security features. AgileBits has announced that when version 7 for Windows ships (the company hasn’t announced a timeline), it will at long last include support for both standalone licenses and syncing without using a subscription. When that day comes, I’ll be glad to reconsider making 1Password my upgrade pick for all platforms—as long as one of its competitors doesn’t usurp that position, which is looking increasingly possible.
The competition. Like LastPass, Dashlane can operate as a browser extension, a website, or a standalone app (with offline access to your passwords). Is neck-and-neck with LastPass in terms of features, although the two products’ interfaces differ and they handle data in slightly different ways.
Dashlane has a slicker interface that feels more comfortable to me than LastPass, and it’s evident that a lot of care went into its design. Like LastPass, it includes an automatic password changing feature and the option to designate an emergency contact. It can also detect when you’ve purchased something online and store a receipt for that purchase (much like capturing information you fill into Web forms). And, like 1Password, it now has a handy, built-in time-based one-time password (TOTP) generator. There is a free version of Dashlane, but if you want syncing (a must-have feature for the purpose of this guide), you’ll need the paid, Premium version, which at $40 per year is more expensive than either LastPass Premium or 1Password—yet not obviously better.
Compared to the rest of the field, it’s a fantastic password manager; there’s just little reason to buy it over either of our top picks.: Keeper is the most-improved password manager since the last time I tested it—virtually all of my complaints have been addressed. It can store and fill contact information, credit cards, secure notes, and other data types in addition to usernames and passwords; you can now create passwords up to 51 characters long (versus the old limit of 16); the process of saving and filling form data has been simplified; and the old, irritating prompts to purchase extra cloud storage space have disappeared.
In addition, Keeper now offers emergency access to up to five contacts of your choice, secure sharing, and a variety of other useful features. All of this adds up to excellent progress and a product that, overall, competes nicely with the likes of LastPass, 1Password, and Dashlane. However, it’s packaged as a glorified Web app, rather than using native controls on each platform, which is unfortunate; and it still lacks some higher-end features like a time-based one-time password generator, and your data is available only when you’re online. What concerns me the most about it, however, is its history, because it spent so many years of its existence as a subpar tool with questionable marketing tactics. Since so many features are quite new, I feel reluctant to recommend it against competitors that have had them for years. It takes time to build up trust and reputation, which are arguably just as important as raw features when you’re talking about an app that holds such important data. Meanwhile, it’s still more expensive than LastPass.
In short, I’m delighted to see Keeper’s improvements and will be paying attention to its ongoing development (and third-party reviews). If it keeps up the good work, I could see it moving up to become one of my top recommendations.: A well-established and competently designed password manager, RoboForm does what it does pretty well, but it doesn’t have the breadth of features of our picks and won’t run on your smartwatch (but hey, Palm users, it’s got you covered). In addition, if you’re using a Mac, filling in forms on an already-open page always requires at least a couple of clicks, which is more awkward than the methods other managers use. Recent updates have added support for Microsoft Edge on Windows, Touch ID and Face ID on iOS, shared folders, a security audit, and an emergency access feature (except on Mac). All these developments are great, but the Mac version lags significantly behind the Windows version—and has for quite some time. RoboForm has eliminated its one-time purchase option in favor of a subscription model.: If you’re familiar with 1Password, Enpass may appear eerily similar. To put it charitably, one can see where the designers of Enpass found their inspiration.
That may seem like a good thing given how much I like 1Password, but the devil is in the details. Enpass can sync between devices using a service such as Dropbox, but it has no associated cloud service of its own that gives you access to your data in a Web browser or lets you share passwords securely with other users. It lets you store and fill credit cards and add secure notes or file attachments, but you cannot autofill contact info. Enpass is also the only password manager I tested that doesn’t support Internet Explorer on Windows. And although Enpass can generate time-based one-time passwords, its interface for setting them up is far less elegant than 1Password’s.: The first danger sign I noticed with Sticky Password was its random password generator, which creates only 20-character, alphanumeric passwords without any punctuation. Those are too weak for my comfort, and can’t be customized to meet each site’s requirements. (In fairness, it’s an improvement from an earlier version that produced only 15-character passwords.) Form capture within browsers was problematic when we tested for a previous version of this guide, but has improved.
