My good friend is adamant that Keychain Access already provides the functionality of 1Password just without the nice GUI.
Is he right??????
He says this:
1Password may be useful for some people because of its nice interface and because they have simple computing requirements. In the following I summarize why it does not (yet?) apply to me.
Aging algorithm: I do not store banking passwords in the keychain but rather in a secure note inside the keychain. There, I don't spell out the password but describe it in words in a foreign language. As it stands now, it is still cumbersome for a casual hacker to crack the current algorithm.
Forms function: I found that for myself, filling in forms by typing is easier than auto-fill, then check and then correct. It is possible that for people with only one address and one email and two telephone numbers (I have 3, 3 and 7) it works well and maybe 1Password has a nice algorithm and it works better than Safari's built-in. But I would always have to go back and check. This can take as much time as the actual typing.
It is also nice to share passwords across browsers. I hate the way Firefox does it because I have to type a master password every time I launch Firefox. But I use Safari for most of my browsing and therefore the issue is not very big.
Having keychain compatibility with Windoze would be nice because I need it for testing FileMaker, accessing a defunct database and for browsing in IE. At work I use terminal server or an actual workstation and at home I use CrossOver (Wine) which works astonishingly well. 1Password will in most likelihood not work in the latter because it is not a full-blown Windows environment.
Running yet another process when you already have one running is adding another resource. Therefore its advantage needs to be compelling. Such as the resource that remaps the MacBook Enter key to an Option_Right. I use this key several times a day.
This additional process needs to integrate with other programs and has thus theoretically more of a chance to make a program or the OS unresponsive. Maybe it is coded well though.
Does 1Password grab all passwords that keychain does? That is, including AFP and SMB mounts? Including those for Microsoft TerminalServer? These are probably not instances a casual user encounters a lot. But we do at work and I would go crazy if I had to type these several times a day.
And, most importantly: Does the syncing over Dropbox allow for two computers to simultaneously write to their respective keychain files? While I am not using my computers simultaneously, I do not log off of them when I leave home or work. Meaning that the keychain is constantly running and potentially updating.
Dropbox uses an easy-way-out approach to this dilemma: if one file is written to by computer A but has also been updated by computer B, Dropbox will create a new file on computer A and suffix it with "created by Computer B on Date and Time". This is maybe OK for a file that you access directly but it is not at all acceptable for settings files such as the password ones.
As an example, I am using an encrypted sparsebundle disk image to make Dropbox more secure. A sparsebundle breaks the one monolithic disk image file into 8-MB segments which eases backup and synchronization because rather than copying the entire 250 MB, just the 8 MB that have been changed need to be copied.
If I forget to unmount this disk image at work and start using it at home, Dropbox creates disk slices with the aforementioned suffixes. These new files are ignored by the disk image program and hence I lose information. I suspect the same will happen with 1Password.
And this is probably the reason why so many people have a problem with the way Apple syncs: Apple is doing something that very few companies offer: live sync between computers that are all in active use. This could also be the reason why the keychain "grows". Because it incorporates all changes from all connected computers (in my case: 5-6).
Apple is doing a wonderful job. But it is tricky to achieve that, and it can break. BTW: my keychain has never grown to a point where it was too big or too slow. It angers me that 1Password claims that Apple's approach of non-file based keychain syncing is bad. They obviously did not do their homework right. If all they can offer is Dropbox or the likes, I don't want to be in their shoes when people call them and complain about passwords that never synced.
If Apple kills keychain syncing or if it fails to update keychain to include a new algorithm, I will be sorry to move away from something that is just there, that does not require updating and that just works. But I will do it.