HomeMac Password Managers
Marta Turnbull

Marta Turnbull

Head of Community at MacUpdate

Marta Turnbull is a MacUpdate OG and has written about technology, marketing and brand creativity for over 10 years. She splits her time between Michigan and Ukraine.

Mac Password Managers: Protecting Your Online Mac Identity

17 January 2020

Mac Password Managers: Protecting Your Online Mac Identity

If you’re online, you likely have dozens of accounts and passwords: bank, store, social media, subscriptions, travel, utilities, work-related, and more. To manage your logins, you need the best password manager for Mac!

Why?

Because your personally identifiable information (PII) has probably already been compromised!

To check, enter your email address on Have I been pwned? The site keeps a record of email addresses and passwords compromised through data breaches.

In just one breach - known as Collection #1 - over 770 million unique email addresses, and more than 21 million unique passwords were collected and published by hackers!

Weak Passwords Cause Data Breaches

But you don’t have to be a victim!

That’s why you need strong, secure, and different passwords for each of your accounts.

But how do you create - and remember - dozens of different passwords with lower and upper case characters, numerics, and special characters?

You don’t.

You use a Mac password manager.

What is a Password Manager and How Does It Work?

A password manager is a digital vault that generates and stores your passwords, along with other identifiers such as email addresses and usernames. When you’re prompted for your login credentials, the password manager auto-fills them for you, making access faster and simpler.

How Password Manager Works

Password managers also make it easier to generate and use stronger passwords. Instead of using the same password for different sites because it’s easier to remember, a password manager allows you to create longer, more random, and different passwords for each account.

Savvy users use password managers to:

  • Track accounts: A password manager keeps track of all your accounts, allowing you to close unused accounts and delete access information to reduce exposure.
  • Prevent password-reuse attacks: After stealing your email address and password, hackers may attempt to use the same credentials to log in to other sites. Minimize this risk by using the random password generator to create unique passwords for each account.
  • Prevent phishing attacks: Phishing emails provide a link to a fake site, tempting you to enter your password. A password manager will recognize the site and refuse to enter your password. If only the password manager - but not you - knows the password for the real site, you can’t be tricked into entering it.

Are There Risks To Using a Password Manager?

Yes.

There are two main risks:

  1. You forget the master password: Forgetting the master password for your password manager prevents you from accessing all of your accounts, and may require changing all of your passwords.
  2. Hackers steal your master password: Since password managers are generally protected with a single password, if hackers gain access to your password manager, they can steal the passwords to all of your accounts at once.
    One way to prevent this from happening is to ensure that you put in place two-factor authentication, making it more difficult for hackers to gain access.

Does macOS Have a Built-in Password Manager?

Yes. Keychain Access is an app that comes with macOS. It stores account information and passwords for all password-protected items, including email accounts, network servers, and websites.

As an encrypted container, KeyChain Access also allows you to store confidential information such as credit card numbers and personal identification numbers (PINs) for accessing your bank accounts.

KeyChain Access is integrated with iCloud keychain, enabling you to share keychains (your encrypted passwords) with your other devices. Signing in to iCloud with your Apple ID allows you to create and manage keychains on the device of your choice.

KeyChain Access offers both a command-line and GUI, with files stored in ~/Library/Keychains, /Library/Keychains/, and /Network/Library/Keychains/.

Why Do I Need Another Password Manager for My Mac?

Having a backup is critical if something goes wrong. If you forget the master password for either Keychain Access or your password manager, you can still access all your data using the other app.

How Do I Choose a Password Manager?

Key Characteristics Password Manager

The most important thing to consider is the value of what you are protecting.

Ask yourself:

  • What would be the impact if my identity was stolen?
  • How much would I lose if my bank accounts were hacked?
  • What would be the effect of my social media accounts being compromised?

Once you’ve considered the potential impact, don’t hesitate to find and install a password manager that offers complete protection. With several free, open-source solutions available, some users rate password managers purely based on the cost or pricing model.

Don’t use price as the deciding factor. Focus on the company's reputation and the features you need to protect you and your Mac. If a free app gives you what you need, that’s great. But if you need something more, don’t go “cheap” and regret it later after you’ve been breached.

How do I Know if My Mac has a Password Manager?

When you access a website, email account, network server, or another password-protected item, you may be given the option to remember or save the password. If you choose to save the password, it’s saved in your keychain, so you don’t have to remember or type your password every time.

What is the Best Password Manager for Mac?

Best Password Managers Mac Rated

What are your best choices? Here are five password managers our readers rave about:

Bitwarden

1. Bitwarden

Even though Bitwarden is a free, open-source password manager, the company uses professional auditors to try and break it. The process identifies vulnerabilities and allows the product to be one of the top-rated password managers available.

Browser extensions are available for all the major browsers, with the password vault easily synchronized between devices over the cloud using AES-256 encryption. Linking generated passwords to accounts isn’t as straightforward as it could be, but it’s still a tool worth looking at.

