Using a strong password is critical to the security of your online accounts. However, according to Dashlane, US users hold an average of 130 different accounts. Memorizing strong passwords for that many accounts is impractical. Fortunately, password managers solve the problem.
Password managers address the issue of needing a strong password by taking the memorization out of the equation. No longer do you need to worry about remembering all of your passwords, as the manager stores the information, and it can even be auto-filled when required. You only need to protect the one database.
The iOS App Store contains several great password managers to choose from. We installed and tested all of the top offerings and have concluded that the following four managers are the best available. Using any of these password managers on your iPhone or iPad will dramatically improve the privacy and security of your online accounts.
Table of Contents
What Are Password Managers?
A password manager is an app with a database containing your login information for all the various accounts you use. The database is typically encrypted with a master password to prevent unauthorized access. While the master password may be combined with other secret unique information to increase security, you usually won't need to memorize anything more than the master password itself.
The master password is how one part of the typical password dilemma is solved — you only need to memorize one strong password for all your accounts. For example, something like |0%/p9PsZjAiJ4e@ is considered secure because it uses a variety of characters. However, you don't reuse that password — instead, you allow the manager to create strong passwords for all your other accounts.
Once a master password is created, you add the login information for all your accounts into the database. Then, you'll want to replace the password for each account with a stronger one. Using the "change password" function for each of your accounts, the password manager will create a new passcode. The manager will allow you to choose from various parameters, such as whether to include uppercase or lowercase, special characters, and the overall length of the passcode, to create a strong password that you will never have to memorize.
Comparison Chart
Key Comparison Points
Pricing
- Basic Subscription: The price to unlock all or most features for a single user. Sales tax is not included in the price, but depending on your state, you may need to pay tax.
- Premium Subscription: Some apps offer multiple pay subscription levels. The higher-priced tier with exclusive features is more for power users. You only get a few added benefits such as credit or breached accounts monitoring, chat, file storage, or identity protection. Sales tax may apply in your state.
- Family Plan: These plans provide value pricing for multiple users with sharing abilities. All but LastPass provide five user accounts for the listed price, with LastPass including six. Like the Basic Subscription, it will unlock all or most features, and sales tax may apply in your state.
- Premium Family Plan: It's just the Premium Subscription and Family Plan combined. Sales tax may apply in your state.
- Student Plan: Not every company will offer students a discounted price, but many do, including a few on our list. They provide either a reduced monthly cost or an extended free period. Sales tax may apply in your state for any reduced pricing.
- Free Trial: All of the password managers in our list let you try out premium-level subscriptions for 30 days before you commit to paying.
- Free Version Available: While all of the passwords manages have paid subscriptions available, they also off free plans for users who need only the basic features. These free plans can be feature-filled or very limiting.
- Total Devices on Free Tier: If you have an iPhone, Android tablet, Mac, and Windows PC, you may not be able to use the password manager on all of them with the same account. On the free plans, it could be limited anywhere from one device to unlimited.
- Total Devices on Paid Tiers: The same as Total Devices on Free Tier except there are no limits on how many devices you can use with each account.
- Business Plans: All of these password managers offer plans to be used with teams, businesses, and enterprises. We won't be discussing any aspects of these plans as we focus primarily on personal and family accounts. Just know that these plans are available.
App Features
- Local-Only Mode: It provides security in place of convenience. Instead of using the cloud to synchronize the database, your database resides only on your device. You get more control as to who can view or access its contents, and it decreases the risks of being hacked.
- Offline Mode: There's no way to be connected to the internet all of the time, so all of the password managers in our list let you view your passwords. However, not all of them will allow you to add or edit entries offline.
- Cloud Sync: Your database is stored in the cloud, making it accessible across multiple devices. Using the cloud, any modification made on one device will automatically update all the other devices with access.
- Unlock with PIN: Sometimes, Face ID and Touch ID will fail to register your biometrics. When that happens, you need to input your master password, but some apps let you choose a unique PIN that's easy to remember.
- Audit Passwords: Some password managers monitor all login credentials and will recommend changes to passwords. For example, the manager will recommend changing a password if it hasn't been modified in a while (typically three months) or if you use the same password for multiple accounts.
