Apple Announces iCloud Keychain, 1Password-Like Password Manager

[skippymac]

LOL. I bought 1Password yesterday

+1 I bought mine a month ago. However I like the fact that 1Password resides on my machine, not on the cloud where government snoops can get it.

I too bought it recently and was a little annoyed, but like you say, I like the cross platform goodness and the fact I can store it locally. I may find a place for both, especially if the iOS keychain thing works well with apps.

I feel ya, but think about how Agilebits must feel (the devs).

I was actually wondering if they heard about this in advance, (from Apple or otherwise) as they started a half price sale not 2 weeks ago, calling it a "pre-WWDC sale" iirc. Possibly trying to get as many sales as possible before this.

 

[h00ligan]

Agree with all the PRISM crap lately a statement in light of something like this wouldn't have been amiss, but aside from that, I've been wanting this functionality in Apple land for years. Tried 1Password, hated it (I'm in the minority I realise, but it just didn't work as I expected and was always asking me for information and popping up when I thought it should "just handle things"), so I'm thrilled to see this, especially since we lost some of this functionality when we lost iDisk.

This is a great addition in functionality, very glad to see this.

You might have used an old version. My only complaint is the iOS apps being so much better than the desktop app....though I am goin to point out one minor thing that annoys me in the iOS version to the devs

I don't think this will a) matter much to third party devs b)provide any real security to the end users who will use it.

They'll still use a four digit pin on the device and still use a eek password like grandma on the keychain. So.....

I doubt even that most the people talking s are running a 14 character random password on their phone and a different one on the 1password, and not jail breaking, and using VPN for all connections to their home network which then bounces to an anonymous VPN.

People won't even bother to type a s: after http

 

[ckeck]

To each his own. I'll take the convenience. If the NSA wants to read my boring ass email full of Amazon receipts and porn spam....then more power to them.

And that younglings is how your liberties and privacy perish. Seems like a minor issue now but this leads to far worse.

Very dangerous mentality.

 

[IGregory]

I feel ya, but think about how Agilebits must feel (the devs).

I'll withhold judgement until I see it. 1Password is at the top of the heap as far as I am concerned.

----------

I feel ya, but think about how Agilebits must feel (the devs).

I'll withhold judgement until I see it. 1Password is at the top of the heap as far as I am concerned. Plus, 1Password does other things like: secure notes, identities and accounts. 1Password will be updating its program shortly with enhancements.

----------

How did I do that?

 

[stol]

I feel ya, but think about how Agilebits must feel (the devs).

1Password is a cross-browser solution, so it wins the case. They should focus on pointing this out.

I can see though using iCloud Keychain with some not crucial passwords [e.g. MacRumors login ] mainly because I am usually bored to open the 1Password app on iOS and have to copy password or use the embedded browser.

Now regarding privacy/safety/PRISM/whatever issues, how is iCloud less secure than, say, Dropbox? (which is what 1Password suggests for keychain sync)

 

[ckeck]

Now regarding privacy/safety/PRISM/whatever issues, how is iCloud less secure than, say, Dropbox? (which is what 1Password suggests for keychain sync)

The 1Password key file is itself encrypted before it's placed on a service such as Dropbox. So if your data was shared by Dropbox as least you know that the keyfile is hardened, to some degree anyways.

I'm not sure on what scale Apple is actually participating in everything that is going on or if they would make your data available in wide open fashion. This is the main difference I can see with the information available.

 

[ugahairydawgs]

And that younglings is how your liberties and privacy perish. Seems like a minor issue now but this leads to far worse.

Very dangerous mentality.

That ship has sailed. To me the decision is not which online provider to use. Anything is vulnerable once it is online. So the true decision becomes what content do you let leave your local machine.

 

[Stella]

1Password works with the majority of login / info etc pages and has taken a long time to do so. Plus Agilebits are very responsive. I highly doubt Apple's solution will be as reliable and will be as responsive to fix bugs that cause login and other info pages not to work.

The existing fill functionality of Safari is so unreliable its not worth using.

I'm sure AgileBits will suffer loss of sales due to this, but they can advertise on significant shortcomings of iCloud keychain.
Also, whats to stop Agilebits from using the iCloud Keychain to integrate with 1Password, assuming Apple allow this?

As others point out - 1Password works with multiple browsers and multi-platform. Apple's solution will work for Safari and Mac only.

1Password 4 is just around the corner.. looking forward to v4.

 

[thefourthpope]

The biggest issue for me will be not wanting to re-submit all my logins. Right now they're in 1Password, and I doubt that Apple will include an "import from 1Password" option (1P does have "import from Safari"). So, my own issues with Apple having direct access to all of my logins aside (I have no reason to think the NA can't get into Agilebits), this likely won't be something I pick up.

