The Best Password Manager for Mac & iOS: 1Password
1Password
Online security tends to be one of those things that you don’t think a whole lot about until it’s too late.
Unfortunately, the bad guys getting their hands on your passwords and other sensitive data may not be your fault. As we entrust this data to online companies and services, we make ourselves vulnerable to attack. When security breaches happen and your passwords get leaked (it will happen to you if it hasn’t already), if those passwords are used other places then you may find yourself in a whole heap of trouble. The time required to dig out of a breach can have a huge cost to your productivity.
A good password manager minimizes this risk by helping you use strong, unique passwords for each site you visit and gives you easy access to those passwords when you need them. Of all the great password managers out there, 1Password is the best.
Password Managers and Productivity
Online security is important, but you’re only left with two unattractive options if you don’t use a password manager:
- Use simple passwords (or reuse passwords) that you can remember, which opens you up to online threats.
- Use complex, unique passwords but keep them in a list somewhere (usually either a digital document or written in a notebook).
The problem with the first scenario is obvious — it’s downright dangerous. If someone gets the keys to your online kingdom, they can do a lot of damage. And even if you’re able to fix things, it can take a ton of effort to sort everything out.
The problem with the second scenario is that it takes a lot of time. Having to dig out your password every time you try to log in to a website is very inefficient, especially if you have to do this multiple times per day. In addition, few things are as infuriating as when you mistype it and have to do it all again.
The way to combine the ease of simple logins with the security of strong, unique passwords is to use a password manager. By storing your unique passwords securely in a password manager that presents them when you need them (i.e. when trying to log in to a specific site), you can give your productivity a boost without compromising online security.
What Makes a Good Password Manager
- Ease of Use — One of the main reasons people don’t use unique, secure passwords is that they can be a pain to remember and type. A good password manager fixes this problem by making it effortless to use your logins when logging in to websites on either a computer or mobile device.
- Flexibility — The best password managers allow you to keep much more than just your passwords safe. The app you choose to use should be flexible enough to accommodate secure notes, credit cards, personal info, and anything else you want to have access to while keeping your data away from prying eyes.
- Design — This can easily be overlooked when comparing the features of password managers, but design is important because it allows you to quickly find what you’re looking for when you need it.
- Sync/Multi-Platform — Your passwords need to be available wherever you are. The password manager you use should allow your passwords to be synced and used across all your digital devices.
- Security — Passwords are the key to your digital (and sometimes physical) identity. Therefore, your password manager should support state-of-the-art encryption standards and provide end-to-end encryption to keep your data safe.
- Export Options — You’ll probably have to share a login with someone at some point. A good password manager makes it easy to export the login info and share it without compromising security by sharing it via plain text in a text message or email.
- Update History — There are new online security threats every single day, so it’s important that your password manager keeps you up-to-date as sites get hacked and passwords are leaked.
- Price — You can afford to be a little bit picky when choosing the password manager you’re going to use because there are so many options, but often times you get what you pay for. The best password managers strike a good balance between affordability and powerful functionality.
1Password Is the Best Password Manager
1Password is the best password manager money can buy. It’s well-designed and easy to use, even for folks who aren’t that tech savvy, which tend to be the ones who need a password manager the most! It’s flexible enough to store just about any piece of confidential information, and offers the best secure storage of that data of any app we found.
What 1Password Does
The basic function of 1Password is to help you create and keep a separate crazy-strong password for every single login you’ll ever need and store them in one place.
If you’ve ever been the type of person who used the same password over and over so you didn’t have to write them down, this may seem a little crazy. The same can be said if you keep your passwords so simple that you can remember them without writing them down. You may have even been using one of these strategies for a while and thinking, “I haven’t been hacked yet, so I guess I’m ok.”
You’re wrong.
If you’re not using strong, unique passwords for your online logins, it’s only a matter of time until the bad guys get their hands on your personal information.
Here are some examples of common “easy” passwords, the kind that people who don’t want to be bothered with creating secure passwords tend to use:
- qwerty
- password
- 111111
- abc123
- 12345678
- password1
These passwords take virtually no time to crack. If you’re using one of these passwords, change it immediately!