- Change Passwords Automatically: Some of these apps allow you to change the password of one or multiple accounts simultaneously. Websites need to support the feature for it to work. Dashlane is currently the only one to offer it in its mobile app. For example, LastPass has an "Auto-Change Password" feature but only for Chrome and Safari desktop browsers.
- URLs Per Password: When you have an account with one company and the login credentials work across all of its sites, which may have completely different URLs, it comes in handy to be able to add multiple domains to a password entry. Otherwise, you'd have to create a separate password entry for the various URLs, and that would clutter things up.
- Secondary Username: It's not always easy to remember if you use your email address or a custom name as the username for an account. With a secondary username, you don't have to, because you can input both into the password entry and try one or the other. It's also helpful for keeping track of the email account you used to sign up for each entry.
- Security Alerts: The password manager alerts you of potential threats to your accounts, such as when significant data breaches happen, and you have an account that could be compromised.
- Multiple Vaults: Within the app, you can access multiple vaults (databases) to keep things more organized. For instance, a "Personal" and "Work" vault are two good options to use, so you don't have to view work passwords with your personal ones. We're not referring to using two or more accounts.
- Tech Support: The managers on our list provide support through either an online ticket system, email, or webchat. Email is superior, as you don't have to keep a page open to wait for a response.
- Enable/Disable Clipboard Timer: A clipboard timer controls how long a copied password remains in your clipboard, ready to paste elsewhere. In all apps, the feature can be enabled or disabled to keep copied items in the clipboard forever.
- Control Clipboard Timer Length: The app will or won't let you modify the time in which your copied data remains in the clipboard. LastPass and Keeper are the only managers that allow you to increase or decrease the time.
- Self-Destruct: A feature that will delete all stored data if the wrong password is entered too many times. Keeper is the only app on this list with the function.
- Recover Deleted Passwords: Some apps permanently erase data when you perform a "delete" on an entry, while others keep the data in a trash can for further deletion. Either can be good or bad, depending on your philosophy of security.
- Secure Other Personal Info: Most apps on our list let you add specific types of personal information as personal notes, complete with auto-fill fields that change for each particular piece of information. For example, you might be able to add a credit card with areas relating to card number, expiration date, etc., then turn around and add a bank account with routing number, checking number, etc.
- Upload Files: All four apps allow you to upload certain file types to secure notes or password entries, while some even allow you to upload the files independently.
- Upload File Types: The types of files that you can upload to your account, including photos, videos, and files (documents).
- Opens Links In: With most of the apps, you're not stuck with one browser to launch websites in. While there may be other browsers, such as DuckDuckGo or a manager's own in-app browser, we're focusing on the top three: Safari, Chrome, and Firefox.
AutoFill
- In Apps (iOS 12+): AutoFill lets you auto-fill usernames and passwords into your iPhone apps and browsers. Since iOS 12, managers have been able to utilize native AutoFill, once reserved only for iCloud Keychain.
- In Apps (via Extension): Not all apps have added support for Apple's default auto-fill skills, but there is a fallback option. Most managers on our list utilize share sheets to auto-fill usernames and passwords, and therefore, share the same list of compatible apps.
- Compatible Browsers: The browsers supported by the password manager which can be auto-filled via a share sheet extension. We've only listed the most prominent browsers — Safari, Chrome, and Firefox — but Opera, Firefox, DuckDuckGo, and other browsers may also be supported.
Sharing
- Share Passwords: You can extend access to passwords (whether individually or as a group) to other users. Some managers require that the users receiving access already have an account with the service.
- Email in Plain Text: Sometimes, it can be convenient to share passwords in plain text to friends and family, via any app or messaging service of your choosing. Depending on your view, doing so can be very convenient or a severe lapse in security.
- One-to-One: One-to-one sharing refers to sharing passwords from one password manager account to another. For example, in LastPass, you would share your password with another LastPass user. The password wouldn't be synced to your account, however, so if you ever change it, the other user wouldn't know.
- One-to-Many: One-to-many refers to sharing an item with multiple people using the same manager at once. Again, these items are usually unsynced, so the recipients won't see any changes you make in the future.
- Share Folders: If there are a ton of passwords you want to share, doing so one by one can be tedious. Some services let you share folders with one or multiple users, and they can contain numerous logins.
- Password Syncing: While many of the options above, aside from folder sharing, won't sync passwords changes to shared logins, there's still a way to do so. Some offer it as a premium feature or as a web app-only feature. The users you share passwords with will stay up to date with the latest credentials.
