An open community 
of Macintosh users,
for Macintosh users.

FineTunedMac Dashboard widget now available! Download Here

Previous Thread
Next Thread
Print Thread
Page 2 of 2 1 2
Re: Securing a desktop mac
ryck #31263 09/22/14 04:39 PM
Joined: Sep 2009
deniro Offline OP
OP Offline

Joined: Sep 2009
Quote:
One warning, if you forget the "master password" the only recovery is starting over from scratch.


What do you mean? What do have to do?

Re: Securing a desktop mac
deniro #31267 09/22/14 07:58 PM
Joined: Aug 2009
Likes: 14
Online

Joined: Aug 2009
Likes: 14
First, you weep.

You will be the only person who knows your password. If you forget it, neither you nor the software publisher can open the application. So you'll have to start all over and enter every single password again.

However, you got this kind of software because you can't remember all your passwords and didn't want to leave a document laying around that someone else could access.

Now, there's a pickle. You need to re-enter all your passwords but you can't.

I took the approach of creating a Master Password that is very unlikely to be guessed but which is easy for me to remember. I also have it stored in a couple of places - my daughters' heads. They have it because, if anything ever happened to my wife and me simultaneously, they'd need access to my passwords.

Last edited by ryck; 09/22/14 08:00 PM.

ryck

"What Were Once Vices Are Now Habits" The Doobie Brothers

iMac (Retina 5K, 27", 2020), 3.8 GHz 8 Core Intel Core i7, 8GB RAM, 2667 MHz DDR4
OS Ventura 13.6.3
Canon Pixma TR 8520 Printer
Epson Perfection V500 Photo Scanner c/w VueScan software
TM on 1TB LaCie USB-C
Re: Securing a desktop mac
ryck #31270 09/22/14 08:53 PM
Joined: Aug 2009
Offline

Joined: Aug 2009
Quote:
And you should think about where you hide stuff. A security expert told me that professionals, looking for high-value, easy to carry items, go straight to the main bedroom...

He said the best place to hide those items is in a rusty tin can in the garage.


Problem solved. Keep your master password in a rusty tin can in the garage. Tada! laugh

Re: Securing a desktop mac
slolerner #31271 09/22/14 10:26 PM
Joined: Aug 2009
Likes: 14
Online

Joined: Aug 2009
Likes: 14
Originally Posted By: slolerner
Problem solved. Keep your master password in a rusty tin can in the garage. Tada! laugh

Perfect. They're never looking there. grin

Last edited by ryck; 09/22/14 10:27 PM.

ryck

"What Were Once Vices Are Now Habits" The Doobie Brothers

iMac (Retina 5K, 27", 2020), 3.8 GHz 8 Core Intel Core i7, 8GB RAM, 2667 MHz DDR4
OS Ventura 13.6.3
Canon Pixma TR 8520 Printer
Epson Perfection V500 Photo Scanner c/w VueScan software
TM on 1TB LaCie USB-C
Re: Securing a desktop mac
deniro #31276 09/23/14 03:37 PM
Joined: Aug 2009
Likes: 16
Moderator
Offline
Moderator

Joined: Aug 2009
Likes: 16
Originally Posted By: deniro
Quote:
One warning, if you forget the "master password" the only recovery is starting over from scratch.


What do you mean? What do have to do?

That has happened to me (which in one reason I have tried so many password systems). An early version of Keychain hiccuped and lost the keychain file. There was, of course, no remembering all the various sites much less the passwords so I ended up resetting the passwords when I logged onto each and every site to rebuild the Keychain file. It took for blooming EVER!

Keychain and OS X file management are far more stable these days — thank heavens, but now I take a sixfold approach.
  1. The keychain is backed up in Time Machine
  2. The keychain is synchronized in iCloud which has the added benefit of making the passwords available on my iPhone and iPad.
  3. I have a logon and wake from sleep password so keychain can fill in the userid and password even on sites that normally exclude automatic password entries
  4. I have the most important and critical passwords in 1Password
  5. 1Password is also backed up in Time Machine
  6. 1Password is synched with iCloud and my iPad.

I use different passwords for Keychain and 1Password and store the Keychain password in 1Password and vice-versa. Keychain does a good job of suggesting secure passwords for new sites or when changing a site password, but it is not as flexible as 1Password in that regard. I have encountered sites that will not accept the Keychain suggestion, but I have always been able to adjust the 1Password suggestions to work with any site. An interesting sidelight is the difference in how secure each of the utilities thinks the same password is. The difference is sometimes night and day.


If we knew what it was we were doing, it wouldn't be called research, would it?

— Albert Einstein
Re: Securing a desktop mac
joemikeb #31277 09/23/14 04:04 PM
Joined: Aug 2009
Offline

Joined: Aug 2009
I thought I heard iCloud was hacked...

But then again, so was Home Dept. I had credit card fraud (not debit card) from Walmart and Hertz, both in states I have never been to. I never shopped at Walmart and never rented a car from Hertz. It's just out there. Purchase a monitoring service until they eliminate this whole shoddy password and card swipe system, IMHO.

Last edited by slolerner; 09/23/14 04:10 PM. Reason: more
Re: Securing a desktop mac
slolerner #31280 09/23/14 06:34 PM
Joined: Aug 2009
Likes: 4
Offline

Joined: Aug 2009
Likes: 4
RE I thought I heard iCloud was hacked...

