Comparison of the OS X and Agile Keychains
Here is a quick comparison of the OS X and Agile Keychains:
File-Level Syncing
File-level syncing is not practical with the OS X keychain because everything is stored in a single file. Each modification causes the entire file to be recreated and then synced. This hurts performance and increases the chance of conflicts.
Performance
The OS X keychain slows significantly as its size increases because it creates an entire copy of the file and then replaces the original.
Auto-Lock
The OS X keychain’s auto-lock is based on keychain usage. The amount of time between using the keychain is calculated to determine if the keychain is locked. User activity such as typing or mouse movement is irrelevant. This forces you to specify a much longer automatic lock time than you might like.
Data Encryption
The OS X keychain uses Triple DES as its encryption algorithm which is quite secure, but it is growing older and has been superseded by newer encryption algorithms with longer key lengths. The US government has deprecated the use of Triple DES and has set AES as its new standard.
MobileMe Syncing
The OS X keychain has direct support for syncing with MobileMe. The Agile keychain does not have this level of integration with MobileMe, but it can be synced in other ways.
More Information
For a full analysis of our need to design the Agile keychain, please refer to the article explaining the history of OS X keychain integration in 1Password.
For details on how the Agile keychain was designed and made secure, please see the Agile Keychain Design document.
For details on how to migrate your data from the OS X keychain to the Agile keychain, please see our guide to switching to the Agile keychain.