However, the user interface still feels rough, and importing from the macOS keychain did not work correctly. Like Enpass, Sticky Password gives you no option to access your data on the Web, and its platform support is limited to Windows, macOS, Android, and iOS. On the plus side, a portion of the proceeds from Premium subscriptions goes to. I’m not kidding.: The LogmeOnce website reads like a big infomercial, and it goes out of its way to convince you that the product magically erases the need to ever use passwords again.
But that’s hyperbole at best. What you can do is avoid typing your master password and instead unlock LogmeOnce with a PhotoLogin feature that snaps your photo using your computer’s built-in camera, sends that photo to your phone, and asks you to enter a PIN and then tap a button on your phone to authenticate. In a previous version of the software, that procedure crashed the LogmeOnce iPhone app every time I tried it. When I tried it with the latest version, it worked, but still struck me as far more awkward than simply typing a master password or using fingerprint authentication or the iPhone X’s Face ID. I found other bugs too, such as the form autofill feature entering only my zip code or city, and putting it in the Street field. By default, the LogmeOnce UI takes over all new windows or tabs in your browser, and logins are autofilled and autosubmitted without giving you a chance to see what happened. You can turn these behaviors off, but I disliked the “in-your-face” approach it starts with.
Other annoyances included ads in the free version, an inability to access my data offline, and a lack of browser integration on Android. As for the remaining password managers that didn’t make my cut, here are some of the reasons:. Too few professional reviews: Password managers that only rarely came up in online coverage (especially in reviews and comparisons of top apps in this category) included,. As I mentioned earlier, this alone doesn’t mean there’s anything wrong with these apps, but they didn’t pass my “lots of people are talking about this, so I’d better check it out” test. Inadequate browser integration: Apps that didn’t have extensions for some or all of the top browsers included,.
Without a browser extension, you can still use one of these apps while browsing the Web, but doing so involves the hassle of constant copying, app switching, and pasting. Limited platform support:, and have no mobile apps, and is available only for GNOME. What about KeePass? Is extremely popular in certain circles and almost made my cut. I felt it deserved special mention here, because of its popularity and because it sort of meets my must-have criteria.
KeePass is the only one of the password managers mentioned here that’s open-source, and that’s attractive in terms of both cost (zero) and security (since it’s open to review). However, the only official build of KeePass is for Windows; and although unofficial ports, derivatives, and compatible apps are available for most other platforms, they vary widely in their features and interfaces, and not all of them are free. Several of my must-have features (including cloud sync and browser integration) are available only by way of optional plugins, some of which aren’t supported on all platforms.
(A variant of KeePass called —available only for Linux, Windows, and macOS—has fewer features and does not support plugins, so it would not have made my list regardless.) When nearly every entry in the KeePass column of my feature table was “it depends,” I realized I couldn’t make a fair, apples-to-apples comparison to other password managers. And while KeePass may appeal to tech-savvy readers who don’t mind tinkering and experimenting to get their desired results, an app like this without a consistent user experience and with no official support is something I felt uncomfortable recommending for most people. Some have argued that any password manager that uses a browser extension increases your security risk (see, for example, Sean Cassidy’s editorial ). It is true that vulnerabilities in some browser extensions have been found, but the alternative—copying and pasting—introduces security risks of its own, besides being so much less convenient that it may discourage people from using a password manager at all. In my opinion, the benefits of browser extensions significantly outweigh their risks. Jesse Plautz, Zapier Blog, October 29, 2015.
Michael Ansaldo, PC World, April 17, 2016. Robert McGinley Myers, The Sweet Setup, August 8, 2017. Kimberly Alt, A Secure Life, June 21, 2017. Mike Tanasychuk and Allyson Kazmucha, iMore, October 18, 2016. Swati Khandelwal, The Hacker News, July 29, 2016.
Neil J. Rubenking, PCMag, December 7, 2017. Thorin Klosowski, Lifehacker, January 30, 2015. Jenny Knafo, Devolutions Blog, June 2, 2016. Jon Martindale, Digital Trends, September 13, 2017.
Jason Fitzpatrick, How-To Geek, November 2, 2016., Slant, January 24, 2018. April Glaser, Wired, January 24, 2016 Further reading.