While googling for a solution to get my yubikey/pgp setup properly working with github’s new PGP signing feature, I found a post from the guardian about protecting your online identity. Skipping through this post, I realised that, despite using technologies as PGP, I am/was using a fairly weak mechanism to manage my passwords. And that I am sloppy on staying disciplined on my passwords (223 duplicates tells 1 password me now). So no excuses anymore for not start using a password manager.

1Password, Lastpass or ?

But which one? Google for lastpass or 1password and you will get

About 184.000 results (0,45 seconds) 

Eventually it boils down to your personal preference and if you have a license somewhere. So I decided to give 1password a try.

Moving away from icloud keychain?

So I installed 1password and actived my license (jeej! v4 license still valid for v6, nice one!). But then you find yourself with an empty 1 password vault and you start looking for an import option to import your keychain passwords.

There isn’t one.

1Password provides a convert utility, but that one didn’t work for me:

Examined 631 items
Skipped 631 non-login items
Skipped 0 duplicate items
Imported 0 items
Exported 0 total items


But then I found this gist with a ruby script in it.

It works great. But… you will need some wisdom from the agilebits conversion package.

The security tool only supports dumping entries from local keychains; iCloud keychains require copying entries to a new local keychain.

So copy the contents of the icloud keychain to a local keychain. Detailed instructions including a nifty snippet of applescript can be found in the readme of the agilebits conversion tools.

And the applescript snippet in the gist to automagically click on the 600+ allow boxes didn’t work for me. But the one provided by Agilebits did do his job:

tell application "System Events"
	repeat while exists (processes where name is "SecurityAgent")
		tell process "SecurityAgent"
			click button "Allow" of window 1
		end tell
		delay 0.2
	end repeat
end tell

Awesome. All my icloud passwords are now available in 1 password.

Don’t forget to delete your temporary plaintext files when you’re done.

$ srm plain-passwords.txt