A step up from these are “medium” passwords, which contain letters, numbers, and characters and are at least 8 characters in length. Here are some examples of “medium” passwords:
- 1qwertyuiop!
- P4ssw0rd224&
- one1Juanwonder
- qwER43@!
- oPeN#sesameee
- Tr0ub4dour&3
If you’ve used a password like this that combines numbers and letters, you might think you’re pretty clever and that’s all you need to do. Some online forms will even tell you that your passwords are “Strong” or “Very Strong” if they meet these criteria, but it’s not true. Depending on the type of security used to store them, the time to crack this type of password varies a little bit. Using the most common type of security hash used online (MD5), these types of passwords only take approximately 12 minutes to crack.
Then there are “hard” passwords, which are made up of random letters, numbers, and characters, and are at least 16 characters in length. These are the type of passwords you should be using online. Here are some examples of “hard” passwords:
- 3Erk$BDzWdAcffmW
- qfMVq6BPtirRtVi=
- CU.Xe6wxhcYHYfjP
- sZAbdfUPGQng2Xb.
- J}xmF6PRpmknDFpn
- cwj/T9DhJskyEDGk
Any of these “hard” passwords would take centuries to crack regardless of the tasing algorithm used simply based on their complexity.
In a nutshell, 1Password gives the security of having a unique “hard” password for every single login you use without having the mental burden of having to store and retrieve them. All you have to do is remember your single master password (or use biometrics like TouchID or FaceID to verify) and 1Password autofills these complex passwords along with other appropriate login info.
If someone were to tell me that in a life-and-death situation I needed to give them my password from memory for my website, I couldn’t do it. I honestly have no idea what it is. It’s a bunch of random letters and numbers that will be virtually impossible to crack, but because my password is stored in 1Password, I also don’t need to remember it. I just use 1Password when creating the login and store the info in the app so I can use it again later when I need it.
1Password even has a feature called Watchtower which helps you audit your passwords. It alerts you when websites have been compromised so you can change your password, and shows you which passwords you’ve stored that are weak or reused so you can fix vulnerabilities and minimize the amount of damage done if your information does get leaked online.
Getting Started with 1Password
The primary function of a password manager is to give you access to your complex passwords, wherever and whenever you need them. And since 1Password is available on pretty much every major platform, that isn’t a problem. You can download a native version of 1Password for:
Download the version for the system you want to use, install the browser extension if needed, and log in to your 1Password account to start saving and syncing your passwords.
When you first run 1Password, you’ll be asked to pick a strong master password. This is the password that will be used to get into the app itself. This should be something memorable to you, but also difficult to guess. There are many strategies you can use to create a memorable master password, like combining 3 random words together into a string. The makers of 1Password have put together a great blog post that can help you come up with a strong password if you’re stuck.
Once you’ve created your master password, you are technically ready to start using 1Password, but you may need to install a browser extension if you use something besides Safari to surf the web (support for Safari is built-in with 1Password version 7). The 1Password Browser Extension is available for Chrome, Firefox, Brave, and Opera, and gives you access to everything inside your 1Password account.
How it Works
On the Mac, you can trigger 1Password with a keyboard shortcut of CMD + \
that triggers the 1Password app and automatically fills the appropriate info for you. For example, if you’re at the login screen of your favorite website, hit CMD + \
and 1Password will autofill the username/email and password fields with the info stored in 1Password. That means that you can have complex, secure passwords for each site you visit, but you don’t have to remember any of those passwords because 1Password does it for you. All you have to do is hit the keyboard shortcut. In other words, CMD + \
becomes your new password.
When you have 1Password installed on your Mac and you fill out a form that looks like a login, when you hit the submit button 1Password will prompt you to store the info in 1Password. Just give the login a name and you’ll be able to reuse that info the next time you visit the site, no matter what device you happen to be on.
