For years, I was a very happy 1Password user. My 1Password database has over 1000 entries in it. Then 1Password started taking venture capital, 1Password v8 came out, and the company started partnerships with crypto providers and I decided it was time for my passwords to find a new home.
I first thought that the existing Apple-provided password manager would be enough, so I started moving everything in. Unfortunately there were things I used in 1Password that the built-in manager didn’t provide, so I tried the Secrets app. It’s a fine app, not nearly as polished or full featured as 1Password, but it works well and it’s an independent developer. But… now I’ve got 3 password managers, and no single source of truth.
For the most part, I think my Apple passwords are the right ones. My current thought on the issue is to export everything to CSVs and save them in a password-protected Numbers file, then delete almost everything out of all three password managers and re-add accounts as needed to the Apple password manager.
This entire fiasco was foolish, and I blame myself obviously. But I also blame 1Password for putting me in this position. Not a lot, just a little. Maybe a 90/10 split.
Does anyone else have any ideas? Does my approach seem reasonable?
If you add the Numbers file to the mix, you’ll have four managers. Could you just make sure everything is in the Secrets app? It looks like it has import and it’ll be easier to use than the Numbers file. And then you can add to your Apple keychain from there as needed.
Feels like a bit of an overreaction to 1pw v8. I found it to work great. But if you don’t want to go back, yes, starting with a clean slate and reimporting a master set to your password manager of choice is not an unreasonable approach.
To me that sounds like a skydiver saying “I think I packed my parachute correctly.”
First I would make backups of each password manager’s data. Then I would pick one password manager and start verifying passwords one at a time. And I wouldn’t delete anything until I verified them all.
You didn’t say how long it’s been since you started changing PW software. If it hasn’t been “years” it’s likely your oldest software (1Password) has the most complete list. If so, I would use it as my “single source of truth” and verify its data. Then I could move to another password manager. Or not.
I’ve moved everything over to Vaultwarden, a self hosted bitwarden implementation (open source) that’s running on a raspberry pi.
For the price of half a year’s worth of 1Password subscription I now have my entire family running bitwarden on their devices and the sync solution is completely run securely from my own network.
Export 1Password to import into Minimalist. Do the same with Secrets and Keychain and work your way through the doubles. This way you keep all data secure all the time (a CSV or Numbers file is not) and use the full password manager functionality without having to separate passwords and non-keychain compatible items.
Why not use Bitwarden? Free, open source and it’s great overall. You can get the pro features for like $12 a year. I moved to it from 1PW and much happier with the transition. It’s also recommended by privacyTools community here
EDIT: That way, you are also not stuck with the Apple ecosystem in case you buy a non-Apple device in the future
Thanks for the suggestions all. I’ve got a workable solution I’m happy with. Secrets is now my long-term archive, and I’ll be slowly rebuilding my Keychain database as needed. At least until Ventura comes out and saves us all from password hell.
I’ve been a dedicated Safari user for years. I don’t actually have any other browsers installed right now, so I don’t really worry about it. If I do decide to switch for some reason, I’ll have to reconsider.
I moved to enpass from 1PW, but have not been a happy bunny. I tried Strongbox and Keepass, but way too clunky, so I have a similar dilemma. Where does Secrets store the vault? The reason I moved from 1PW is I don’t want my vault on their web server.
Fair enough, but sooner or later you will run into situations or certain websites that don’t play nice with Safari. One example - the “Full View” feature of the Fidelity Investments website. I use Firefox to manage this account, and Firefox works well with 1PW.
I appreciate the direction Apple is going with Safari, with its privacy and tracker-prevention features. But Safari is not perfect and alternatives are occasionally needed. This means that an alternative to Apple’s Keychain is needed as well.