All items tagged with "passwords"

Apple’s biggest security threat is you

iCloud faces some tough security issues. Photo: Jim Merithew/Cult of Mac

iCloud faces some tough security issues. Photo: Jim Merithew/Cult of Mac

iCloud passwords and security passwords can be guessed using social networking and various phishing techniques, and complex passwords and two-step verification are not as intuitive as they should be.

In a delightfully complete article over at TidBITS, author Rich Mogul lays out the facts behind the current spate of Apple security problems – most of which boil down to this: People are the weakest link in the chain.

As anyone who’s worked with technology in the past decade can tell you, the thorniest technical challenges aren’t typically those that deal directly with hardware and software. No, in most cases, the toughest things to troubleshoot and fix lie along the human spectrum. System administrators have long known this, coming up with acronyms like PEBCAK and ID-10T errors.

The same goes for security, which in Apple’s case affects an ever-increasing number of people who not be savvy to the ways of information security.

Read the rest of this post »

XKPasswd Generates Secure Pass-Phrases

Password Strength

Apart from “correct horse battery staple,” the most secure passwords aren’t words, they’re phrases. You don’t even need crazy symbols or hard-to-determine numerals (is that an l or a 1, a 0 or an O?) – just a good, longish phrase made out of words.

And now you don’t even have to make one up. Using the XKPasswd generator, based on but not associated with Randall Munroe’s amazing comic strip XKCD, you can generate secure pass phrases easily.

Read the rest of this post »

Worried About Security? Don’t Use The Starbucks App

sbux

If you’re particularly concerned about the security of your passwords, you might want to stay away from Starbucks’ official iOS app: the Seattle-based coffee maker has just confirmed that passwords, credentials and location in the company’s app are stored in plain text, and are not hashed or encrypted at all.

Read the rest of this post »

Allow Mobile Safari To Store Passwords For All Sites [iOS Tips]

Safari Passwords

When you browse the web with mobile Safari, you’ll come across sites that ask you to create a login, and that usually requires a password.

You can save your passwords in mobile Safari automatically, but there are some sites that request passwords not be saved. There’s a workaround, though, if you feel like you should be able to save whatever passwords you darn well please, and it’s buried in the Settings app.

Read the rest of this post »

Safari File Reveals Your User IDs & Passwords In Plain Text

safari_loophole_03

The peeps behind Kaspersky Labs’ Securelist blog have uncovered an Easter Egg in Safari, which they claim lists user IDs and passwords in plaintext.

The problem relates to Safari’s retention of browser history as used in the “Reopen All Windows from Last Session” feature — which enables users to easily revisit sites they opened during previous Safari sessions.

Read the rest of this post »

Find Forgotten Passwords With Keychain Access [OS X Tips]

Keychain Access

If you store your user name and password details via the Keychain in OS X, you know that Keychain makes it a lot easier to do so. You can store login details for all those websites you visit, including banking info, social network details, and the like, right in the Keychain.

At some point, though, you might forget the actual passwords. It’s like how we used to know all our close friends’ phone numbers by heart, but with the advent of the smartphone, I doubt many of us even know too many of our buddies’ actual digits.

If you want to remember the passwords that are stored in Keychain, though, you’re in luck.

Read the rest of this post »

Google Chrome For Mac Makes Saved Passwords More Secure

Chrome-secure-passwords

Google has tightened security inside the latest Chromium build for Mac, blocking access to all of your saved passwords until you’ve provided your system password. Under previous releases, users simply had to enter a special address to access all of the login credentials they had saved inside the browser, providing access to anyone who uses your computer.

Read the rest of this post »

Reset Your User Account Password Using Your Apple ID [OS X Tips]

Apple ID User Account

Have you ever lost your user account password for your Mac? You know, the one which lets you get into your Mac at login, or install software, or delete stuff from the Applications folder? You haven’t? Well, you’re a better person than I am, because I’ve forgotten mine (usually on older Macs I haven’t used in a billion years, but still) and had to pop in a Mac OS X CD and go through the recovery process.

While that’s not too big of a pain in the butt, it does take some time. Time which could be better spent drinking beer, or solving a Rubik’s Cube, am I right?

If you’re running Mac OS X Lion, Mountain Lion, or Mavericks, you can assign your Apple ID to your user account, which can help when you need to reset your password. You know, if you forget it or something. Ahem.

Read the rest of this post »

Get Password Suggestions Using iCloud Keychain And Safari In Mavericks Beta [OS X Tips]

iCloud Keychain Mavericks

AutoFill has been a part of OS X and Apple’s browser, Safari, for a while now. When you fill out forms on the web, Safari will prompt you to use your contact info to fill in the form, or to use the form data you entered as your AutoFill information. This is helpful as you fill out a lot of web forms, of course.

Now, in OS X Mavericks beta, Safari has a new trick up its sleeve, with the ability to suggest secure passwords to you, and then saving them for you when you go back to that site. It’s called iCloud Keychain, and here’s how to set it up.

Read the rest of this post »

Sort All Your Passwords By Strength In Mac App, 1Password [OS X Tips]

1password

The excellent Mac app 1Password is a cross-platform password management app which makes it easy to have unique strong passwords for every site you visit, as well as keeping all your private bits of data secure and available to only you. While you’d think a single app that holds all your sensitive data would be a point of weakness, AgileBits has proven its app to be super secure, even against hackers with malicious intent.

When you use the app to create or store passwords, though, you might want to be sure that you don’t reuse a password you’ve already used on a different site: it’s more secure if you don’t. You also want to make sure that all of your passwords are strong ones. How can you know that, though, with a long list of them? It’s simple, really: just sort by password strength.

Read the rest of this post »