Apple Integration
- Apple Watch Support: With an Apple Watch, you may be able to gain access to your vault from your wrist or use it as a tool to authenticate (multi-factor authentication).
- Touch ID: You can use the fingerprint scanner as an alternative way to log in to the vault.
- Face ID: You can use Apple's facial scanner as an alternative way to log in to the vault.
- Dark Mode: Apple introduced its native dark mode in iOS 13, where an app automatically matches its theme to the system theme. Developers need to add support for dark mode, but all four apps on this list support it.
Security
- Encryption: The method used to ensure the security of the database. As of today, the highest standard available is AES-256 encryption. Encryption protects the database by making it virtually unreadable to unauthorized users.
- Multi-Factor Authentication: Using multiple means to authenticate (identify) users. The most common form is using a third-party authenticator, another app you install that receives an OTP (one-time password) that you enter in addition to your password to prove your identity. Some examples include Google Authenticator, Microsoft Authenticator, and Authy. All four of our managers support multi-factor authentication.
- Emergency Access: In the case of your untimely death or incapacitation, loved ones can be assigned access to the database. That way, your online accounts can be managed or deleted depending on the situation.
- Universal 2nd Factor: Also known as U2F, it's another way of providing multi-factor authentication. U2F is a set of hardware keys (typically USB) that need to be in your physical possession if you want to log in to your database. Since the hardware keys can't be stolen remotely, many feel they provide the highest level of protection. All four managers support U2F.
- Secure Cloud Storage: Encrypted cloud storage that comes with your subscription for uploaded files. Not every service offers the same amount of cloud space.
- Bug Bounty Program: The security of a system is heavily dependent on its ability to work as intended all the time. However, even the most well-written code will have bugs and unforeseen errors. To combat that, companies offer a financial incentive to those outside the company to report these errors. Typically, higher rewards attract more white-hat hackers (hackers for the good guys) and higher-skilled ones. All four managers currently pay out for bug bounties.
- White Paper Available: A technical report on how the software handles security and authentication. It provides the necessary transparency and allows others to make suggestions to improve security for all. All four managers have white papers available.
How We Picked These Apps
Password managers have expanded beyond just housing account information. Many, including each one on our list, have an abundance of features that greatly enhance the experience for its users. While Apple has its own iCloud Keychain manager that helps you find and change bad passwords, there's not much more to it than that, so it didn't even come close to any of the options in this article.
Our first requirement for each password manager was the implementation of the latest security tools. Currently, that means AES-256 (Advanced Encryption Standard with a 256-bit key), PBKDF2 SHA-256 (Password-Based Key Derivation Function 2 and Secure Hash Algorithm 2 with 256-bit digest), and salted hashes. Also, your account should be secured using a password, as it provides the best protection. PIN codes are too short and limited in possible combinations, making it easier for unauthorized users to gain access, but most of these apps do have that if you want.
Our next requirement was that each app has some way to auto-fill usernames and passwords into apps and browsers. Without this functionality, managers become somewhat of a hassle, as they add a step (or steps) whenever you want to log in to your account. Luckily, each of the apps on our list supports Apple's native AutoFill feature and most support browser extensions as well.
Another critical requirement was the inclusion of an Emergency Access feature. It allows you to establish a list of trusted friends and family members who can access your vault in case you are unable to do so (for example, when you die). The access will save friends and family from having to contact each account provider separately and presenting large amounts of documentation to prove their authorization.
- Don't Miss: What Happens to Your Passwords When You Die?
Finally, the app must be well-designed and easy to use. All options should be adequately described, and the layout shouldn't interfere with navigation. Basic tasks, such as adding login information, shouldn't require any assistance from a techy friend. Password managers should be accessible to all users, not just power users.
App 1: LastPass
If you've heard about password managers before this article, it was probably thanks to LastPass, which has been aggressively advertising its services in the last few years. LastPass has lived up to its popularity by creating an app that checks most boxes when it comes to features you'd expect a password manager to have. What makes it number one, however, is the number of features its free version offers. Who says the best things in life aren't free?
