iOS Cloud Keychain vs 1Password

Discussion in 'OS X Mavericks (10.9)' started by GoCubsGo, Jun 10, 2013.

  1. GoCubsGo macrumors Nehalem


    Feb 19, 2005
    Undoubtedly, no one can know today, but in time developers will certainly be able to speak to it. As a long time user of 1Password, I question the security comparison. I think it is open for discussion even though it is likely annoying to compare something that is out there now and something we literally heard of 10 minutes ago.

    1Password uses 128-bi AES encryption whereas I believe they said Keychain will use 256-bit AES encryption. Correct me if I am wrong, please. So if you're using Safari on all iOS devices as well as your desktop/laptop etc, then wouldn't this blow 1Password out of the water?

    Or is there more to it? I've paid quite a bit for 1Password on my iPad, iPhone, and OS X, so I wouldn't mind not having to pay for something if it is more secure and just as easy.

    One feature I am not a fan of, at least not on the surface, is the password recommendation. Even if I have 1Password installed, I cannot use the password without unlocking 1Password. I don't think I caught, if it was said, Keychain using such security.
  2. philipk macrumors 6502

    Jun 11, 2008
    I am a 1Password user.

    I hate it! However, it is better for me than any other password solution.

    My biggest complaint is that it isn't integrated into iOS Safari or any other iOS app. That isn't 1Password's fault. Still it is a real pain. I also do not like the Dropbox syncing. I have had several conflicts due to this style syncing!

    What has been needed for years is a solution that is built into the operating system and that syncs between devices. iOS Cloud Keychain is such a solution.

    Hopefully it will be well designed.

    Your last paragraph is essential. For me if it doesn't require a strong master password to use it, it is a deal breaker! The unlock code is NOT enough.
  3. ugahairydawgs macrumors 68030


    Jun 10, 2010
    Very little was said about usage and back end functionality of iCloud Keychain. I agree that without a passcode to unlock it seems pretty pointless.

    I'm also interested to see what sort of back end utility will be available to change passwords and remove certain accounts from the keychain. Slowly but surely I'm assuming all of our questions will begin to be answered on this shortly.
  4. GoCubsGo thread starter macrumors Nehalem


    Feb 19, 2005
    Of course, I realize how premature this is and nearly as annoying as the "does the new MB Air get 20 hours of real-world battery life?" Though I think this feature was given just about the amount of time you would expect of such a feature, when it comes to my data, I try to care. If Keychain uses a higher level of encryption than 1Password without the need for some kind of unlock code, then it is status quo for me.

    The annoyance with 1Password is something I think many can agree on. Go to Safari, load website, forgot password, home button, 1Password (for me it is in another folder), unlock, get password, home button, safari, ****er reloaded, gotta wait, now enter the password.

    It is nothing and yet it is something.

    I am quite glad the beta is out today despite the dev portal being hammered, as I understand.
  5. Bear macrumors G3

    Jul 23, 2002
    Sol III - Terra
    My guess would be that the Keychain Access utility would be expanded to cover the iCloud pieces.

    Hammered is somewhat of an understatement. It's like a massively distributed denial of service attack.


    After some thought, even with iCloud Keychain, you will still want a password application like 1Password or oneSafe.

    It gives you redundancy in case you accidentally clear a password you didn't mean to.

    Also, you're at a friends house and you want to get in to some site on their computer, you can use the password application to look up your user id and password.
  6. MikhailT, Jun 10, 2013
    Last edited: Jun 10, 2013

    MikhailT macrumors 601

    Nov 12, 2007
    1Password 4 uses 256-bit AES now (Mac version is coming out later this year), with many more security benefits that Apple might not take advantage of.

    You can read more in their security stuff for 1Password 4 here,

    Since Mavricks isn't out, hopefully, AgileBits will get 1Password 4 out first.

    Also, many folks might not trust Apple anymore with the latest PRISM news.

    AgileBits can't comply with PRISM requests since they don't have access to your data.

