Keychain as primary password solution

Hi all,

The discussion today about 1Password and its relationship (if any) with Apple has gotten me thinking about Keychain.

I’m currently a 1Password user, and have been since version 5, I think. It was what I chose when it became clear that my bad habit of using the same (bad) password for everything needed to go away. It’s honestly been great, and I’ve liked using it. I still use 1Password6 pretty much daily.

But I never gave Keychain a real look. I wonder if it might now be robust enough to just kinda take over for 1Password so I needn’t worry about subscriptions, etc.

Do any of you use it as your only password manager? Does it do what 1Password does? From what I can tell, it’s great for creating secure passwords and filling them in on web sites, and not much else. Is that correct? If so maybe it’s got a way to go.

I currently use 1Password for the web logins, credit card info, software licenses, and some secure notes (although that’s not really important given they myriad ways to do that).

What do all of you do?

1Password is light years better than Keychain.

Keychain has not changed since 2007, if not longer, check out this video from 2007 and it looks exactly the same with the same features https://www.youtube.com/watch?v=4QCr2huNfxM

I’ve been trying out all the password managers on the market and 1Password is hands down the best. If you want free then Bitwarden is good enough and does what you need already. LastPass is okay too, but there track record hurts them and they don’t encrypt URL’s and other metadata. Dashlane is too expensive and locked in. Enpass is fine if you only want to use it on your Desktop computer because its free and you can pick to sync with iCloud or Dropbox but lacks storing addresses and such.

When it came to creating new passwords, signing up, changing passwords, store other things besides passwords, filling in identity stuff, and sharing with family 1Password just hits it perfect compared to all the rest.

I’ve been thinking about this whole subscription issue and I could not understand, It’s not a big deal to me and I was wondering why? Everything in life is a subscription. You buy tires for your car and you own them but you’re going to need to buy some more again in the future, kind of like a subscription. So long as you have a car you’re going to be buying tires for the rest of your life, just like a subscription. People tend forget this and it comes as a shock when they need tires because now they got to drop a few hundred. The same goes for software, you buy it and own it but down the line the new version comes out and you got to get it as it has security improvements and features you’re going to need.

I’ve been thinking about this more and more. The subscriptions don’t bother me because the things I have that are subscriptions are a must have for me. After thinking about it I’m thinking the reason why so many people are against subscription is because they don’t know where every dollar is going. I use YNAB to track and give every dollar a job and this makes me purposeful with my money. I can better see and understand what is really important to me and it just so happens that some subscriptions are very important, if anything I can’t think of a subscription that is more important than one that holds the keys to my digital life and the real world.

I don’t sweat it when it comes time to subscribe for another year either as I save $3 a month every month almost automatically at this point with YNAB. When it comes time to pay it the money is already there because I’ve been purposeful with my dollars every month with YNAB’s help. I do this for all the things I need, even new car tires - I set aside a little bit every month so when I need new tires in 3 to 5 years the money is already there and its not a shock. The same goes for Christmas time, it happens every year and is the worst “subscription” of all but everyone seems to forget it happens. I don’t, I put aside a little bit away with YNAB so I’m ready.

And I know many will say they budget, but there is a difference between “budgeting” that everyone does and being purposeful with every dollar. Life runs better and there is less worry when you look in YNAB and see that you already have the money for that thing that “came out of nowhere”.

Sorry for the long rant, but I’ve been cooking on this idea for awhile and needed to get it off my chest.

Hello machei,
I’ve been using 1Password since version 4 or 5 (can’t remember) and it was because of limitations with the Apple Keychain. The interface was difficult to navigate and I had problems with multiple machines and copies of logins.

I feel that the problem has gotten worse because I save some passwords in safari on my iphone and then see a duplicates (times when I used a simple password for initial logins, times I reset my password but haven’t logged in using my phone since then).

I don’t know of an easy way of removing these entries from my phone. I know how to do it on my mac, but that’s because I’m an old fuddy duddy.

Anyway, I went to 1Password Families to help support the company and my sanity because I can tell grandpa to use use his “Master Password application” and stop asking comcast to reset everything.

Good post @ecophoscys. I agree on many of the points that you made about people having the sticker shock and not being purposeful with their money -Myself included.

I’d like to state a counter point.

When you stop a subscription, you no longer have access to said items. For example, I stop my subscription to comcast. I don’t have the internet and my family is made at me. If I don’t have money to buy new tires or the new versions of software, I still have access to the current versions or enough traction on my car to stop on the figurative dime.

