Image: Keeper

Contents

Apple’s macOS and iOS include a built-in password management system called Keychain Access, which is supplemented by iCloud and allows for syncing the Keychain between multiple devices. This is a great and simple security solution for many users, but some users require more features in their password manager than iCloud and Keychain can provide, especially those in the enterprise space who need the ability to share passwords and other confidential information between multiple users.

Here is a look at the top products available to iOS and macOS customers to provide more features like password sharing, secure document storage and more features that modern users demand out of their security software.

SEE: Password breach: Why pop culture and passwords don’t mix (free PDF) (TechRepublic)

Before we examine at the best available options, let’s first get familiar with what a password manager does, how to choose a good one and what features you should be looking for.

Why use a password manager?

Password managers have slowly become a necessity of modern internet and computer usage. In the past, more relaxed and simple password requirements meant that you could reuse a password on every account you had, but eventually that became an issue as when one account was compromised, all accounts could easily become compromised. This led to more complex security requirements for websites, and now two-factor authentication requirements as well, requiring not only a username and password to login, but also a one-time password generated by a password manager.

Using a password manager means that your accounts can all be stored safely and securely in a single location that also generates highly secure alphanumeric passwords for you on the spot. Without the need for you to remember these complex passwords, you can increase the security of your accounts by integrating hard-to-remember password incantations into your accounts, including numbers, special characters and upper- and lowercase characters.

Most password managers include a setting to choose between easier-to-read (less secure) password generation and mixed alphanumeric and special character password generation (more secure).

What features should you expect in a password manager?

A good password manager should be able to securely synchronize your usernames and passwords to all of your devices. It should also have a good web browser extension that can be used to automatically fill the passwords and save passwords to its database securely when registering new credentials on a website (and preferably offer up a strong password).

Additional items to look for in password managers are:

  • Allow you to securely store notes—either random notes or notes attached to the accounts to document things for your online accounts.
  • Allow saving credit cards and other payment details securely so they can be automatically filled when checking out on a website.
  • Active password monitoring so that accounts and passwords that have been compromised in recent website hacks are reported to you in order to change passwords for security purposes.
  • Two-factor authentication support to allow you to secure accounts that support 2FA and automatically fill in the one time password when signing in with your username and password from the same app.
  • Ability to share items from the password manager with team members, family members or guests in the case of Wi-Fi passwords, all securely.
  • Ability to store login credentials for servers, databases and more

When choosing a password manager, it can be very important to look at your needs and then evaluate which platform meets the majority of those needs. Security should be a top priority as well: Pick a password manager platform that has end-to-end encryption to ensure that your credentials are encrypted before leaving your device and being stored on their servers, and that only you control the key to decrypt the vault.

The best password managers for macOS and iOS

We’ve found the best password managers to safely secure your macOS and iOS devices. These password managers will also make your browsing life more convenient.

1Password

Image: 1Password
  • Supported platforms: macOS, iOS, Windows, Android, Linux, Chrome OS, command line
  • Supported web browsers: Safari, Firefox, Chrome, Brave, Microsoft Edge
  • Active password monitoring: Yes
  • End-to-end encryption: Yes
  • Supports 2FA accounts: Yes
  • Price: from $2.99/month for personal accounts; $7.99/user/month for business accounts. A free trial is available.

1Password has long been a password manager companion on macOS and has been upgraded and had many new features added over the years to make it one of the ultimate password companions.

1Password has end-to-end encryption that allows for full protection when syncing. Data synced through 1Password is secured by, well, one password that you need to remember to unlock all of your passwords. In addition to clients for macOS, there’s also a client for iOS and a client available online to access your passwords and data remotely on a guest machine. 1Password can synchronize notes, credit cards, software licenses, important documents, server logins, and SSH keys that can be accessed via the command line.

One of the standout features of 1Password is the ability for it to automatically check your passwords securely against leaked password databases to alert you to any potentially compromised accounts.

1Password browser extensions allow you to autofill passwords, 2FA codes and other details as well as create accounts and store them right from the web browser. 1Password also allows for the sharing of content inside of any vault with other users of 1Password or via links a user can click to view the securely shared item.

On macOS: 1Password supports TouchID on the Mac for authentication and unlocking. It also integrates with the command line to allow SSH key filling.