  • MacUpdate User Rating: 4.8
  • Version Reviewed: 1.15.2
  • System Requirements: OS X 10.10 Yosemite, macOS 10.12 Sierra, or higher.
  • Licensing: Free.
  • Read MacUpdate user reviews of BitWarden for Mac.
MacPass

2. MacPass

A free, open-source password manager for macOS, MacPass is light-weight and easy to use. Passwords are stored in a highly-encrypted Keepass database. Consisting of only one file, it’s easy to transfer the database between Macs.

Like other password managers, MacPass includes a sophisticated password generator together with an analysis tool indicating the strength of each password generated.

  • MacUpdate User Rating: 4.5
  • Version Reviewed: 0.7.10
  • System Requirements: OS X 10.10 (Yosemite) or higher.
  • Licensing: Free.
  • Read MacUpdate user reviews of MacPass for Mac.
Buttercup

3. Buttercup

Buttercup is a free, cross-platform, open-source password manager with a simple, easy-to-use interface. It offers AES-256 encryption, generates strong passwords, and includes the option to choose where your password vault is stored.

Buttercup supports Google Chrome and Mozilla Firefox browsers, and runs on Linux, macOS, and Windows desktops, and Android and iOS mobile devices.

  • MacUpdate User Rating: 4.5
  • Version Reviewed: 1.18.1
  • System Requirements: OS X 10.12 (Sierra) or higher.
  • Licensing: Free.
  • Read MacUpdate user reviews of Buttercup for Mac.
Enpass

4. Enpass

Enpass is a basic password manager for home users. The free version offers full access on desktops but is limited to 25 items on mobile devices. Enpass stores passwords locally, but can sync with other devices using your own third-party cloud storage.

Enpass does not offer security-grade encryption or two-factor authentication, but is a viable alternative to Google Authenticator. It allows you to store lots of personal information, but the data is static and cannot be used to populate web forms.

  • MacUpdate User Rating: 4.3
  • Version Reviewed: 6.2.0
  • System Requirements: OS X 10.12 (Sierra) or higher.
  • Licensing: Free on desktops only, $0.99/month billed annually, or $49.99 one-time purchase.
  • Read MacUpdate user reviews of Enpass for Mac.
1Password

5. 1Password

Don’t let the MacUpdate community’s rating of this password manager mislead you. 1Password is often rated as one of the best password managers available.

Sure, they may have changed their pricing model, but if you choose 1Password, it’s unlikely you’ll regret it.

Used by over 500,000 businesses, 1Password is designed for commercial use and includes the following features:

  • Strong, AES-256 encryption to store passwords
  • Two-factor authentication for increased protection
  • An extension for most browsers, including Chrome on all platforms
  • An encrypted data store shared between browsers
  • Access on mobile devices using PIN codes and fingerprints

1Password’s audit report identifies weak passwords, ones used multiple times, and those that haven’t been changed for a while.

It also provides a full security audit that checks for pwned passwords (real-world passwords previously exposed in data breaches) and highlights sites where two-factor authentication is offered but not used.

  • MacUpdate User Rating: 3.0
  • Version Reviewed: 7.4.1
  • System Requirements: OS X 10.13 (High Sierra) or higher.
  • Licensing: $2.99/month for a single user or $4.99 per month for a family of five, billed annually. The subscription comes with a 30-day free trial.
  • Read MacUpdate user reviews of 1Password for Mac.

What Do I Do if I Forget My Master Password?

Recovering your master password may be a challenge, and varies depending on the password manager you install. Refer to the vendor’s website for ways to recover it. In most instances, recovering a master password is not possible, and you’ll need to reset and reinstall, losing all of your data.

Note: Vendors providing good password managers DO NOT store your master password, so they can’t help you.

That’s why using Keychain Access along with another password manager is the best way to go. If you forget the master password for one, you can always access your credentials with the other.

Just don’t use the same master password for both!

Write your password down on a piece of paper and store it in a safe place. DO NOT keep it online, on your Mac, or on another device labeled “Master Password”!

How Often Should I Change the Master Password?

If you have a strong password, there is no need to change it. If you do, you’re more likely to use a weak password or forget the new one. Using a strong, unique master password is more important than changing it every few months.

How Often Should I Change My Other Passwords?

If you’re using passwords generated by a good password manager, there’s no reason to change your password unless one of your accounts has been compromised. Review all of your passwords and replace those that are weak, using your password manager to generate strong, random passwords.

The Bottom Line

Protecting passwords on your Mac is a must and relatively easy to do. Implement password best practices by:

  1. Using macOS’ Keychain Access together with a good password manager of your choice,
  2. Using the password generator to create strong, random passwords.

But don’t delay!

Install a password manager and secure your passwords today!

Marta Turnbull

Marta Turnbull

Head of Community at MacUpdate

Marta Turnbull is a MacUpdate OG and has written about technology, marketing and brand creativity for over 10 years. She splits her time between Michigan and Ukraine.

Join over 500,000 subscribers.

Subscribe for our newsletter with best Mac apps offers from MacUpdate.