- App Store Link: LastPass Password Manager (free, subscription optional)
LastPass was designed for casual users. Its developers worked to ensure the end-user experience was both convenient and straightforward. Menu options are well-described to prevent any confusion. The app lets you add a wide array of credentials to your database, not just online account information. You can add:
- Secure notes
- Addresses
- Payment cards
- Bank accounts
- Drivers licenses
- Passports
- Social security numbers
- Health insurance
- Insurance policies
- Membership cards
- Wi-Fi passwords
- Email accounts
- Instant messenger handles
- Databases
- Severs
- SSH keys
- Software licenses
It lets you auto-fill virtually all information that may be requested online. Since LastPass is the only manager on our list to include cloud sync for free (excluding 1Password's free trial), you can access your information on all of your devices, as LastPass has an extension or app for all major browsers and operating systems. Unfortunately, cloud sync is mandatory, so there's no local-only mode with LastPass.
Secure Notes lets you create small documents that contain bits of information that don't properly fit in any of the above-listed categories. Thanks to LastPass' usage of both AES-256 and PBKDF2 SHA-256, you can be sure your information — as well as any photos you attach — is both secure and private from all unauthorized users. In addition, a paid account gives 1 GB of secure cloud storage to upload file types, while the free account only gives you 50 MB.
Similar to other password managers on our list, you can use iOS' share sheet function to auto-fill passwords, in addition to native support with iOS's AutoFill feature. When it comes to browser extensions, LastPass supports Safari, Chrome, Firefox, Opera, and DuckDuckGo. And for opening links, you can choose Safari, Chrome, Firefox, Firefox Focus, Microsoft Edge, Cake, Opera Mini, DuckDuckGo, and possibly others.
LastPass lets you control how long information copied from the vault remains in the clipboard. It's essential, as data in the clipboard is a frequent target for hackers. When it comes to offline use, you can only view items, so no adding or editing since LastPass is cloud-based and not local only.
LastPass's Security Challenge feature will audit your passwords and provide a score for their overall strength. LastPass's analysis includes scanning the sites associated with the credentials to ensure their integrity and the power of your master password. Suggestions are available to improve your score, giving you a measurable goal to achieve. Your improved passwords will be safe with both multi-factor authentication as well as U2F. Just be careful — you can't recover deleted passwords here.
You'll be safe knowing LastPass sends security alerts when detecting compromised data in your vault or vaults. While its online ticket system isn't the best customer service option we've seen, LastPass does make it easy to set up emergency access contacts via the in-app settings, the only app on this list to do so. You'll just need a premium account.
As good as it is, LastPass Premium has changed over the years. It used to cost less than Keeper at $23.99 per individual but is now technically the second most expensive service on our list at $35.99 per year ($36 if purchasing via the web app). Thankfully, there's a 30-day free trial. Families pay $48 each year for six licenses, which is less than Keeper's annual charge. If you're a student, however, you can get a free premium subscription for six months. Not a bad deal.
If you don't want to pay a dime, however, you can still use most features for free, including cloud sync with unlimited devices, PIN unlock, and multiple URLs per password (via the web app, anyway). What you miss out on most by not paying is access to LastPass' sharing features. While you can share one-to-one for free, one-to-many and password syncing is premium-only. Sharing folders requires a family plan. There's no plain-text sharing, but since that is the least secure sharing method possible, many won't mind.
In addition, you're only missing out on premium multifactor authentication methods, the emergency access features mentioned above, and priority support. Other than those items, LastPass is free to use, which almost seems too good to be true.
No LastPass plan can have passwords changed automatically (it has been testing a non-mobile feature that does, but it's been in "beta" for years); include secondary login usernames (such as a username and email address); or self-destruct the account (which could be harmful if you can't remember master passwords well).
However, there is support for Apple Watch, Face ID and Touch ID unlocking, Dark Mode, and multiple vaults (like, if you wanted one for work and one for personal stuff). LastPass also has a bug bounty program and white paper to check out.
App 2: Keeper
Keeper wasn't always the prettiest app on our list or even the best. With some recent updates, however, both its UI and feature set have greatly improved, and now it has all the major features you would want in a password manager — and then some.
- App Store Link: Keeper Password Manager (free, subscription optional)
With Keeper, pricing is fair. The premium price is the second cheapest option at $29.99 a year. If you're looking to max out your features, Keeper offers a bundle deal for $59.97 a year that comes with Keeper, KeepChat Private Messenger, BreachWatch Dark Web Monitoring, and secure file storage.
