Password Safe on the Mac
I’ve been using a Mac at work for a short while now and am much, much, much happier for it. As my coworker Mr. Ladwig says, I swear a lot less at the computer now. But there are a few Windows apps I’ve missed. Small things that aren’t quite worth firing up Parallels for, or that it wouldn’t make sense to anyway. TortoiseSVN is one, although I can work around that with the command line and Eclipse (and wait for Versions to be released). I miss TrueCrypt, which I used for anything that mattered, but FileVault and OS X encrypted disk images meet my needs, though I do look forward to an OS X version of TrueCrypt. If I had ever been more willing to dive deeply into the Windows world instead of just tolerating it, no doubt I would sorely miss PowerShell. But I don’t.
I can cope without all of that. What I really, truly miss is a good password manager. Namely Password Safe. With Password Safe, I never need to know any of my passwords. And I don’t. Password Safe can generate and store strong passwords and never display them to me. (Under the same principle, for some web sites I use a modded version of a password generator bookmarklet that you might find useful. It’s not perfect but for many things it’s good enough.) Passwords are stored in a believably cryptographically strong manner. After I copy a password to the clipboard to paste elsewhere, the password can be cleared from the clipboard by minimizing or closing Password Safe. Yes, keeping sensitive data in a shared clipboard makes me nervous. It minimizes and locks itself after a configurable period of time.
It works well and I trust it.
OS X has Keychain, a password store with strong crypto. It’s nicely integrated into the OS and made available to applications. Subversion finally uses Keychain to store passwords on OS X (instead of leaving them in cleartext, which you’ll find on Unix systems. Grrrr…). I can use Keychain to manage my passwords, but it badly needs some user interface work. Yes, it can generate passwords using several different algorithms, but I rarely succeed in creating a new password. There’s no clean way to copy the password to the clipboard, and when I do it visibly exposes the password in cleartext. Then I can’t clear it from the clipboard.
Keychain just needs a little UI love.
Last night on Twitter I was bemoaning the situation. Stephen Collins immediate responded, pointing out that there’s a Java version.
What? I didn’t see that in the list of related projects! Oh, that’s because it’s not there. It’s down under news from 16 January 2007. Of course.
But it’s there, and it works. Not surprisingly for something that’s at version 0.6, it’s not as polished as the native Win32 version. And maybe it needs a little Filthy Rich Clients love. But so far it’s a far sight better for what I want than Keychain is.
I should probably try Password Gorilla, too, which I’d conveniently overlooked. It reads and writes Password Safe 3 databases.
Thanks, @trib.
31 Aug 2007 Sam
Have you considered an online password manager? Since it runs in the browser, it doesn’t suffer from cross-platform problems and the encrypted data is stored online, so you can access it via web from anywhere really.
Just to clear up: all the encryption/decryption happen in the browser and only encrypted data ever gets sent over the wire. The technique is called “Host-proof Hosting”.
I’m a PassPack founder, so I’m biased towards my own product, but there are others out there too (just make sure they use Host-Proof Hosting – not all do).
PassPack doesn’t have the clear clipboard feature you mentioned, but it does have an auto-login tool which makes copying the password unnecessary in most cases.
Cheers,
Tara
http://www.passpack.com
Sorry, I forgot the link for Host-Proof Hosting:
http://ajaxpatterns.org/Host-Proof_Hosting#Solution
I haven’t considered an online password manager, no. And although I’ll give PassPack a shot because I’m curious, I have to say that I’m unlikely to rely on it for anything important because I know enough about web application security to, well, not trust web applications.
Fair enough. Let me know your thoughts.
1passwd
Thanks, Jim. I looked at 1passwd a while back and was impressed. Nice overlay on the Keychain. I wasn’t quite ready to drop $30 on it, though. That pushes past a comfortable price point for small Mac utilities, which for me caps out at about $20. But I had forgotten about it, so thanks for the reminder. Do you use it at all?
