Apple’s free Passwords app can replace your paid password manager (kinda)

Macworld

Password managers such as 1Password and LastPass are great. We maintain a recommended list of Password managers for a reason—a good one makes it easy to use strong, unique passwords everywhere on the web, no matter what platform or browser you happen to use.

But to get the most out of them, you need to pay a subscription fee. It only makes sense–there’s a cost to running these cloud services. But now that Apple is introducing a standalone Passwords app in iOS 18 and macOS Sequoia, I wondered if I could drop my 1Password subscription and save a few bucks a month. I also use Authy for two-factor authentication keys, and I love it, but since Apple’s Passwords app supports standard 2FA keys as well, I could effectively eliminate two apps from my iPhone.

About a week ago I took the plunge, and I learned that most users can replace their paid password manager with Apple’s free solution. There are a few wrinkles and annoyances, but it’s definitely “good enough” for most everyday users. Apple could stand to polish up its app in a few places, and it’s not going to get the job done for power users, but the biggest annoyance I ran into was actually making the switch, not using the Passwords app after getting it all transferred over.

Making the switch is the worst part

The worst part of moving from 1Password and Authy to Apple’s Passwords app has been literally making the switch.

Getting passwords out of 1Password was easy enough. 1Password can quickly and easily export passwords to CSV format (comma-separated values), and the Passwords app quickly imports them. It dealt with duplicates well enough, and only a handful of passwords didn’t import.

Dealing with those was more annoying–either reconciling the problem in 1Password and exporting again, or adding them manually. It’s not difficult, but it’s a tedoius process.

Even worse was moving 2FA codes from Authy. I love Authy’s cloud sync and backup, but there’s no official export function. Without relying on third-party tools that I might not trust (and don’t want to set up), that means logging in to every account I have a 2FA code for and adding a new one. In many cases, the service only allows a single 2FA code and I had to disable 2FA and set it up again from within the Passwords app.

That’s easy enough–it supports the standard manual code or “scan a QR code with your phone camera” methods. Again, it’s not a hard task, but it’s an hour of busy work I’d rather not have had to do.

Then there are other apps. I use Chrome a lot, so I had to grab the iCloud Passwords extension for autofill to work there. I also had to install the iCloud app on my Windows machine to sync my passwords there (Apple provides no password management on Windows, but the passwords sync to the browser extensions through the Windows iCloud app). The whole process took most of an afternoon, and I spent the next few days cleaning up the occasional bad URL or duplicated password.

Those who don’t already have a password manager won’t have to go through any of this, of course. If you’re thinking of switching to save the fee for your password manager, expect it to take a little time.

Foundry

Good enough for most

Apple’s Passwords app works well enough for the basic functions most of us rely on. It stores and fills login passwords, Wi-Fi passwords, 2FA codes, and passkeys. It warns you of easy-to-guess passwords, reused passwords, and passwords that appeared in major data breaches. It’s also relatively easy to securely share passwords with others. Apple also provides its own suggested passwords for new signups.

It doesn’t give you much in the way of other features–stored credit card and identification info to autofill in forms, secure document storage or notes, and so on. Apple has other apps that do those things in encrypted ways, but if you use other platforms and browsers, they’re not easily available.

I prefer the interface of some other apps to Apple’s rather pedestrian effort, too.

After setting up the browser extension in Chrome, you’ll have to enter a six-digit passcode (generated by the iCloud Windows app) to sync the browser extension with your stored passwords. It won’t enter 2FA codes, so you’ll have to look at your iPhone for that. If you use Firefox or a browser that doesn’t support Chrome extensions, you’re out of luck: Apple doesn’t make an add-on.

Good news, though: With macOS Sonoma and the new Passwords app, the Chrome and Edge extensions now work on the Mac, too.

Suffice it to say that for most users, Apple’s Passwords app gets the job done. It’s not a luxury experience, but most people don’t use a password manager at all…getting them in the door this way is a good thing. If you just love your current password manager and use it to connect to multiple platforms and browsers, it may well be worth continuing to pay its subscription fee.

If you primarily use Apple products and Safari, you’re going to have a smoother ride, and it’s hard to recommend a paid password manager for all but the most picky of power users.

Areas where Apple can improve

Apple could make the Passwords app a really great solution for most users with a few improvements. Increasing the font size on the 2FA codes by a few points would help. There’s text at the top of the Codes screen that shows you how long until the codes reset, but it scrolls off the top of the screen when you scroll down your list–it should stay anchored at the top of the screen.

There should be a Firefox extension at least, and both it and the Chrome extensions should use the same foundation as passkeys to allow you to unlock them with Face ID on your iPhone if you don’t want to type in a six-digit code on Windows (on Mac, you use Touch ID to unlock the Mac passwords app).

Foundry

You can easily export all your passwords on a Mac, but doing so on an iPhone or iPad doesn’t seem possible at all. Something as critical as our passwords shouldn’t be dumped into a one-way bit-bucket like this.

Even without these changes, the new Passwords app is…fine. For the bulk of Apple users who don’t regularly use other platforms or browsers, it’s very low-friction, and even for those who use Chrome or Edge and even Windows, it gets the job done well enough. It’s a big step up from the status quo in iOS 17 and macOS 14, which is all your password stuck three menus deep in Settings, and it’s a great first step for the majority of users who don’t use a dedicated password manager.

I just hope Apple doesn’t wait until iOS 19 to make some improvements, because it could be great.