Unlocking the power of password managers: 1Password, LastPass, RoboForm reviewed

“This week, I took a look at three password-manager apps for consumers: LastPass, by a company of the same name; 1Password , by AgileBits; and RoboForm, by Siber Systems,” Bonnie Cha writes for AllThingsD.

“Each app stores all of your various information in one central place, where it’s protected by a single master passcode. This way, you only have to remember one password, instead of dozens,” Cha writes. “And since the apps automatically fill in the data for you, they also allow you to use more complex, stronger passkeys for everything else.”

Cha writes, “All three apps performed their main duties well. For most users, LastPass is a good option. The free version offers more than enough features, and it’s easy to use. If you’re wary of trusting the cloud, you can always check out 1Password and RoboForm using the free trials before deciding to buy.”

Read more in the full article here.

Related article:
Use OS X to help you create strong passwords – August 8, 2012

29 Comments

  1. Great! Only one password to hack. A safe and secure password is easy enough to create. A tutorial on this could be stated in about 3 paragraphs. It’s not complicated or arcane. The most important lesson is to change them often.

    1. Creating a safe and secure password isn’t the problem; it’s remembering all the goddamned things. So many sites have different requirements, you can use most of your passwords across sites, and shouldn’t anyway.

      So, with the 100+ different sites, services, and accounts I manage and use, it’s completely and utterly impossible for me to remember them all – especially when you want me to change them often, too!

      So, I use 1Password. It solved a huge problem for me. Maybe it created risk of another, but my situation was completely unsustainable before I started using 1Password.

      1. I keep waiting for the Whatever Web Consortium to agree on and establish consistent rules for web passwords…
        8 letter
        1 Capital
        2 Numbers
        1 Symbol
        1 Invisible space
        3 Backspaces
        No more than three repeated characters
        And, you must use 3 fingers.

    2. Most people only use one password for everything anyway, if they can help it, or use a variation of that same password (like adding a number, or capital letter, etc.). So what’s the real difference?

    3. 1Password stores your passwords in an encrypted keychain and uses a single password to decrypt it. But, that password is only stored on your computer (or in Dropbox, if you prefer to sync your passwords to multiple computers or to your iPhone/iPad). It remains encrypted in Dropbox. So, if you were to create a secure password for your 1Password keychain and change it regularly, you can use randomized passwords for every other website, ensuring that a security breach at one won’t lead to a breach at others.

      You can also easily change passwords on the site without loading the 1Password app as it uses a Safari/Chrome/Firefox extension to communicate with the daemon running on your computer.

      I’ve been using it for years and haven’t had to remember more than a handful of passwords that I have to enter regularly.

        1. 1Password uses a package for its keychain, instead of a single individual file. This way, each password is stored in its own encrypted file so when changes are made, the single password is all that has to be synced, rather than the entire keychain.

          Plus, Apple’s keychain doesn’t support being stored in custom locations. Your 1Password keychain can be stored wherever you prefer, with Dropbox as its recommended location.

          Lastly, 1Password stores significantly more than Apple’s keychain: software serial numbers, encrypted notes, and even bank account and credit card numbers.

          Apple’s built-in keychain only stores web passwords when it recognizes the fields you have filled as login/password fields. Further, the login keychain is unlocked automatically upon login, making it possible for anyone to use your passwords if they’re sitting at your computer. Further, with the advent of iCloud, your Mac’s keychain can no longer be synced between computers. 1Password can, thanks to its in-built Dropbox support.

    1. I’ve been using LastPass for a couple years now. Love it. You can also have extra protection using yubi keys or a usb key so even if someone figures out your lastpass password they can’t get in since they don’t have your yubi/usb key.

  2. I have used 1Password for years. Have a very strong password as the main password for that. Data is not shared with the cloud, but does sync using Dropbox to my other devices. It is a great app, a time saver.

    Sure it is simple enough to create your own secure passwords, but unless you want to trust using the same password (or set of passwords) on multiple sites, it is much better I think to use a tool that will generate super-strong unique passwords for each individual site. That way, when a site is hacked, which happens, your password will not be used to try to get access to your facebook or iTunes account, which we have seen happens.

    1. same. I got 1Password Pro for my iOS devices when it was free. (LONG time ago) and bought 1Password for Mac.

      I don’t use them to autofill passwords though, just to keep everything secure.
      I have 7 different passwords for work (annoying as hell) and an alarm code that changes every two months…. without 1Password i’d never remember them. (When I have to change a password, the last 6 passwords used are remembered so I can’t reuse them.. and As I said 7 different passwords… so remembering them off top of my head, not easy)

    1. Not sure what all features SplashID has, but 1Password lets you store software serial numbers (for the rare occasions today that they’re still needed), secure notes, credit cards, bank account numbers, all the things you might need access to on the go but don’t want written down in your wallet. And on the iPhone app you get two levels of protection with a 4-digit unlock code and the Master Password which is required to actually view any sensitive information.

  3. It doesn’t matter what your password is or how strong it is. Every time I’ve been hacked, it was because the website’s entire database of usernames and passwords were compromised. These apps are a great idea to keep all your passwords different, but what happens when all the usernames and passwords for these sites become compromised? Then the hacker would have everyone’s passwords to all their accounts everywhere. If I were a hacker, it’s password banks like these I would target first!

    1. So, just don’t store the database online – I don’t.

      I’m using 1Password, but only Wi-Fi sync between desktop and iPhone. Only risk is losing a machine, but A) I’ve never lost or had a machine stolen in my life, and don’t plan to, and B) I can use iCloud to remote erase if it did happen.

  4. I’m not a fan of having someone else take care of my passwords. Who do you blame if things go wrong? Yourself!
    There are a few apps out there but I choose FireBox. It syncs my iPhone and Mac and keeps all kinds of data. Also most of these apps have backdoors but I’ve found no activity leaving my Mac.

  5. I use datavault from the mac app store and the ios app store. Keeps my mbp and iphone synced up. I have used it for about 5 month now and i’m very satisfied so far. I was getting tired of making 20 different passwords and trying to remember them. Now all my passwords are just random numbers, letters, and symbols.

  6. I highly recommend SplashId , because i have used it myself. Browser integration is fabulous. Also it is very easy to use. As soon as you create your account, you can actually set a pattern for splashid login, therefore you technically have to remember zero passwords. Extremely secure for USB usages as well. highly recommended.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.