As anyone who’s worked with technology in the past decade can tell you, the thorniest technical challenges aren’t typically those that deal directly with hardware and software. No, in most cases, the toughest things to troubleshoot and fix lie along the human spectrum. System administrators have long known this, coming up with acronyms like PEBCAK and ID-10T errors.
The same goes for security, which in Apple’s case affects an ever-increasing number of people who not be savvy to the ways of information security.
Apart from “correct horse battery staple,” the most secure passwords aren’t words, they’re phrases. You don’t even need crazy symbols or hard-to-determine numerals (is that an l or a 1, a 0 or an O?) – just a good, longish phrase made out of words.
And now you don’t even have to make one up. Using the XKPasswd generator, based on but not associated with Randall Munroe’s amazing comic strip XKCD, you can generate secure pass phrases easily.
If you’re particularly concerned about the security of your passwords, you might want to stay away from Starbucks’ official iOS app: the Seattle-based coffee maker has just confirmed that passwords, credentials and location in the company’s app are stored in plain text, and are not hashed or encrypted at all.
When you browse the web with mobile Safari, you’ll come across sites that ask you to create a login, and that usually requires a password.
You can save your passwords in mobile Safari automatically, but there are some sites that request passwords not be saved. There’s a workaround, though, if you feel like you should be able to save whatever passwords you darn well please, and it’s buried in the Settings app.
The peeps behind Kaspersky Labs’ Securelist blog have uncovered an Easter Egg in Safari, which they claim lists user IDs and passwords in plaintext.
The problem relates to Safari’s retention of browser history as used in the “Reopen All Windows from Last Session” feature — which enables users to easily revisit sites they opened during previous Safari sessions.
If you store your user name and password details via the Keychain in OS X, you know that Keychain makes it a lot easier to do so. You can store login details for all those websites you visit, including banking info, social network details, and the like, right in the Keychain.
At some point, though, you might forget the actual passwords. It’s like how we used to know all our close friends’ phone numbers by heart, but with the advent of the smartphone, I doubt many of us even know too many of our buddies’ actual digits.
If you want to remember the passwords that are stored in Keychain, though, you’re in luck.
Google has tightened security inside the latest Chromium build for Mac, blocking access to all of your saved passwords until you’ve provided your system password. Under previous releases, users simply had to enter a special address to access all of the login credentials they had saved inside the browser, providing access to anyone who uses your computer.
Have you ever lost your user account password for your Mac? You know, the one which lets you get into your Mac at login, or install software, or delete stuff from the Applications folder? You haven’t? Well, you’re a better person than I am, because I’ve forgotten mine (usually on older Macs I haven’t used in a billion years, but still) and had to pop in a Mac OS X CD and go through the recovery process.
While that’s not too big of a pain in the butt, it does take some time. Time which could be better spent drinking beer, or solving a Rubik’s Cube, am I right?
If you’re running Mac OS X Lion, Mountain Lion, or Mavericks, you can assign your Apple ID to your user account, which can help when you need to reset your password. You know, if you forget it or something. Ahem.
AutoFill has been a part of OS X and Apple’s browser, Safari, for a while now. When you fill out forms on the web, Safari will prompt you to use your contact info to fill in the form, or to use the form data you entered as your AutoFill information. This is helpful as you fill out a lot of web forms, of course.
Now, in OS X Mavericks beta, Safari has a new trick up its sleeve, with the ability to suggest secure passwords to you, and then saving them for you when you go back to that site. It’s called iCloud Keychain, and here’s how to set it up.
The excellent Mac app 1Password is a cross-platform password management app which makes it easy to have unique strong passwords for every site you visit, as well as keeping all your private bits of data secure and available to only you. While you’d think a single app that holds all your sensitive data would be a point of weakness, AgileBits has proven its app to be super secure, even against hackers with malicious intent.
When you use the app to create or store passwords, though, you might want to be sure that you don’t reuse a password you’ve already used on a different site: it’s more secure if you don’t. You also want to make sure that all of your passwords are strong ones. How can you know that, though, with a long list of them? It’s simple, really: just sort by password strength.