On iOS: The 1Password app integrates with Apple’s password auto-filling feature to allow passwords be filled in third-party apps or in Safari. The vault can be unlocked with Touch ID or Face ID on iOS devices.

LastPass

Image: LastPass
  • Supported platforms: macOS, iOS, Windows, Android, Linux
  • Supported web browsers: Safari, Firefox, Chrome, Opera, Microsoft Edge
  • Active password monitoring: Yes
  • End-to-end encryption: Yes
  • Supports 2FA accounts: Yes
  • Price: from free to $3/month for personal accounts; $4/user/month for business accounts. A free personal account can be created for evaluation.

LastPass is a password manager that encrypts all vaults before they leave the device via end-to-end encryption and can store multiple data types including passwords, secure notes, payment details and encrypted files, allowing for storing myriad other content in the app.

The LastPass browser extension is available in all popular macOS web browsers and allows for autofill of passwords in your vaults and payment details, as well as creating entries in the password vaults when adding new passwords.

One of the standout features of LastPass is the Dark Web Monitoring tool (a paid feature along with emergency contact access to vaults) that aims to alert you about security breaches you’ve been involved in. It will monitor email addresses and passwords for data breaches and alerts you automatically to change your passwords for affected accounts. LastPass allows for sharing of passwords, but not files or other encrypted items in your vaults.

On macOS: LastPass supports TouchID on the Mac for authentication and unlocking. A command line tool is available, but requires the additional overhead of MacPorts to install.

On iOS: LastPass allows for auto-filling passwords via the Apple password autofill feature, allowing filling in third-party apps. Face ID and Touch ID are also used on iOS to allow for unlocking the app and even recovery of accounts if you get locked out.

Dashlane 

Image: Dashlane
  • Supported platforms: macOS, iOS, Windows, Android
  • Supported web browsers: Safari, Firefox, Chrome, Internet Explorer
  • Active password monitoring: Yes
  • End-to-end encryption: Yes
  • Supports 2FA accounts: Yes
  • Price: from free to $6.49/month for personal accounts; $5/user/month for business accounts. A free personal account can be created for evaluation.

Dashlane is a password manager that encrypts your content on a device before leaving it (like the others above), but also offers other features not found in these other password manager apps.

Notably, for enterprise users, Dashlane can be unlocked with MFA apps like Duo, making Dashlane more secure because users will not need to type in their vault password each time to unlock the app, allowing for a more secure vault password without the need to remember it.

Dashlane supports a limited number of data types and can store passwords, secure notes and payment information with ease. Dashlane doesn’t offer more tailored vault types like software licenses or encrypted documents and files. The app and service does support sharing of passwords and account credentials with other users.

Standout features in Dashlane include a Dark Web monitoring feature for detecting compromised passwords and accounts. In addition, Dashlane has a nifty feature that allows users to change passwords for breached accounts right from the app for supported websites and services.

Dashlane is not supported for Linux or Microsoft Edge (but support should be coming), so if those platforms are important to you, this might be a deal breaker for now.

On macOS: Dashlane supports TouchID for authentication and unlocking, and the browser extension allows for auto-filling any saved passwords and payment credentials.

On iOS: Dashlane can autofill with the standard Apple API that allows for filling passwords in third-party apps and in Safari. Dashlane also supports Touch ID and Face ID biometrics to unlock the app when filling passwords.

BitWarden

Image: BitWarden
  • Supported platforms: macOS, iOS, Windows, Linux, Android, command line
  • Supported web browsers: Safari, Firefox, Chrome, Opera, Microsoft Edge, Brave, Tor, Vivaldi
  • Active password monitoring: Yes
  • End-to-end encryption: Yes
  • Supports 2FA accounts: Yes
  • Price: from free to $10/year for personal accounts; $3/user/month for business accounts; $5/user/month for enterprise accounts. A free personal account can be created for evaluation; however, for full features a paid account is needed.

BitWarden is an interesting password manager because it is open source. This means that the code you’re trusting your passwords and accounts with can be vetted by your organization (and the global security community) to help improve features.

BitWarden supports the majority of modern computing platforms, striving for access in most web browsers and operating systems.

