Protecting your online identity
While googling for a solution to get my yubikey/pgp setup properly working with github’s new PGP signing feature, I found a post from the guardian about protecting your online identity. Skipping through this post, I realised that, despite using technologies as PGP, I am/was using a fairly weak mechanism to manage my passwords. And that I am sloppy on staying disciplined on my passwords (223 duplicates tells 1 password me now). So no excuses anymore for not start using a password manager.
1Password, Lastpass or ?
But which one? Google for lastpass or 1password and you will get
Eventually it boils down to your personal preference and if you have a license somewhere. So I decided to give 1password a try.
Moving away from icloud keychain?
So I installed 1password and actived my license (jeej! v4 license still valid for v6, nice one!). But then you find yourself with an empty 1 password vault and you start looking for an import option to import your keychain passwords.
There isn’t one.
1Password provides a convert utility, but that one didn’t work for me:
But then I found this gist with a ruby script in it.
It works great. But… you will need some wisdom from the agilebits conversion package.
The security tool only supports dumping entries from local keychains; iCloud keychains require copying entries to a new local keychain.
So copy the contents of the icloud keychain to a local keychain. Detailed instructions including a nifty snippet of applescript can be found in the readme of the agilebits conversion tools.
And the applescript snippet in the gist to automagically click on the 600+ allow boxes didn’t work for me. But the one provided by Agilebits did do his job:
Awesome. All my icloud passwords are now available in 1 password.
Don’t forget to delete your temporary plaintext files when you’re done.