    Well, 1Password is more than a password manager for me, it also store rest of my stuff like serials, notes, file attachments, multiple browser supports, multiple platform support, and so on.

    iCloud Keychain locks you into Safari, you can't reuse it in other apps. How do you get a password to unlock in AirPort app for an example, on either OS X and iOS?

    Also, what happens if iCloud data got lost? How do you back up or restore? I assume through Time Machine but it's going to be difficult to figure out whereas 1Password, you have a file you can just restore through.

    No, it is likely the same way as it is now. It won't ask for a separate password, it'll uses your iCloud account built into the OS X to store those data on their server (which would be encrypted with their own encryption key using your AppleID account to allow access to the said key).

    It is very likely that if your laptop is stolen while the laptop is logged in, your data in Keychain can be retrieved easily.

    Do you mean on the iOS device? I don't even use Mobile Safari anymore, 1Password 4's browser does most of my browsing nowadays, so I'm not as annoyed as I was back when 1Password 3 had that annoying one-tab browser, forcing me to constantly switch between Mobile Safari and 1Password.
  7. spacehog371 macrumors regular

    Dec 13, 2003
    I am anxious to hear if Apple holds the keys for the keychain, or if they don't keep a copy of it. Really not sure I want them to have access to all of my logins, so I'm hoping they don't hold the keys.
  8. Ritte macrumors regular

    Sep 14, 2007
    I use 1password for work and private, for my macs, iPhone and iPad. I like 1password and it works for me. Sure, using the 1password browser on the iPhone isn't the best experience.

    I got excited about iCloud keychain but I can't find it in the Maverick. It seems to be the regular keychain?
  9. maflynn Moderator


    Staff Member

    May 3, 2009
    1Password definitely needs to step up their game, though I think many of its loyal users will be just that loyal.

    I think it 1Password has going for it, is that you can keep your database local, not keep it on the cloud somewhere.

    Another plus for 1Password is its cross platform support,.

    I don't have Mavericks to judge but I think the seamless integration of the cloud keychain may make using it lot easier.
  10. Brammy macrumors 65816

    Sep 17, 2008
    I think so. But I also can't get it to remember any passwords, either.
  11. legioxi macrumors 6502a

    Mar 2, 2013
    OS X 9's keychain would be awesome... if it wasn't cloud based. PRISM and all.
  12. Small White Car macrumors G4

    Small White Car

    Aug 29, 2006
    Washington DC
    Since the government has shown their adeptness at getting directly into your accounts without passwords, what makes you think they'd need, or even want, to steal your passwords?
  13. diepalme macrumors newbie


    Jul 23, 2012
    The passwords in your keychain are all encrypted (triple DES, I think.). So as long as you chose an adequately safe password you can store it online and still sleep easy. Triple DES is not all that modern but still way better than plaintext I guess..
  14. Unhyper macrumors regular


    Apr 7, 2010
    I can't speak to the security algorithms or any of that because I simply don't care about it.

    I have previously purchased and used 1Password on my MBP (10.9) and iPhone (iOS 7). I'm going to be using the iCloud Keychain from now on. I just need something that will automatically sync all the login info between the Safaris on my phone and my Mac. The Keychain does this.

    I just got logged into a website on my phone, saved the password when prompted about it, put the phone down and got on my Mac, and the login info had already synced. This is all I need, and without the hassle that comes with 1Password.

    1Password will still be more full-featured with all the shipping addresses and profiles and whatnots, or simply for the tin foil crowd.
  15. Michaelgtrusa macrumors 604

    Oct 13, 2008
  16. Bear macrumors G3

    Jul 23, 2002
    Sol III - Terra
    I have passwords in oneSafe (could be any other password app like 1Password as well) that have nothing to do with my Mac or web browsing.

    It includes passwords for equipment elsewhere. A reminder for combination locks. No matter how well the iOS Keychain works (and I suspect it will work very well before Mavericks is released) there will always be room for the password apps.