----------

I'll withhold judgement until I see it. 1Password is at the top of the heap as far as I am concerned. Plus, 1Password does other things like: secure notes, identities and accounts. 1Password will be updating its program shortly with enhancements.

Given how poorly Safari handles autofill from my contact card (inconsistently distinguishes between multiple email/physical addresses, etc.) I also doubt they'll trump 1Password

 

[iSee]

I too bought it recently and was a little annoyed, but like you say, I like the cross platform goodness and the fact I can store it locally. I may find a place for both, especially if the iOS keychain thing works well with apps.



I was actually wondering if they heard about this in advance, (from Apple or otherwise) as they started a half price sale not 2 weeks ago, calling it a "pre-WWDC sale" iirc. Possibly trying to get as many sales as possible before this.

Add me to the list of recent purchasers!
Oh well. 1Password does seem to have some additional features and works on Windows too. And OS X 10.9 & iOS 7 aren't out yet.

 

[thefourthpope]

That ship has sailed. To me the decision is not which online provider to use. Anything is vulnerable once it is online. So the true decision becomes what content do you let leave your local machine.

I think you mean the content you choose to let leave your pen and paper . The always-on data connections have really blurred that local/online distinction.

 

[ChrisA]

To each his own. I'll take the convenience. If the NSA wants to read my boring ass email full of Amazon receipts and porn spam....then more power to them.

I agree. These people complain but don't think. They don't want to store email on the cloud because some one might see it. Well it is TO LATE. The email was already inside 3 to 12 email servers BEFORE you got to read it. Those servers get backed up and so now your old mails are on dozens of disk drives all over the world.

But it you store you email locally on you own drive you feel better because "you have control".

I currently have 100+ documents on iCloud, mostly made with Pages. It works well. I can work on a document at home on my iMac or on the macbook or I can even leave my computer at home and use one of the iMacs in the university library. It gets backed up for me. OK maybe someone can read it. but I'mm will to bet to $$ that it would be easier for you to break into my house and take my iMac then for you to get my data off iCloud.

 

[Mr. Retrofire]

Now regarding privacy/safety/PRISM/whatever issues, how is iCloud less secure than, say, Dropbox? (which is what 1Password suggests for keychain sync)

The OS X keychain has certain recovery options. It is easy for Apple to encrypt a second copy of your keychain with the public key of the NSA. Only the NSA can decrypt this copy of they keychain (public key cryptography). Apple has implemented a key recovery mechanism in FileVault 2, so a similar “invisible” recovery mechanism in the OS keychain would not surprise me.

 

[rohitp]

iCloud only?

I sure hope there's a way to sync this w/o using iCloud. I use 1Password but stick to syncing on my network and do not use iCloud for that. Even my devices are backed up to my Mac's external HD.

I use iCloud for my contacts, etc., but for my passwords and login credentials... NO!! Good enough reason to stick with 1Password.

 

[Yuppi]

From a PRISM perspective the idea of storing your passwords in the cloud does not really make a difference. They can get access to your server side data anyway.

I think I will use both, 1Password and keychain. Keychain for stuff like WiFi passwords and passwords that I use frequently on a mobile device (which are not many). But the rest will still be managed by 1Password, because it works on many other devices, has a web page (which you can access with any browser from any device) and can store other data as well..

Lets wait and see what Apple is exactly doing with it. I just hope, and think that AgileBits will do this, that 1Password will work with the keychain export as well as import.

 

[Michaelgtrusa]

Can you back up this keychain? 1password will be ok for now.

 

[tobyw7]

+1 I bought mine a month ago. However I like the fact that 1Password resides on my machine, not on the cloud where government snoops can get it.

1Password actually supports iCloud and Dropbox for 1Password Anywhere - which lets you access your passwords from any web-enabled device. Obviously if you don't use that feature then it is all stored on your computer locally only.

 

[chaosbunny]

I don't have that many accounts so I don't need this. Plus I don't use iCloud or similar services anyway.

As long as I don't have to use stuff like that it's great for people who don't value their personal information.

 

[cclloyd]

Apparently my passcode isn't strong enough to use it on my iphone...

 

[ChrisA]

In light of PRISM i'm wary...

I assume the data are al encrypted before it leaves your device. If not then, yes this is useless. But let's assume the engineers at Apple were at least half way competent and used encryption with the key remaining on the device

----------

IAs long as I don't have to use stuff like that it's great for people who don't value their personal information.

I figure the information is encrypted. If it then you can show it to anyone without worry.

It's no worse then sending credit card information over the Internet. As long as your use https:// you are OK, well OK if you trust the end point (like Amazon) to not leak your data.

----------

I sure hope there's a way to sync this w/o using iCloud. I use 1Password but stick to syncing on my network and do not use iCloud for that. Even my devices are backed up to my Mac's external HD.