It is what I use. I got it on MacZot for a lot less when it was a zot. It has a very complete feature set for managing passwords and secure notes. It supports forms and those old-school login dialogs that you still see in some cases (I can’t even remember what they’re called!). It supports a wide array of browsers on the Mac and is actively developed.
They offer a 30-day money back guarantee and have a limited trial version you can download. I started with the trial, liked it and bought. I didn’t have to test the money back guarantee!
Password Safe for Windows is totally addictive. I’m a web developer with enough of a background in security to appreciate how hard good passwords are to maintain.
I use Password Gorilla on my non-Windows machine, and it is functional but has a terrible UI in many small ways. You use the control key instead of the Apple key in ways that don’t match the Apple CUA mode. Opening a dialog which is already open but in the background leaves that dialog in the background so you have to hunt for it. Etc.
There is a “port” of password safe to the mac going on. I’m working on it as we speak. It will be compatible with the windows version of password safe files of course, but will also take advantage of osx (and iPhone). It’s a part time thing, so I doubt I’ll have the beta ready until dec 08. Cheers.
Cool news, Zed. Looking forward to it.
Team,
I have used PasswordSafe for about 3 years and completely satisfied. The import and export did not work as suggested between keepass and passwordsafe. But other than that on windows its the best and saved me a lot of heartattacks.
Now I also own a Mac and was pleasantly surprised to see the same program PasswordSafeSWT. Trying this out but at least I have some hope on the mac.
Venkat
Unfortunately I find cross-version to be an issue… The PasswordSafe SWT seems to have problems with 2/3 of the safe’s I tried to open that were created with the Windows version.
I’ve tried the SWT version of password safe before, and it isn’t compatible with the latest windows version. Hasn’t been updated since 2007. This may explain some of your issues.
Just tried Password Gorilla (on the mac) and it looks nice, and reasonably stable. — hasn’t been updated since 2006 though. I’ll be using Password Gorilla.
Thanks for the heads-up. I find PasswordSafeSWT to be excellent. I got it here:
http://sourceforge.net/projects/jpwsafe/
and got it running on Snow Leopard with this hint:
http://compileyouidontevenknowyou.blogspot.com/2009/08/passwordsafe-on-osx.html
When 0.8 comes out, it will work without any work-arounds. Looking at the SVN check-ins, one can see that it is being actively developed. That’s great news – first, because it opened my psafe3 database from Password Gorilla on Linux, second, because it’s free (as opposed to $40, plus periodic upgrade fees).
Secure, portable, free.
Looks like it’s all fixed now via Apple’s lovely updates :)
I’m on 10.5.8 and just downloaded the beta from the sourceforge link and install/working with no extras required …
joy
Just stumbled on this while looking for a password safe on Mac option.
In case you haven’t taken a recent look at 1Password, it’s seriously awesome and getting awesomer. I highly recommend it, and I highly recommend using it with Dropbox to sync your safe between multiple systems.
Unfortunately it doesn’t yet have native pwsafe3 import… =/
A cross-platform alternative is KeePass (mentioned above), which is functional but not as nice GUI wise.
I arrived at this post because, even 5 years later, it’s a top hit on Google for “password safe for mac”
I’m a recent convert to Mac myself, and I agree completely – I’m a PasswordSafe addict and so finding an equivalent for the Mac was a must.
I’ve been an iOS user for quite some time, though, and very happy with the iOS app “pwSafe”, which is fully compatible with pwsafe3 files and has a very nice Dropbox/iCloud integration.
http://itunes.apple.com/us/app/pwsafe-password-safe-for-ios/id440783112?mt=8
When I came to this site, I read Zed’s comment about the port and thought I should change my search to “pwsafe for mac” And wouldn’t you know, with their latest version, they just added an OS X version! Just picked it up and ran back to comment. Hope this helps!
I’m confused. I have a version of Password Safe running on my old Mac, but when I look for a new version for a new machine it sounds like no such thing exists. The icon & behavior are identical to the PC version I have on a PC at work.
Did there used to be a mac version that was dropped?
THanks, Paul