Its family pricing is the highest on this list at $59.99 a year, and it only gives you five accounts, whereas LastPass gives away six. If you want the bundle, as described above, that'll cost you $119.98 a year. There is also a student discount of 50% off and a free 30-day trial for premium plans. Paid plans can have as many devices synced as you need.
A free version of Keeper is also available, but you're limited to one device per account with no cloud sync. That does mean free accounts essentially have local-only mode, a plus or minus depending on if you prefer higher security or more convenience.
Keeper does a great job of letting you know the strength of your passwords when manually adding login information. When inputting passwords, a colored bar appears below to reflect the strength of that password; the colors match the same schemes as traffic lights, with red meaning weak and green strong, to eliminate any confusion.
Keeper includes a multitude of authentication options. Choices range from Touch ID and Face ID, which add convenience, to Apple Watch (paid only) and OTP (a one-time password), all of which improve security. Your Apple Watch can act as a multi-factor authenticator, providing an additional tool to identify you accurately. Keeper also supports Google Authenticator for app-based authentication.
You can also increase security by using Universal 2nd Factor to access the vault. However, Keeper doesn't support PIN unlocking, the only app on this list to omit such a feature.
To make up for it, you can both audit your passwords and set up emergency access contacts via Keeper's web app. You won't receive security alerts unless you pay for the BreachWatch add-on, and multiple vaults are only available to business subscribers.
Unique among the password managers on our list, Keeper includes a feature known as Self-Destruct, which automatically erases any local vault on the device after several failed login attempts. When using the premium version, it isn't a huge deal, as a copy is saved on the cloud — but for free accounts, five incorrect attempts can erase the only copy of your vault. While the feature does increase security, the massive consequence makes its overall worth somewhat debatable.
Also, unlike the other password managers, Keeper offers a level of interface customization. The background can be altered using a list of preinstalled choices, and the app supports iOS 13's Dark Mode.
Vital to Keeper's success is the ability to control how long items are stored in the clipboard. It used to be the only app capable of doing so, but LastPass recently added the feature as well.
Aside from native AutoFill support, Keeper supports extensions for auto-fill in Safari, Chrome, Firefox, Opera, and DuckDuckGo. It also supports uploading photos and videos individually or by attaching them to password entries, and it allows you to view, add, and edit items while offline. As for opening links, you can use Keeper's in-app solution or Safari, Chrome, Firefox, Firefox Focus, and Microsoft Edge, among potential others.
Keeper, like LastPass, offers free secure cloud storage. That said, you only get five uploads in total, but each upload on iOS can be as large as 10 GB. Additional storage plans can be purchased as add-ons to a paid subscription. 10 GB comes standard with a family plan. With any storage option, you can upload photos and videos both by themselves or as attachments to existing items. While Keeper doesn't offer much in terms of secure information storage, you can scan documents into existing records via the camera, and each record has a built-in notes feature.
While you can't share passwords in plain text with Keeper, the app makes it easy to share with one-to-one and one-to-many, and it lets you share folders and synced passwords, all for free. If there's one app on our list that's the king of sharing, it's Keeper.
Downsides include not being able to change weak passwords automatically or add multiple URLs or usernames per entry. Its tech support is OK with online tickets and webchat, and if you need to recover passwords, it only works on paid plans. The encryption is AES-256 and PBKDF2 SHA-256 with multiple iteration options, there's a bug bounty program, and you can read the whitepaper on Keeper.
Keeper is a great password manager. While it's missing some features found in other apps, its other features more than make up for the gaps — only at a cost.
App 3: Dashlane
Dashlane for iOS attempts to simplify the password manager. Using a unique approach, codenamed Project Mirror, Dashlane wants to eliminate incompetence when creating passwords for accounts. While this app does include many of the features we've come to expect with a password manager, it's the Password Changer that places it in a league of its own.
- App Store Link: Dashlane Password Manager (free, subscription optional)
Password Changer is a feature that lets you (almost) instantaneously update one or multiple passwords without ever leaving the app. Password Changer includes password auditing functionality, which analyzes the strength of your passwords and recommends which passwords need to be modified to preserve security. Once the accounts are selected, just tap "Change" in the upper right of your screen, then Dashlane will automatically change your passwords for you.
