You might ask why you would want to move your password data from a web browser to a password manager. The reason should be simple thanks to concerns surrounding browser security, but the Opera security breach should really make you stop and think. While these trusted companies – Firefox, Opera, Google and Apple – may do their best to protect your data both while it’s in transit or stored on a secure server, sometimes their methods are not always secure enough.
But even if any of these companies managed to fully protect your data, the reality is that web browsers and Apple’s Keychain are now way more limited than what password managers are capable of offering. Our activity these days isn’t solely limited to filling out web forms, whether with our login credentials or credit card info. We use apps, create notes or private documents, and sign into other services, all of which we may well use on a daily basis – and all of which require personal credentials to access.
That’s a function that password managers can fulfill that web browsers or Keychain Access simply can’t. Apple solved part of this problem by moving from local storage to a secure online storage and continuously syncing data across trusted devices, but the problem is that this locks users into the Apple ecosystem. If you are using a Windows or Android device, then you are out of luck. This is another way that password managers such as 1Password, Dashlane, Sticky Password can fill in.
Keychain Access is a macOS app that stores your passwords and account information and reduces the number of passwords that you need to remember and keep track of. And because Keychain Access securely stores and plays back usernames and passwords, it’s possible to come up with a strong and unique password for each and every account.
In order to have the keychain data protected, make sure to set up a login password for your Mac. Keychain Access also manages certificates issued by trusted organizations to validate websites, digital documents and web-based materials. Keychain works in collaboration with iCloud Keychain, which lets you share keychains with your other devices. All shared data is managed using the user’s iCloud account.
How to Export Passwords From Keychain Access
When you finally decide to import the keychain items from one computer to another, it’s simply a case of exporting them. To do that, do the following:
- Select the items you want to export in the Keychain Access window.
- In the menu bar, click File then Export.
- Select a destination location and file type, and click “Save”.
- Enter the admin password when prompted.
Important: If the Export Items menu is grayed out then at least one of the selected items can’t be exported. The admin password is required to access the exported keychain items, but some exported items – like public keys – don’t require an admin password.
Convert Password Data to Supported Format
After deciding on a password manager you just need to move the existing database into the new ‘safe’. But there is a tiny problem: password managers don’t support the native keychain format, so it’s necessary to use a third party converter tool in order to change the database into a format supported by the chosen service, such as .CSV.
If you really need to speed up the process, Apple Support Community members point to a GitHub repository that includes a script to export iCloud Keychain and Safari credentials to a .CSV file. This way you only need to import the .CSV file to the selected password manager.
There is one thing to keep in mind, though. When working with any of these third party converter tools downloaded from websites other than that of the password manager you’ve installed there is, in fact, a risk of exposing the protected data.
Since it’s not always clear how these programs deal with the conversion they could, at best, unveil the data in an unencrypted plain text format. In the worst-case scenario there could even be a risk that the software actually sends your data to a hacker or someone who might sell your data on to someone else to use for nefarious purposes.
This is why 1Password’s team members recommend the time-consuming but more secure method of importing the data from iCloud Keychain or Chrome by letting the browser extension add them incrementally. It’s a much simpler process: every time you sign into a website that has not yet been saved in 1Password, a popup window will appear asking whether you want to save the login in the password manager. By clicking “Save” another important login is added without exposing the data to others.
Best Password Managers of 2018