The interesting bit about BitWarden is that there’s a self-hosted version of the BitWarden service that can be deployed in your organization, instead of relying on BitWarden’s paid cloud for syncing items. This can add peace of mind and additional security for your organization.

Like some other password managers, BitWarden can be unlocked using MFA SSO (single sign-on) services like Duo, a great feature for password managers in the enterprise setting where MFA is standard security policy.

A standout feature of BitWarden is that it can keep track of shared vaults and who accessed what data and when for audit trails, and vaults can also have encrypted files added to them. In addition, the app can alert you to reused passwords, weak passwords and other security metrics in a vault health report that also includes any compromised passwords and accounts.

On macOS: BitWarden supports Touch ID for unlocking the app.

On iOS: BitWarden supports the ability to unlock and autofill passwords using Face ID or Touch ID on supported devices. In addition, it utilizes the standard Apple password autofill service to autofill passwords in third-party apps and Safari.

Keeper

Image: Keeper
  • Supported platforms: macOS, iOS, Windows, and Linux, Android
  • Supported web browsers: Safari, Chrome, Firefox, Edge, Opera, IE
  • Active password monitoring: Yes
  • End-to-end encryption: Yes
  • Supports 2FA accounts: Yes
  • Price: personal plans from $2.91/month; business plans from $3.75/user/month. A free account can be created to evaluate the software.

Keeper is a password manager that appears to be more geared toward business users, but also has plans that give the same functionality to personal users. The things that set Keeper apart are the multiple layers of encryption at the vault level, shared folder level and record level of the account, ensuring a zero-trust architecture.

Keeper can store passwords, payment information and documents, but also has personalizable fields allowing for an infinite number of customizations on the types of data that Keeper can store. In addition to these data types, a feature called “Keeper Secrets Manager” allows for the storage and secure sharing of infrastructure secrets such as API keys, database passwords, access keys, certificates and any type of confidential data.

A Dark Web scan feature allows you to quickly be notified if your usernames or passwords appear on any stolen data drops online so that you can react and reset your accounts to ensure they don’t get compromised.

On macOS: Keeper can organize files and folders into complex subfolder structures and uses Touch ID to authenticate you in the app.

On iOS: Keeper integrates with the Apple password API to autofill passwords in Safari and third-party apps and can use Touch ID or Face ID to authenticate users in the app and when autofilling passwords.

Enpass

Image: Enpass
  • Supported platforms: macOS, iOS, Windows, Linux, Android
  • Supported web browsers: Safari, Firefox, Chrome, Microsoft Edge,Opera, Vivaldi
  • Active password monitoring: Yes
  • End-to-end encryption: Yes
  • Supports 2FA accounts: Yes
  • Price: from $2/month. A free trial is available.

Enpass is a unique offering in the password manager space. Where most managers are creating their own syncing service, Enpass goes a different route by only storing passwords via an “offline” mode where they are encrypted on your computer. If you wish to synchronize passwords to other devices, then you must roll your own solution through supported syncing platforms like iCloud, Dropbox, Google Drive, OneDrive or your own WebDAV server. Many users might prefer this model because it means that you know exactly where your passwords are being stored and can keep tighter control on the copies of your synced vaults. You can even choose to only sync your vaults via Wi-Fi for a completely “offline” model where your passwords never leave your network.

Enpass offers a feature that routinely audits your passwords and accounts to ensure that the passwords are strong (even after they’re created), account credentials were not part of recent data breaches and your accounts that support two-factor authentication have that feature enabled. It can also detect expired passwords for sites and services that require rolling passwords after a certain amount of time.

Even though Enpass has an “offline” model, you can still select from more than 80 templates to store credit cards, passports, driving licenses, insurance documents and more.

On macOS: Enpass can autofill passwords through the web browser of your choice and can use Touch ID to unlock the vaults.

On iOS: Enpass can also use Touch ID or Face ID to unlock the vaults and autofill, but can also autofill through Safari and third-party apps using the built in Apple Password API.

Which password manager is the best?

It’s important to choose a password manager that encrypts your information when transmitting it to an online locker, offers multi-platform support and works with multiple web browsers – after all, the browser you use today may not be the one that you continue to use in the future. These are the distinguishing features between all of the password managers presented above, and you’ll need to choose what best suits your workflow.