Secure Password Managers

netnothing · Apr 9, 2007

I recently made the switch to the Mac...long time PC user. I still use my PC, but I'm trying to migrate as much as possible over to the Mac.

On the PC, I used a freeware program called KeePass http://www.keepass.info to save and manage personal and business related login information. Very nice program, creates an encrypted file that is easily backed up. I don't use any of the extended features like browser integration and such.

The other nice thing is that it's opensource. I don't really like paying for password managers that aren't open....when the source code isn't available to the masses, then I'm nervous of what the program is doing.

Is there anything like this program for the Mac? Either built in, or a standalone program?

I guess if I have to pay for a program, I heard Little Snitch is a good piece of software to have to let me know and stop things from phoning-home?

I just need an application that is secure and encrypted to store all this login info. Any thoughts?

Thanks!

-Kevin

Mitthrawnuruodo · Apr 9, 2007

Try Keychain Access, Mac OS X own built-in password manager...

yellow · Apr 9, 2007

"Password Plus" does a pretty good job of storing information of all sorts in an encrypted file.

killmoms · Apr 9, 2007

The Keychain is what you want. Use Keychain Access to store your own items. For things that Safari or other Keychain enabled apps (Transmit, Adium, Colloquy just to name a few Internet apps), any passwords they store are securely stored in the Keychain by default.

Isn't OS X badass?

netnothing · Apr 9, 2007

killmoms said:
The Keychain is what you want. Use Keychain Access to store your own items. For things that Safari or other Keychain enabled apps (Transmit, Adium, Colloquy just to name a few Internet apps), any passwords they store are securely stored in the Keychain by default.

Isn't OS X badass?

So I have to look more....but does anyone know what level encryption and what algorithm Keychain uses?

I'm assuming that you can create a new Keychain file and store passwords etc in there, separate from the default user Keychain file. Looks like the default is in my homedir/Library/Keychains/login.keychain

I'm assuming I just create a new one and it'll put it there as a separate file?

If so...then yes....OS X is badass!

-Kevin

kiwi-in-uk · Apr 9, 2007

Are you looking in the right place?

applications>utilities>keychain access.app

It is quite flexible and has useful Help documentation.

netnothing · Apr 9, 2007

kiwi-in-uk said:
Are you looking in the right place?

applications>utilities>keychain access.app

It is quite flexible and has useful Help documentation.

Oh yeah...sorry....hope my post wasn't confusing. Yes, I know where the App itself is. I was looking for the actual files Keychain creates and encrypts. These are the files I would need to backup.

-Kevin

killmoms · Apr 9, 2007

kbmb said:
Oh yeah...sorry....hope my post wasn't confusing. Yes, I know where the App itself is. I was looking for the actual files Keychain creates and encrypts. These are the files I would need to backup.

-Kevin

There's only one, it's in your ~/Library folder, under Keychains.

There's really no reason to create one that's separate from your user account, honestly. Each password is decrypted individually at the time it's needed, it's not like the whole thing is sitting unencrypted when you're logged in or something.

netnothing · Apr 9, 2007

killmoms said:
There's only one, it's in your ~/Library folder, under Keychains. There's really no reason to create one that's separate from your user account, honestly. Each password is decrypted individually at the time it's needed, it's not like the whole thing is sitting unencrypted when you're logged in or something.

Thanks. I was just looking to separate my other password from the ones OS X or Apps use just in case it needed to be cleared for any reason.

Any idea on the encryption used?

-Kevin

Diatribe · Apr 9, 2007

Depending on what security level and flexibility you need keychain does what you want. It is not very flexible though for different data and also only has a 128bit AES encryption as far as I know.

If you want more try: http://www.xheadsoftware.com/info_xhead.asp
or look on MacUpdate if you want Freeware.

netnothing · Apr 9, 2007

Diatribe said:
Depending on what security level and flexibility you need keychain does what you want. It is not very flexible though for different data and also only has a 128bit AES encryption as far as I know.

If you want more try: http://www.xheadsoftware.com/info_xhead.asp
or look on MacUpdate if you want Freeware.

Have you used Xhead?

Like I said before, my only hesitation with paid software is what the code is doing that we don't know about.

I guess in any situation, I should get Little Snitch (or something similar) to track outbound requests. I'll start another thread on whether Little Snitch is the best out there.

Thanks!

-Kevin

skwij · Apr 9, 2007

How about Pastor?

thexmac · Apr 10, 2007

I use KeyManager

M@lew · Apr 11, 2007

I use 1Passwd. It's awesome.

PlaceofDis · Apr 11, 2007

i use Wallet

ee99ee · Apr 11, 2007

My business partner and I need to share our client's passwords using some secure method. Currently, I have to login to a Windows box using Remote Desktop to access the application we use (called Password Safe).

Is there anything that is platform agnostic we could use?

-Chris

Search

Search

Secure Password Managers

netnothing

macrumors 68040

Mitthrawnuruodo

Moderator emeritus

yellow

Moderator emeritus

killmoms

macrumors 68040

netnothing

macrumors 68040

kiwi-in-uk

macrumors 6502a

netnothing

macrumors 68040

killmoms

macrumors 68040

netnothing

macrumors 68040

Diatribe

macrumors 601

netnothing

macrumors 68040

skwij

macrumors 6502

thexmac

macrumors newbie

M@lew

macrumors 68000

PlaceofDis

macrumors Core

ee99ee

macrumors 6502

Our Staff