On iOS, you can’t trigger 1Password with a keyboard shortcut, but you can use it to fill forms in Safari by using the Share button and tapping the 1Password extension. 1Password will open and take you straight to the recommended login, so you can just tap the login and fill the form in Safari.
You can make this even easier by allowing 1Password access to AutoFill Passwords in the iOS Settings. To set this up:
- Tap Settings.
- Tap Passwords & Accounts → AutoFill Passwords.
- Toggle on AutoFill Passwords.
- Enable the 1Password option.
Once you’ve done this, you no longer need to use the Share extension to fill your passwords — just tap in the form field on the page, then tap Passwords, and you’ll have the option to choose between 1Password or iCloud Keychain. Select 1Password and you’ll be able to autofill just like the Share extension, but you’ll also be able to store passwords directly into 1Password on your iOS device. This is critical if you’re going to be using 1Password on your iOS services only.
Bonus! One more thing…
In-Depth Video Tutorials to Use 1Password Like a Pro
If you struggle to keep your 10,000 usernames and passwords straight, let us show you how to take advantage of 1Password.
Our video course shows you everything you need to know about about securely storing passwords and other private information:
- Save login information as you’re browsing the web.
- Easily search for and deploy your login information on the web (regardless of what device you’re on).
- Store other kinds of information, such as credit cards, personal info, secure notes, receipts, bank accounts, and more.
- 1Password uses state-of-the art encryption standards, so in case someone gets ahold of your computer, all that sensitive information stored in your password manager is safe and secure.
- And more…
1Password is the best password manager our there, and we want to show you how to get the most out of it.
Security
Security is critical for online password management services that sync your secure data across devices. While several services and apps we looked at offered strong security options, 1Password offers the best security options and manages to do so without compromising ease-of-use.
First, 1Password offers top-notch encryption. By using 256-bit AES encryption, the data you entrust to 1Password is effectively impossible to decrypt. And no matter what service you use to sync your data, everything in 1Password is always end-to-end encrypted. This makes it impossible for someone to learn anything by intercepting your data while it’s in transit or even obtaining it from AgileBits. All encryption keys, initialization vectors, and nonces are generated using cryptographically secure pseudo-random number generators, and 1Password uses PBKDF2-HMAC-SHA256 for key derivation which makes it harder for someone to repeatedly guess your Master Password. According to AgileBites, a strong master password could take decades to crack.
Speaking of your Master Password, it’s is never stored alongside your 1Password data or transmitted over the network. Taking this precaution is a bit like making sure the key to a safe isn’t kept right next to the safe itself: keeping the two separate makes everything more secure. The data in your 1Password account is also protected by your 128-bit Secret Key, which is combined with your Master Password to encrypt your data.
In addition to encryption, 1Password offers several features to limit your exposure to threats outside of 1Password:
- Clipboard Management — 1Password can be set to automatically remove passwords from your clipboard. This prevents anyone from gaining access to your data by pasting a password you copied and forgot about. It also means that tools that save your clipboard history don’t end up storing your secrets.
- Code Signature Validation — This verifies that your browser has been signed by an identified developer before filling your sensitive information. This protects you if your browser is tampered with, or if you try to use a browser that hasn’t been proven secure.
- Auto-lock — 1Password also protects you if you have to walk away from your unlocked computer by automatically locking the application. This can be configured to lock automatically, and makes sure that no one can access your data when you’re away from your desk or after closing the lid on your laptop.
- Secure Input Fields — This prevents other tools from knowing what you type in the 1Password apps. This means that your personal information, including your Master Password, is protected against keyloggers.
- Watchtower Vulnerability Alerts — 1Password can warn you when a website has been hacked without ever sending AgileBits a list of the websites you visit.
- Phishing protection — 1Password only fills passwords on the sites where they were saved. This makes sure that no one can steal your password by pretending to be a site you trust.
- Biometric Access — You can unlock 1Password using TouchID or FaceID on your Apple devices. This makes accessing your information more convenient, and also means that someone can’t learn your Master Password by peering over your shoulder.