Password Changer is one aspect of Project Mirror, Dashlane's ambitious plan to kill the password. Another significant component is Critical Account Protection, which provides an in-depth analysis of all accounts associated with your email address, including the type of accounts you have and when they were created.
Dashlane monitors your accounts to ensure they remain secure and uncompromised. If there is ever a breach in a site, its Security Breach Alerts feature will let you know and make suggestions to protect your data. Multi-factor authentication and U2F will smartly safeguard your data and passwords, but just know that deleted passwords cannot be recovered.
Dashlane is the best option on this list for local-only fans. Even though the paid version supports cloud sync with unlimited devices, you can choose to disable syncing. If you're using the app for free, your only option is local-only anyway. That might make up for the lack of self-destructing vaults, multiple vaults, and controlling clipboard timer length (there is a timer though, and you can turn it off). That said, Dashlane does sport password auditing, so you can make sure your passwords are plenty secure.
You can enable emergency access contacts, so long as you do so from the desktop settings. PIN unlock is also an option when biometrics fail. You also get tech support via email and webchat. While Dashlane features native iOS AutoFill, it no longer supports AutoFill via extensions. That means you won't find Dashlane in the share sheet, even when using Safari.
One thing Dashlane has that no other app on this list does is the option to input a secondary login username directly from the app. The other password managers only give you a spot for one username per password, but if you're not sure if the username is your email address or a regular one, it could cause some issues. Not with Dashlane.
The two glaring omissions in comparison to the other managers on our list are the lack of multiple vault support and family pricing. Multiple vaults are only available to Dashlane business accounts, and without any family pricing, you must pay the single-user price each for regular use.
Without a family option, you miss out on the typical savings associated with bundled accounts, and Dashlane's single-user pricing is also the highest on this list. At $59.88 apiece — $119.88 for Premium Plus — families are better off paying the additional fee for LastPass' family tier, which provides six accounts. There is a 30-day free trial but no student discounts.
You can go with the free account to save some money, but it will come with restrictions, mainly the 50 password limit Dashlane sets and only one Local-Only device. If you can survive on that little amount of passwords, can make do without the 1 GB of secure cloud storage, and can live on one synced account, you should be able to get away using Dashlane free — especially since Dashlane lets you attached photos, video, and Files app files to secure notes.
Dashlane lets you add the following personal information:
- Secure notes
- Credit cards
- PayPal accounts
- Bank accounts
- Names
- Emails
- Phone numbers
- Addresses
- Companies
- Websites
- Passports
- Drivers licenses
- Social security numbers
- ID cards
- Tax numbers
Dashlane is quite useful when it comes to sharing passwords. While you can't share plain text passwords, you can share using one-to-one and one-to-many. You can't share folders, unfortunately, but you can share synced passwords, so everyone stays up-to-date.
Also, you can view, add, and edit entries offline, a nice touch, which will sync when back online (unless you're on the local-only account, of course). But you only get one URL per password, and Safari is the only browser that opens links. It does support all the Apple goodies: Apple Watch, Face ID, Touch ID, Dark Mode. And it has AES-256 encryption, a small bug bounty, and a whitepaper.
Pricing aside, Dashlane provides a user-friendly experience that even your grandparents would be comfortable with. The Password Changer is a game-changer in the password manager market, providing an enormous convenience that makes it hard for you not to be secure. I'm sure that feature alone could be the spark for some of you to download the app.
App 4: 1Password
In the past, 1Password was known for its local-based security. Now, the company has taken its services from stored-on-devices to stored-in-the-cloud. While convenient for working between multiple devices, some users are upset with the step back in security. Still, 1Password has a lot to offer even the most stringent security needs.
- App Store Link: 1Password - Password Manager (free, subscription after trial)
The cloud-based vault will synchronize your data across multiple devices automatically, but you must yield a certain amount of trust to 1Password, who stores your vault on its servers. 1Password cannot access the information, so there's not a whole lot to worry about, but it's still cloud-based, which is always something to consider.
For $3.99 a month — $35.88 a year — you get a lot for your money. And you'd better, as 1Password has no free version past its 30-day trial. There's also a family plan for $59.88 annually, with five licenses, but there's no student plan. Your vault or vaults automatically sync across all platforms where 1Password is available, and you'll also gain access to 1 GB of secure storage for digital copies of important documents. You can make the most of that storage by uploading individual photos, videos, and files themselves, not just attachments to secure notes.