I use iCloud for my contacts, etc., but for my passwords and login credentials... NO!! Good enough reason to stick with 1Password.

If one wants to be paranoid, how do you know that 1Pasword is not sending your data to someplace? I don't think they do but I can't prove it. So it comes down to either (1) we use only Open Source software that we build ourselves or (2) we trust the people who sell us the service. So, why not trust iCloud to get is right? We can assume the data are stored using strong encryption.

 

[Mr Rabbit]

It can store other things like Serial Numbers/product keys for software, etc all securely.

Not sure how 1Password implements this (if it's the same "pop up and confirm" process like password or not) but wouldn't Keychain's secure notes provide similar functionality? Thats basically how I track my serials and account info at home, using secure notes that must be unlocked using your keychain password in order to view the sensitive content. If keychain is syncing your full keychain contents then it seems like this will be included.

 

[isomorphic]

I am a long-time 1Password user. I was one of the people who complained, loudly, when 1Password removed LAN-based syncing in favor of either iTunes or cloud-only options. (To AgileBits' credit, they now have a beta USB syncing utility which somewhat addresses the problem.)

It amuses me to see people suddenly concerned about cloud services, now that the PRISM news rubs everyone's face in it.

I'm sure iCloud Keychain will be very nice for those who use Safari only and don't care about the cloud. In the meantime I will keep my passwords file--encrypted or not--off cloud services.

I'm not opposed to cloud services for documents, but keeping all your passwords on third-party servers is just asking for trouble.

(Yes, a properly-AES256-encrypted file is unlikely to be decrypted--if the encryption has no bugs and there aren't any surprise escrow keys. Very recently Apple had a bug where FileVault was logging plaintext passwords to the bloody system console. The impact of that bug is much less severe when there aren't a zillion copies of your encrypted data everywhere.)

 

[trainwrecka]

Should have been titled: Apple resurrects a feature from .Mac and MobileMe and makes it better. This needs to come back.

 

[jrm27]

I currently use LastPass, and it has been great. I wish I could use it on my phone without jumping through so many hoops, but I haven't had too much of a problem with it yet.

I liek the idea that icloud keychain would be able to access all my passwords while on my iphone/ipad. That'd be really nice.

 

[unplugme71]

Not sure how 1Password implements this (if it's the same "pop up and confirm" process like password or not) but wouldn't Keychain's secure notes provide similar functionality? Thats basically how I track my serials and account info at home, using secure notes that must be unlocked using your keychain password in order to view the sensitive content. If keychain is syncing your full keychain contents then it seems like this will be included.

1Password allows you to enter more meta-data like purchase date, purchase price, purchase location (store), has fields for support email, support contact name, etc.

So when you want to price compare from last years version, or need support, you have your serial number, order number, email or phone number to create the request all from one screen.

Sure you can type it in notes, but 1Password does a great job of storing this info. Plus you can create tags for quick searching when you have a lot of serialized software titles.

----------

I am a long-time 1Password user. I was one of the people who complained, loudly, when 1Password removed LAN-based syncing in favor of either iTunes or cloud-only options. (To AgileBits' credit, they now have a beta USB syncing utility which somewhat addresses the problem.)

It amuses me to see people suddenly concerned about cloud services, now that the PRISM news rubs everyone's face in it.

I'm sure iCloud Keychain will be very nice for those who use Safari only and don't care about the cloud. In the meantime I will keep my passwords file--encrypted or not--off cloud services.

I'm not opposed to cloud services for documents, but keeping all your passwords on third-party servers is just asking for trouble.

(Yes, a properly-AES256-encrypted file is unlikely to be decrypted--if the encryption has no bugs and there aren't any surprise escrow keys. Very recently Apple had a bug where FileVault was logging plaintext passwords to the bloody system console. The impact of that bug is much less severe when there aren't a zillion copies of your encrypted data everywhere.)

This is why I hate that 1Password won't use WebDAV and only Dropbox or iCloud. I rather be the 'owner' of my data.

I have two Mac Mini's, one at my place and one at my parents, both behind a firewall. Both Mini's run OS X Server with a VPN connection to each other. Data is sync'd across regularly and encrypted. I can connect my iPhone and iPad over VPN to either server to get my data. This method provides me with an off-site location, ownership, data replication, and security. The fact they live 1,200 miles away also helps that if my server is down due to hardware or local network conditions, I can still connect to another region of the US where it may not be impacted. Or if I happen to visit them, I'm pulling data locally or from a closer 'server'.

Most apps let me sync my pref's or files using WebDav, except for 1Password. This is the one reason why I may actually ditch the app!

I wish I could setup another Mac mini on the west coast, as this would give me three geographic points to connect and replicate too.