We all have so many passwords to keep track of! If you’re still not using a password manager, make it your New Year’s resolution to start.
I last wrote about this two years ago in Notes on Password Managers. In this note, I’ll talk about the password manager I was using, what I switched to, and why I made the change.
The Landscape
First, I’ll mention the password managers that everyone recommends:
- For most people, 1Password is the standard recommendation. It’s high-quality, proven secure, and easy to use.
- For techies the standard is Bitwarden. It’s highly functional but has a more barebones interface compared to 1Password. Unlike 1Password, it has a free basic version.
What I Was Using
For years my family and I used 1Password. All password managers have the same core features, but 1Password was the most polished and the easiest to use, especially compared to competitors like Bitwarden or Lastpass. It is trustworthy, and has a well-documented security design.
So why did I switch?
Starting in 2019, 1Password began to focus on the enterprise market. They developed great features for big-company customers, like automatic AWS sign-in, SSO, and fingerprint auth for SSH.
Unfortunately, development stalled on consumer-facing features and fixes, which has become frustrating for technical users like me and consumers like my family.
Requests by technical users are met with friendly but vague corporate responses. For example, there’s a long thread asking for the techie-favorite Orion browser to be supported, which took months, with the Orion developers reporting that they had been ignored. Meanwhile, the enterprise Arc browser was instantly supported. Posts questioning this were removed from the support forum.
More recently they added telemetry, which has not been well-received.
Development of the browser plugin, arguably the most important part for consumers, has also stalled. In May 2022, 1Password released a major update changing how passwords are organized, with a new concept called Collections. As of January 2024, the browser extension still doesn’t support these changes, creating a confusing situation.
In short, development stalled on features users care about.
What I Am Using Now
I’ve switched to Apple’s built-in password manager, which I am calling iCloud Passwords. Unfortunately, it doesn’t have an official name. You can find documentation here for Mac, here for iPhone, and here for Windows (!!). Over the last two years, the Authentication Experience team at Apple has thoroughly improved this feature.
_Apple-provided screenshot. Not my accounts._
This is a password manager, not for other data like 1Password. For items like software licenses and health insurance cards, I am considering Apple Secure Notes or encrypted disk images.
iCloud Passwords does passwords very well:
- Reliable autofill that doesn’t block fields I am trying to fill in
- It has the best autofill implementation that I’ve seen
- Excellent passkey support that could eliminate passwords
- 1Password can do this, but I never got it to work
- Free, built-in sync across Apple devices
- Selective password sharing
However, there’s no dedicated app! It’s only a settings panel. You should install this unofficial Shortcut for easy access on your iPhone and Mac.
Apple needs to make this an official named product with its own app. If they do, it will likely become the go-to password manager for Apple users. For now, it remains hidden in Settings.
And it has become a favorite among Apple tech nerds. It helps that the lead developer engages on Mastodon, building goodwill.
You can import from 1Password, but I’m manually moving over passwords as needed. There are too many old, dead passwords in my 1Password vault.
So far, I’m very happy with the switch.