I will say this, I like that metaphor and will think about it and YNAB a little bit more as I’m putting my life together.

Right now 1P is well worth having, though getting my family onboard is tough.
iOS 12 may change that, but not yet. 1P will integrate better, but so will Keychain. I think it will be worth reviewing this when the final iOS 12 is out (not just betas, which miss some features).

I’d like to switch some things to Keychain if it gets better.

Search for ‘passw’ in settings, and you’ll see ‘app and website passwords’ where you can edit or delete passwords.
Now you did use the qualifier “easy” so you might already know about this, and consider it difficult.

Thanks.
I didn’t think about just going through settings. Usually, I’m in safari having the issue and don’t go back to fix problems with duplicates.

I spent 5 minutes removing duplicates and various logins that I think would probably be incorrect.

Going forward, I’m willing to re-evaluate my personal usage but will keep 1password for family use.

Thanks for your thoughts and taking the time to write it all out. I appreciate your stance on the password software. Thankfully, 1P6 still does everything I need without a subscription, so I’m good for now. I was just thinking ahead.

I too have thought a lot about subscriptions. For me, I still think it’s not a good way to run a software shop. It’s not what I wanted to get from this thread, but I’ll offer up these thoughts here, which I’ve offered up elsewhere:

Used to be, and often still is, that the way software ran was pay for it, take it home, use it. Buy it again when there was a reason to do so. Those reasons were entirely in the control of developers. They needed to DO something. They needed to add the features people wanted so things were compelling (it’s pretty much why we keep buying iPhones) and so people would pony up. Or they needed to branch out–make something NEW, something we never knew we needed. Push the barrier forward. Earn the money you’re asking for. Three of the most long-lived apps (Omni Group stuff, PCalc, and BB Edit) are STILL subscription-free 20 years later, so it obviously works, but now all devs want you to believe is they cannot stay afloat without “a secure revenue stream”. The theoretical improvements or enhancements coming down the pike in their unknown software development process may or may not be worth the price of a year’s subscription, but we don’t know that, and they don’t care—we need to take it on faith—we can’t make up our own minds as consumers as we lack the information. We just need to open our wallets and let ourselves be pick-pocketed, hopeful it’ll all be worth it. Is that fair?

Devs say their app isn’t sustainable? Is that really on me as a consumer? Is it really up to me to make their company work? Really? My role, as I see it, is to buy their stuff when it’s available. Software is a thing, a tool, not a service. I value my tools. But make no mistake they are tools. When a plumber needs a wrench, he buys the best one he can so he can do the job best, longest. He buys a new one when it breaks. Depending upon the quality, he fosters brand loyalty. No one will come and take his wrench away because he didn’t pay for it this month. Neither will your metaphorical tires magically cease to work or only go a certain speed if you don’t pony up for the month.

Your example of YNAB is a particular bugaboo of mine. I have used it since ver 3, and totally love it, but Jesse is insane. The subscription price was nuts to begin with, even for the value, but then he upped it by over 50% for no reason other than he thought “the software was undervalued”. It’s a load. There’s no way the software is worth what he’s charging. I was on the Reddit AMA when users implored him NOT to go subscription, and he didn’t care. He still doesn’t care. I can see where all the courses and help is pricey, but honestly, how often have you attended a class since you got the hang of it? And yet you’re paying for those classes in perpetuity. That’s like buying a kickass stereo for your metaphorical car, every year, and then never installing it and letting it languish in the garage somewhere. That’s just absurd. I love YNAB, but I have promised myself that if Jesse ever discontinues the grandfathered pricing, or ups the price even more, I’m gone. Unlike some devs who are actually listening to the users because they know a subscription is precarious ground, Jesse doesn’t give a fig that users liked things about YNAB4 that are now gone—it’s his way or no way at all. I refuse to reward that kind of thinking.

There’s got to be some middle ground here, but I still think that it’s not what devs are doing.

Anyway, that’s my $0.02. As for 1Password, $3 a month is not a huge fee, so I’ll need to give it more thought if thy ever obsolete version 6. Thankfully, I don’t yet need to. Maybe Apple will make Keychain a true competitor before then.It isn’t any one app… It’s all of them together that makes ‘death by 1000 coffees’.

It seems to me that Keychain still won’t do what I need it to do to keep pace, so i’ll stay where I am for now, Thankfully, that’s not an issue as yet. Thank you for your feedback!

