Like many of you, I am unofficial tech support for some family/friends. I am preparing to help someone move away from Lastpass, they are not super tech savvy and don’t have any non-Apple devices.
In this context (a non-techy older person who can learn things to a point but needs simplicity and uses only Apple stuff) is iCloud keychain a reasonable choice when it comes to privacy, security, and ease of use? What are the downsides and upsides?
Probably the best option if your family uses all Apple stuff. It integrates really well and you can use their devices/Apple ID to recover their passwords. I think for this use case, minimizing the moving parts is the most important thing. Of course, if they have non-Apple devices then it suddenly becomes a lot less convenient.
My only concern is, I see a lot of people getting locked out of their Apple ID on Reddit and other sites. If a person is locked out, they are locked out of their passwords, iCloud, iCloud email, and more.
Maybe move from Lastpass to another password manager that has a family plan. This way, you as “family IT” can help them if they lock themselves out of their password manager.
Have you considered Bitwarden?
After setting it up, it’s a pretty similar experience when compared to iCloud Keychain on iOS at least. iCloud Keychain might be faster, but not by that much.
Less so on Mac, since you will need to install an extension or the desktop app but nonetheless works fine (and you can always enable auto-fill on browser, so it fills without even needing to click anywhere). This is where iCloud Keychain really makes a diference, specially with Touch ID.
I’ve used iCloud Keychain in the past even for MFA authentication codes, my Apple ID never got locked but I always felt that having everything attached to Apple (or any other company) couldn’t be a good choice.
My mom and dad (60+) both use Bitwarden on iOS devices. They got ocasional doubts or requests for help, but it worked much smoother than I antecipated.
good to know that this is acceptable but I have both last pass (institutional), icloud, secured password protected apple notes for ones that i need during travel and a master spreadsheet for all.
I am non-techy but I can understand and also the unoffical tech support. I am trying to make this easier for myself as well. After I have been using lastpass, it is so convenient.
Is Apple notes when locked with a different password from all - also acceptable?
It’s going to be a lot less convenient than a proper password manager but security wise I don’t see a problem, they’re e2ee when you lock them with a password.
Apart from being open-source, what’s the point of using Bitwarden instead of Keychain ? Because it is e2ee
Just two from the top of my head: you can easily export (Apple Keychain only allows it on macOS), it is interoperable which means it can be used on any device despite the operating system or browser.
i’d just go with icloud keychain purely because it’s one less password to remember – it’s just the same as whatever they use to log into that particular device