Roll Your Own Simple Password Manager on macOS

I’ve tried 1Password and Dashlane, and several other popular password managers for both Mac and PC. It always seems to be the same thing: things start off great and then go downhill from there. For example, I was loving 1Password, and then it locked me out of my password file/account. Likewise for a couple of years Dashlane was great, but then they started making drastic changes like moving from standalone app to browser extension Web-based UI. The confusion involved with that change is what prompted me to finally figure out another, simpler solution for storing and managing passwords and other sensitive information. Turns out you can get security and freedom via DIY.

You don’t need an app to secure your passwords.

Contents

• I don’t want “cloud based”
• I don’t need no fancy features
• Keep it simple stupid
• Roll your own password manager
  • Step 1: Create a folder and some files
  • Step 2: Encrypt the folder with Disk Utility
• Wrap up

I don’t want “cloud based”

Unsatisfied with the costly, confusing, and bloated 1Password and Dashlane, I spent some time researching options for alternative password manager apps. Unfortunately everything I found for macOS is cloud-based. And I’m here like “no thank you” — I no longer trust any third-party service with my passwords. So that rules out most of the big ones:

• 1Password
• Dashlane
• NordPass
• LastPass
• RememBear
• Keeper
• Sticky Password

I did find Keepass which looks like a good stand-alone non-cloud based password solution. But they are not developing for macOS only PC/Windows (see update below). All other apps that I could find insist on making things as convoluted and opaque as possible, requiring you to provide your “master password” right up front, before even opening the door you have to give it all up. It’s just not for me, not for my passwords.

For managing passwords, blind trust is never the solution.

I don’t need no fancy features

Beyond the whole cloud-based trust issue, it seems all the current password apps are super bloated with all sorts of useless features. Features that I never have needed or even thought about even once in 20 years working online. Stuff like:

• Login sharing
• Dark web monitoring
• Resource monitoring
• Version history
• Categories and tags
• Store one-time (2FA) codes
• “Achievements” to teach best practices
• Support for face and fingerprint ID
• Protect your vault with biometrics
• Build Trusted Contacts
• Import passwords
• Receipts Storage
• Massive UIs
• Favorites

And on and on they go. I imagine adding tons of features is necessary to stay competitive with all the other password managers. That is good news for people who want stuff like “Achievements”, “Trusted Contacts”, and “Version history”. Yeeesh. I’m sure there are folks out there that gobble it all up, but I am not one of them.

Keep it simple stupid

For my own workflow, I use none of it. I work close to metal at all times. So my required features for optimal password management are fundamental and simple:

• 100% Trust
• 100% Privacy (not cloud-based)
• 100% Full control
• Strong data encryption
• Lightweight (no bloated features)
• Portability
• Extensibility
• Easy data backups
• Searchable data
• Flexible organization
• Consistency
• Reliability
• Simple to use
• Affordable

Is there an app out there that meets these basic requirements? If so, I have been unable to find it. So after getting frustrated by all the bloated cloud-based “do-it-all” password apps, I decided to just roll my own. Like how we did things before the concept of “cloud” anything pushed onto the scene.

Roll your own password manager

Here is my solution for a simple, lightweight, bloat-free, non-cloud based password manager that meets all of the requirements outlined above. Basically what we are doing here is creating an encrypted folder to store all of our password data. Simple, concise, and effective.

Step 1: Create a folder and some files

Create a parent folder and add a few blank plain-text files. Everything contained in the parent folder will be encrypted and used to store your passwords. You can add more files at any time, rename things, whatever you need. Here is a screenshot:

Create a folder and add some text files to store your passwords

Step 2: Encrypt the folder with Disk Utility

Open the macOS program called Disk Utility. It is located in your Applications folder under a subfolder named “Utilities”. From the menu, select “New Image” ▸ “Image from Folder..” and choose the “My Password” folder you want to encrypt.

Here are some screenshots to help visualize so far:

macOS Disk Utility ▸ Menu ▸ New Image ▸ Image from Folder..

After clicking “Image from Folder”, select the “My Password” folder you created in step 1

After selecting your password folder, a new dialog will ask for some details. By default, it looks like this:

Showing the default options when you first select your password folder

Here is a rundown of the recommended options:

• Save As — This should be the name of your password folder
• Tags — Doesn’t matter, enter some tags if you want, or leave blank
• Where — Choose where to save the file, can always move it later
• Encryption — Choose either 128-bit or 256-bit (recommended)
• Image Format — Select “read/write”, so you can make changes to your files

When you choose the Encryption, a new dialog will ask for your password. This will be the “Master Password” for your password folder. So choose something super strong and random, just like you would for any other password app. Here it is asking for your password:

Upon selecting an Encryption option, a dialog asks for your password

After entering your password (twice), everything should be ready to go. Here is how it should look at this point:

Disk Utility dialog configured and ready to go

So when everything is ready, click the “Save” button to create your encrypted password file. After Disk Utility completes the job, it will display the results as shown here:

After Disk Utility completes the job, it will display the results

If all goes well, the result should be “Successful”. If it is not successful, you will need to do some troubleshooting to try and resolve whatever issue is happening.

Lastly, click the “Done” button to close the dialog and complete the task. You now have a strongly encrypted password file, located in whatever location you specified during configuration. Now you can add your passwords and organize them however you want. You can add any type of file, organize things as you like, and make backups easily by simple copy/paste.

Wrap up

I’ve been using my DIY password manager for several months now, and absolutely love the fine-grained control and freedom it brings. Felt SO good finally ditching Dashlane. No more recurring payments. No more confusing changes. No more “trusting” some third-party corporation with my sensitive data. Indeed, I now enjoy all of the benefits outlined above, with none of the unwanted bloat.

To be fair, there are some potential downsides to rolling your own password manager. The biggie for most: manually managing your passwords requires more time and effort than going with an automated app. So it’s a trade-off between time/effort and ultimate control and privacy. Other than that, it’s all good.

If you have any related/useful experience, tips, etc., please share in the comments. There are lots of folks out there looking for simple non-third-party solutions for managing their passwords. Cheers people.

About the Author

Jeff Starr = Designer. Developer. Producer. Writer. Editor. Etc.