    At the very least a password app is a good backup in case something happens to your keychain and for some reason you can't recover the missing passwords from your backup.
  17. Unhyper macrumors regular


    Apr 7, 2010
    That is a very, very good point. At least with the 1Password Dropbox implementation, you could always have a digital "hard copy" of your data. With the iCloud Keychain, if something happens to your iCloud account, or should you want to close it, I'm not sure how you could go about exporting those passwords unless you do it from Safari... Certainly something to consider. I can see why someone might not want to entirely relinquish that control.
  18. Bear macrumors G3

    Jul 23, 2002
    Sol III - Terra
    My question is if the Keychain Access utility has been updated to handle the iCloud Keychain? If so, that's probably where you would go to check passwords and usernames.

    And as for a "hard copy", I do use the backup function regularly in oneSafe to keep another copy of my data. For the few seconds it takes, better safe than sorry.
  19. AbSoluTc macrumors 601


    Sep 21, 2008
    Maybe it's just me and how I use 1Password but these are really two different utilities. iCloud Keychain is used to store items you use online. 1Password I use to store those things as well as logins for routers, wifi, webpages, computers, any online credential, credit cards, cards, software license keys and the like. I need a secure place for that.

    As far as I know, iCloud Keychain is for Safari only and for webpage login/transactions only. If that's all you need, great. For me, I want more. 1Password works for me. I have it on Mac, Windows, iOS and the like. Synced to my DropBox.

    So yeah, two different types of utilities here.
  20. canyonblue737 macrumors 6502a

    Jan 10, 2005
    Couple of points...

    1. It is entirely possible and LIKELY that iCloud Keychain stored passwords will not only be available in Safari BUT in any Apple app (such as your example of AirPort app) and perhaps even 3rd party app store apps via an API.

    2. Apple has stated that the password data will reside not only in iCloud but on the devices too, just like 1Password does with its syncing.

    The real question in my mind is if Apple will have a good UI for manually editing or copying / pasting passwords in the event the auto-population of forms isn't work and secondly that there is still a forced "master password entry" ala 1Password even if the computer or iOS device is unlocked. Both are important and no word yet on how it works...
  21. Weaselboy Moderator


    Staff Member

    Jan 23, 2005
    The current Keychain app does everything you listed above in your first paragraph. It is not just for web page passwords. From what we have seen, I think it is safe to assume the current functionality will be carried over to iCloud Keychain.

    The added features of the new iCloud Keychain such as credit card entry on web forms and easy PW generation, plus sync to iOS, is going to IMO relegate 1Password to only a relatively small number of power users.

    I think 1Password just got "Sherlocked."
  22. flynz4 macrumors 68040

    Aug 9, 2009
    Portland, OR
    Same here. I suspect that I will continue to use 1Password.

    I *MIGHT* choose to also let keychain to keep website passwords for the sole purpose of making IOS surfing easier. If so, then I would continue to keep 1P as my "master database"... meaning that if I need to change/modify a password... that I would do it in 1P first... and then let keychain update.

    I REALLY wish Apple would have let password apps to integrate with mobile safari. This is one area where apple "sandboxing" gets in my way.

    I do use just about all the features of 1Password... and I'll be shocked if keychain even comes close. I use identities, credit cards, software serial numbers, etc all the time. 1P is really a great application.

  23. mrapplegate macrumors 68030

    Feb 26, 2011
    Cincinnati, OH
    If Apple keeps adding features to iCloud Keychain, like the ability to vary the characters in the password, they might be a competitor to 1Password. As it stands now all it does generate a 12 character password with syncing. Even that does not work currently.
  24. Unhyper macrumors regular


    Apr 7, 2010
    Yeah, Keychain Access on 10.9 has an iCloud section for passwords and usernames stored via iCloud Keychain.
  25. DarkRyoushii macrumors newbie

    Jun 11, 2013
    Just so we are clear.. iCloud keychain uses client-side or server-side encryption?

    I don't particularly want Apple having a nice database of users' passwords on the premise that "Don't worry, we encrypt with 256-bit encryption!" because that's great but if they have the keys it's pointless.

    This is why I've stuck with lastpass, because they can't get in just as much as hackers can't get in.

Share This Page