Good point, @mandaris! I bought DayOne at a flat rate. I am no longer eligible for updates, although I did pay, and I’m limited to one entry a day with one photo. Now if I were to get the newer version, I would have to buy into a subscription at a high price. Once I opted out of that subscription, I have nothing to show for all the extra money I paid!
Furthermore, anyone with a subscription has to be cognizant of when it is up or has to renew for yet another time period, usually a year! I think they are a huge rip-off. I can only think of one app I’d be willing to pay a subscription if it were not too outrageous!
I have Apple Music which I love. 99 cents for extra space to Apple per month. And Netflix which I’m thinking of canceling merely because I can’t find anything to watch!

I’m going to have to agree with some of your points on YNAB. It was crazy he raised the price because he felt like it was undervalued, but he’s not wrong since EveryDollar still cost more and gives you less. The good news is that he grandfathered in all the current users so I can’t complain. The bad part is that I would have paid the higher price because of how helpful his software is to me. In the first month of using it YNAB it saved me $200 and it continues to make me question certain things to see where I can save money.

I’ve tried all the competition’s version of YNAB but nothing is as good or worked as well for me. Same thing with 1Password. In honestly, as customers we’re stuck unless something better with no subscription comes along.

I agree 100% that the live courses are just stupid. Even when I used them the classes were rushed and not really “real world”. He would be better off with a smaller team that makes YouTube videos constantly going over customer issues from the reddit forum on how to do things instead of the same non-help live web streams. Then Jesse is doing more podcast, because Dave does them, and Jesse is not getting it. His podcast are not good, no one wants to listen to him ramble for 15 minutes. And the bank sync is something I don’t use and yet he charges me for it, doesn’t seem fair. But everything else is amazing so I pay for it.

This is an unpopular opinion, but I’m getting really tired of the anti-subscription rants.

Platforms—both operating systems and services—are more interconnected with third-party software today than they have ever been in the past. Developers absolutely do not have control of them any more. Apple changes the OS? That might require the dev to make some changes to their software. Twitter changes their API? More changes. GDPR? Fire up Xcode and buckle up!

There are also much more direct ongoing costs to developers today. 1Password and Overcast run sync servers that are more robust than just using Dropbox or iCloud. Adobe licenses fonts and stock content. I don’t think it’s reasonable to expect AgileBits to continue to monitor and secure a server indefinitely on an ongoing basis for a one-time purchase fee.

Yes. That’s how this exchange of value works. If you find a thing valuable, you pay for it. If you don’t find it valuable, there’s no reason to get angry about it.

I am tired of reading these rants from software users trying to frame their frugality in terms of a larger ethic, while implying that those who pay for subscription software are rubes or sheep. Nobody is forcing you to buy something, and nobody is forcing to subscribe to anything. If you don’t want it, don’t get it.

I see subscriptions as a feature. I like subscription software because it shows a commitment from both the user and the developer. I continue to support the things that I continue to use. When there is no longer value for me, either because I’ve changed or the software has, I can stop. I recently stopped my Adobe subscription because my personal and professional responsibilities changed such that I no longer needed it. While I was using it, it was great! YNAB has improved its software dramatically since it went to the subscription. The iOS app in particular has been completely overhauled two or three times since then. I’m happy to continue supporting this pace of development.

YNAB, 1Password, Bear, and others will survive without you and be better for their subscriptions.

To get my dad to use it, I had to just sit there and put the passwords in myself and install it on his devices. It took hours to do, but I was spending hours on the phone having to reset his passwords. Since moving to 1Password, I don’t hear anymore problems with passwords. I have a little mental reminder to tell him to practice getting into 1password on his phone so that he doesn’t forget and becomes more comfortable with the solution.

I’m currently running the beta of iOS 12 and I think I’ll use the built in password management for small sites but keep the 1Password for the above benefits as well as the fact that my wife prefers to use firefox for browsing (another topic all together).

I guess I disagree with the notion that 1Password is “light years” better than Keychain. I think it depends on your use situation. Frankly, I used 1Password for a couple years and found it more of a bother so I got rid of it (same with Textexpander, PDFPen, PDFExpert, Fantastical, and a bunch of others). Keychain did everything I needed, and with Apple upgrading the Notes app to include secure notes for sensitive information, 1Password lost much of any advantage it had for me.

As for subscriptions as they relate to Keychain and 1Password, I would just point out that if you have a suitable, no-cost alternative (i.e., Keychain), you don’t even need a another piece of software in the first place, much less a subscription.

Wow, I’d like to thank everyone for chiming in on these topics.

I know I wasn’t the one who started this but I came away with a lot to think about.