The last important aspect of 1Password’s security is transparency. 1Password is developed on top of open standards that are trusted, proven, and constantly getting better. 1Password itself uses two open data formats (OPVault and Agile Keychain) for all your 1Password info. Agile Keychain specifically addresses and fixes several less-than-ideal aspects of the built-in Keychain by using a combination of the OpenSSL library, CommonCrypto, or Windows cryptography libraries (depending on platform and version for all of its encryption and key generation needs). And the fact that all of these data formats and encryption algorithms are open means that experts have examined them and they have been verified to keep information secure.
1Password also has a straightforward privacy policy that states that “any information you share with us is only ever used to provide you with service and support.” If you decide to switch, 1Password offers straightforward export tools that make it easy to move information out of 1Password.
So what can you store in 1Password, anyway?
You can store a lot more than just passwords in 1Password. All of your information in 1Password is broken down into categories that are easily accessible from within the 1Password app:
- Logins — Contains username and password combinations that can be used to log in easily at your favorite websites.
- Secure Notes — Allows you to store things like financial data, insurance policies, or health information.
- Credit Cards — Stores not just numbers but billing addresses and verification codes you can access with a single click when shopping online.
- Identities — Contains important personal information like addresses, phone number, or job information.
- Passwords — Individual passwords (although you can easily turn a password into a login with the click of a button).
- Documents — Can be used to store pictures of important documents.
- Databases — Allows you to have access to your databases (including connection options).
- Memberships — Allows you to keep track of member IDs, websites, and expiration dates.
- Software Licenses — Keeps all you serial numbers and registration info for installing your favorite apps.
You could use 1Password to store passport and driver’s license info, WiFi passwords, email account info, bank account info, social security numbers, server info, and much more. I’m always finding new things to store in 1Password, like the punch code for the locker room at our local YMCA. You can also sync specific login items to the 1Password Apple Watch app, so if I forget the code during my workout I can access it on my wrist without having my phone handy.
Seamless Syncing
If you’re a long-time 1Password user, using version 7 or newer of 1Password requires a 1password.com account. In the past, 1Password was a one-time purchase and all your information was stored inside of a vault located locally on your machine. With 1Password 7, you’ll need to sign up for an account if you want to sync your data across different devices.
When signing up for a 1password.com account, there are several different options available, but one new change is that you are strongly encouraged to have a 1password.com account in order to sync your data. You can still go into the Advanced tab in the preferences and use a local primary vault, but it is clear that 1Password would prefer you sign up for an account. So while still technically possible to sync your data via services like Dropbox and iCloud, using a 1password.com account definitely results in better performance (we never found ourselves waiting for our data to sync from one device to another in our testing). If you are upgrading from an older version and are ready to create an account, the migration process is simple.
While some users will no doubt be upset with the switch to a subscription-based pricing model, we personally believe it’s worth it. Online security is vitally important, and between the performance benefits and added security features, we’ll happily pay a couple bucks a month to keep one step ahead of the bad guys.
Account Types
The Personal version is for single users and is $2.99/month (when paid annually). There is also a Family version which $4.99/month and includes up to 5 family members (additional family members can be purchased for $1/month). 1Password for Families gives you the ability to share passwords, credit cards, secure notes, and more, and also gives you the ability to recover accounts for locked out family members. If you are the tech person in your family and have family members who have bad tech habits, adding them to your 1Password for Families account might save you a lot of headaches come the holidays.
(1Password for Families is also available as part of an eero Secure+ subscription, which gives eero owners additional WiFi management options in addition to 1Password, encrypt.me, and Malwarebytes subscriptions for $99/year.)
1Password also has higher-end Teams and Business plans. The Teams plan is $3.99/month (per user) and offers 1GB of online document storage and the ability to share with up to 5 guests for limited information sharing. 1Password Business is $7.99/month and gives you 5GB of storage and 20 guests, plus custom groups and provisioning, free Family accounts for each team member, and VIP support.