Speaking of secure notes, you can add other personal information as well:
- Secure notes
- Credit cards
- Identities
- Bank accounts
- Databases
- Drivers licenses
- Email accounts
- Memberships
- Outdoor licenses
- Passports
- Reward programs
- Servers
- Social Security numbers
- Software licenses
- Wireless routers
1Password provides security alerts with a feature known as Watchtower, which alerts you of security breaches on sites you use and recommends a course of action to correct the situation. However, unlike the other managers on our list, there is no way to audit your password.
1Password also authenticates users in a much different way compared to the other managers on our list. Typically, managers use the master password to create a hash to authenticate you with its servers. A hash is a one-way function that alters data (in this case, the master password) to a fixed size. The modification is usually irreversible (hence one-way), so hackers aren't able to derive the master password from the hash.
1Password goes a step further using what's known as a two-secret key derivation. As the name implies, a second component, known as the Secret Key, is used to create a hash. The Secret Key is also unique and only known by you, improving the security of the hash.
The Secret Key is a string of characters that is first generated by your device when you initially create an account. That key is stored locally and is inaccessible by 1Password. While you'll never need to memorize the key (as the system automatically retrieves it), its uniqueness is what makes it secure and helps with authentication. The extra security, plus the addition of multi-factor and U2F, might make up for the fact there's no automatic password changing.
1Password lets you email passwords in plain text but doesn't offer one-to-one or one-to-many sharing. You can share vaults and synced passwords with other users, but only using the web app. If you're looking for intricate sharing options in the app alone, you won't find it with 1Password.
Emergency access isn't as convenient with 1Password as with other apps. 1Password creates an "Emergency Kit," essentially a PDF with your account information. While you can simply send this PDF to anyone you'd like to have access to your account, it's no substitute to the integrated emergency access we see in other apps like LastPass.
You can roll with Apple's built-in AutoFill or opt to use the share sheet extension for apps and browsers. Compatible browsers include Safari, Chrome, and Firefox. As for opening links in 1Password, you can choose between Safari, Chrome, or Firefox.
When it comes time to adding passwords for accounts, 1Password lets you add more than one URL for each password entry, and it's the only one on this list to let you do it from the app. It's very convenient when the situation arises, and it also declutters the vault by not having duplicate entries.
1Password's tech support is good enough, offering emailed correspondence. While you cannot control the clipboard timer length, you can disable it, and you can conveniently recover deleted passwords and use PIN-unlocking when Face ID/Touch ID fails. Like the others on the list, it encrypts your data with AES-256 and has a whitepaper. It's also the only one with a bug bounty program that gives security researchers huge prizes for big vulnerabilities found.
You can add, edit, and view entries offline and have them sync when back online, use it with an Apple Watch, and enable Dark Mode. But you can't add secondary usernames (username, email address, etc.), set vaults to self-destruct after too many failed password attempts,
Convenience seems to be the name of the game with 1Password. While convenience doesn't always equal the highest security, sometimes its worth sacrificing a little for ease of use.
Conclusion
Every iOS user should be using a password manager in this day and age. We, as human beings, can't be expected to memorize strong, unique passwords for each of our many accounts, and we can't be expected to change them every 90 days as recommended. With a password manager, none of that is a problem.
On the iPhone, LastPass is simply the best option. It offers an extensive list of features that are unmatched by the other managers on our list, especially when it comes to free versions. Keeper is a real close second, and if it weren't for LastPass' truly excellent free version, it would be a contender for first place. 1Password and Dashlane are almost neck and neck, but since 1Password is essentially a paid app only, Dashlane's free version helps put it ahead.
That being said, there are benefits to all of these apps. For example, a local-only mode might be important to you, in which case Keeper and Dashlane will be your only choices. It really just comes down to what you prioritize most in a password manager and which of the four here meets those priorities best.
What do you think of our list? Which password manager do you plan to use on your device? Let us know in the comments below.
This article was produced during Gadget Hacks' special coverage on smartphone privacy and security. Check out the whole Privacy and Security series.
Just updated your iPhone to iOS 18? You'll find a ton of hot new features for some of your most-used Apple apps. Dive in and see for yourself:
Be the First to Comment
Share Your Thoughts