I didn’t know it was an unpopular opinion, but I’m sorta gratified if that’s true.

I was unclear in what I was saying with regard to what’s in control of the developers. When I said ‘reasons’ I think you read ‘reasons for devs to charge a fee which are outside of their control like API changes’. What I meant was ‘reasons for consumers to buy the software in the first place’. As consumers we do not care how the sausage is made, and rightly so. If I were a developer, I’d make my own stuff to sell.

I don’t believe that creating one’s own sync system just to be ‘more robust’ is really needed. First of all, most companies who create their own solutions are running off A3 anyway, which isn’t an in-house system, and others who say they have trouble with Dropbox or iCloud and so are rolling their own aren’t thinking it through. For instance, Day One says they had all manner of issues with Dropbox or iCloud and couldn’t make it work. Meanwhile Ulysses can somehow create a rock-solid sync solution using iCloud that’s never had an issue, so someone is either lying or not as good at development. I think this comes down to poor choices on the good side, and creating a ‘solution’ just to own user’s data so they can extort them for it back on the other. Ask ANY user if they’d rather have control of their data, or give it to some indie dev who is trying to make a subscription scheme work. The whole cloud sync thing feels more and more like an excuse to validate a subscription than anything else.

And no, exchange of value does not work that way. If I know what the exchange was, then you’d have a point, but part of the problem is that we as consumers don’t. What, exactly, is the value for which I am exchanging my cash? Case in point: the latest rev of Ulysses included a whole ton of stuff to make code writing more pretty and elegant. Great, but as a creative writer, what does that matter to me? I’d argue the vast majority of users don’t use Ulysses to write code, so how is that ‘valuable’ to all of the people who have paid for it with the subscription cost? And, we didn’t know that was the new hotness until it was released. We just kept paying for—something. If Ulysses had done a paid upgrade that included that, then I could choose if I wanted to upgrade, pay and be happy, or wait until the next upgrade that might include something I wanted, and all the while -magic!- my current set up would keep working for me at no additional cost.

What’s better for the consumer, and what’s better for the dev? Considering one wants money and the other has it, that exchange of ‘value’ better be based on the dude with the cash. Subscriptions aren’t. They’re user-hostile.

Anyway, at the end of the day, you’re absolutely right. If we don’t want it, don’t buy it. The marketplace will work it out in the end. I myself have some subscriptions to software because I want to keep using the stuff, even if I disagree. I only argue these points because as a consumer who actually likes software (all evidence here to the contrary) it’s valuable and good to voice this stuff before software companies start going away due to poor choices.

Part of what I truly loved about the whole of the Apple ecosystem was that it was such a good place to be, over and against the PC world. It was populated by people who genuinely cared and did great work, and man, did it ever show. Now it’s just getting to be more and more about money and the good times are gone. Where I used to utterly evangelize awesome software for the Mac, I now find myself saying “why bother? No one will pay over 100 dollars Canadian per year for a budgeting software.” And sadly, all anecdotal evidence suggests I am right.

I guess the next year or two, when all the subscriptions that happened last year come due, we will really find out if devs have stepped in it or not.

I would like to comment as a main stream user, though MPU Wannabe.

I believe that Developers have the right to adopt the business model that is best for them, and should not be criticized for doing so.

The subscription model, in my view, will be attractive only to users who are heavily invested in the app. A real life analogy would be that of buying a house with very basic ongoing maintenance needs (The Purchase Model), whereas the Subscription Model equivalent would offer Swimming Pool, Tennis Courts and other features into the future.

I have both 1P Stand Alone (Mac & Windows) and Key Chain as a back up. I am very happy with this 1P and miss almost none of the subscription features. My Plan is to continue until this 1P breaks and then reluctantly move to the Subscription Model. (Two new 1P standalone licences cost about the same as a subscription for 4 years).

The main benefits of 1P compared to keychain for me, as a (sub)normal user, is that it is cross platform, it is easy to add extra information, and especially, it has a password history feature. I sometimes run into problems updating site passwords, and having this has avoided much aggravation. The Subscription version also has 2FA.

I have never used anything but keychain and no one has managed to present me with any convincing reason to switch.

I only use Apple products and never have to use any other platform, and keep sensitive information in password-locked notes that I open with spotlight.

Keychain opens in all my apps and I have always used the suggested passwords. If I need to manage my passwords (which I hardly ever have to do), as another poster mentioned, I just type ‘passw’ into spotlight.

In my situation, a password manager is an expensive fix to a problem that doesn’t exist!