The Competition
Here are some of the other apps we considered when selecting the best password manager.
iCloud Keychain
With Apple’s built-in password manager, your account names, passwords, and credit card numbers can be safely and securely stored on your Mac, iPhone, or iPad keychain, and synced across all your devices using iCloud. It’s completely free and built into the operating system. It’s incredibly easy to use, and does a great job at getting new users rolling with strong unique passwords.
While iCloud Keychain may be great for a lot of people, it’s simply not as good as 1Password. 1Password is much more secure, and allows you to store much more information that you might want to keep private. iCloud Keychain is also limited to Apple devices, so if you have a PC or Android device that you’d like to sync your data to, then iCloud Keychain won’t work for you.
LastPass
LastPass is probably the most popular 1Password competitor. It offers many of the same features as 1Password, and used to be much better (and more affordable) for sharing login information with people outside your organization. That’s changed in recent history though, and LastPass and 1Password are now priced very similarly.
Unfortunately, while they may look similar on the surface, LastPass doesn’t have near the polish that 1Password does. Overall, LastPass’s interface feels clunky and lacks attention to detail, especially on macOS. The Safari plugin can be annoying and inconsistent, and the iOS app lacks several of the niceties of 1Password.
RememBear
RememBear is made by the folks behind TunnelBear, a solid VPN service that allows you to surf the web privately from your Mac or iOS devices. Just like TunnelBear, RememBear is very well-designed. In fact, in some places it even outshines 1Password. Like the Lock Screen, which shows the RememBear logo and the bear’s eyes follow your password as you type, then gives an approving nod and a slight smile when entered correctly.
We have no concerns about the security of RememBear, but it doesn’t offer nearly the number of features that 1Password does. Since you need the paid account to sync your data between devices and it’s the same price as 1Password, the fact that it can’t do nearly as much is a dealbreaker. But, if you only want to store passwords and only have one device, it’s a great (free) option.
Dashlane
Dashlane may be the most fully-featured 1Password competitor, offering a couple of different tiers. The free version gives you full access to the app features but limits the number of stored passwords to 50. The Premium version is $4.99/month and removes this limit, plus gives you Dark Web monitoring to let you know if your data has been leaked and a VPN service that helps keep you anonymous on public WiFi networks. The Premium Plus plan is $9.99/month, and gives you real-time credit monitoring and up to $1 million in identity theft insurance coverage.
Dashlane is definitely a solid app, but we prefer the design of 1Password. Feature-for-feature, Dashlane’s Premium plan is also more expensive than 1Password. The Premium Plus plan may be a good deal if you are concerned about identity theft or don’t have a VPN service already, but 1Password is otherwise a better option for most people.
oneSafe: The Manager with the Most Security Options
oneSafe is another option that is a one-time cost for those who don’t like the idea of a subscription. The Mac app is available in the Mac App Store for $19.99 and the iOS version is available for $9.99. By the time you buy it for both Mac and iOS, you can basically get an entire year of 1Password for the same price.
This is important because oneSafe doesn’t seem to be updated all that often. If you would have bought oneSafe a year ago (when it last received an update for BOTH versions), you’d probably be looking at the fact that it hasn’t been updated and be contemplating a switch to something like 1Password anyway. In addition, 1 Password has a much better design. When you add the fact that 1Password offers much better security than the built-in CloudKit synchronization that oneSafe is built on top of, we can’t recommend oneSafe over 1Password.
Also, it’s difficult to overlook the fact that, as of this update, oneSafe’s website is still using the outdated http://
protocol instead of the standard (and more secure) https://
that most sites use today. This is a simple (and free!) security step that any website owner should take — especially a business that exists to provide additional security for users.
Conclusion
In short, 1Password is the best app for managing your passwords because it offers a great design that is easy to use, killer security features that are second to none, and the flexibility to securely store just about any kind of private data.
You can download 1Password for free on The Mac App Store or The iOS App Store.
If you need to sync your passwords outside of the Apple ecosystem, it’s also available on for Android and Windows.
And, if you are new to 1Password or simply want to expand your skillset and knowledge with this incredible app, we have a course on getting the most out of 1Password.