According to Apple and other sources, that was the 'cheap' way of explaining what happened. As I understand it, users of iCloud (especially those who didn't even know their photos were being uploaded to iCloud by default – ie, had no clue how their iPhone and other such devices worked – but could have circumvented the problem by disabling the automatic/default option of iCloug backup) were hacked the good old-fashioned way, via 'brute force', to obtain poorly constructed passwords.

EDIT: Along those lines, see this season's premiere episode of The Big Bang Theory, whereby Sheldon's (rail)road trip photos were saved to the Cloud and retrievable after his mobile was stolen.

Last edited by grelber; 09/23/14 10:51 PM. Reason: Addendum
Re: Securing a desktop mac
grelber #31291 09/24/14 06:10 PM
Joined: Sep 2009
deniro Offline OP
OP Offline

Joined: Sep 2009
Thanks for everyone's advice. Good stuff.

Re: Securing a desktop mac
deniro #31340 09/29/14 07:48 PM
Joined: Sep 2009
deniro Offline OP
OP Offline

Joined: Sep 2009
What do people here think about staying logged in to web sites? Should I log out of a site every day? Every time I'm done with it? Amazon? This site?

Re: Securing a desktop mac
deniro #31342 09/29/14 09:36 PM
Joined: Aug 2009
Likes: 1
Moderator
Offline
Moderator

Joined: Aug 2009
Likes: 1
While there is a difference between private and public computers, it is generally safer and more secure to log out when you're done on a particular web site, and log back in when you need to do more business there. For instance, many financial web sites will log you out automatically after a certain period of inactivity to increase the safety of your data. More musings on this topic can be found on this Lifehacker page.


alternaut moderator
Re: Securing a desktop mac
alternaut #31344 09/29/14 09:41 PM
Joined: Aug 2009
Likes: 14
Online

Joined: Aug 2009
Likes: 14
Originally Posted By: alternaut
For instance, many financial web sites will log you out automatically after a certain period of inactivity to increase the safety of your data.

My bank suggests not only logging out but also closing the browser to clear out residual information. I seem to recall that joemike's bank had even more stringent recommendations.


ryck

"What Were Once Vices Are Now Habits" The Doobie Brothers

iMac (Retina 5K, 27", 2020), 3.8 GHz 8 Core Intel Core i7, 8GB RAM, 2667 MHz DDR4
OS Ventura 13.6.3
Canon Pixma TR 8520 Printer
Epson Perfection V500 Photo Scanner c/w VueScan software
TM on 1TB LaCie USB-C
Re: Securing a desktop mac
deniro #31349 09/30/14 05:23 AM
Joined: Aug 2009
Likes: 1
Offline

Joined: Aug 2009
Likes: 1
I usually stay logged out. But then, I'm usually on my laptop these days, and I administer some sites that could cause significant grief if someone were o log in as me. I'm on a laptop most of the time, so I'm always concerned about the possibility of someone making off with my computer.

On my desktop system, I often stay logged in.


Photo gallery, all about me, and more: www.xeromag.com/franklin.html
Re: Securing a desktop mac
deniro #31356 09/30/14 06:46 PM
Joined: Aug 2009
Likes: 16
Moderator
Offline
Moderator

Joined: Aug 2009
Likes: 16
Originally Posted By: deniro
What do people here think about staying logged in to web sites? Should I log out of a site every day? Every time I'm done with it? Amazon? This site?

If I have logged onto a site where I do not conduct any financial transactions, such as this one, I seldom, if ever, log out.

If it is a site where I conduct any sort of financial transactions such as making a purchase, or paying a bill, I always log out and at the very least close the site window if not quitting the browser immediately after the transaction. To my knowledge that is perhaps the very oldest and hoariest of security recommendations. It goes back to the days when the primary security concern was a hacker hijacking your connection to a site. Since that time there have been numerous improvements in browsers and servers intended to defeat that practice. But habits are hard to break and just because a technique is old does't mean it no longer works or more importantly that all servers have good protection against such attacks. I am waiting to receive my third debit card in less than 12 months because it has once again been compromised by attacks on third party sites (not me and not my bank but some merchant.)

Note 1: I am getting more than a little "antsy" about sites that allow you to log in using a Google or Facebook ID. I will never login to a site to conduct financial transactions using Google or Facebook login nor will I do business with a merchant who uses Google or Facebook logins. IMHO that is simply too vulnerable to exploitation.

Note 2:I will definitely get an iPhone 6 and an iWatch because of Apple's more secure charge card scheme. The time is coming when I will feel forced to quit trading with merchants that are too cheap to upgrade their credit card readers and sites to work with the security chip credit and debit cards.


If we knew what it was we were doing, it wouldn't be called research, would it?

— Albert Einstein
Re: Securing a desktop mac
joemikeb #31370 10/01/14 11:13 PM
Joined: Aug 2009
Offline

Joined: Aug 2009
I have Firefox set to not remember history and clear all cookies, caches, etc. after quitting. Then if I am logged into two sites at once for some reason, I won't forget to log out of each. Quitting Firefox will clear everything.

Re: Securing a desktop mac
slolerner #31373 10/02/14 12:34 AM
Joined: Aug 2009
Likes: 16
Moderator
Offline
Moderator

Joined: Aug 2009
Likes: 16
Originally Posted By: slolerner
I have Firefox set to not remember history and clear all cookies, caches, etc. after quitting. Then if I am logged into two sites at once for some reason, I won't forget to log out of each. Quitting Firefox will clear everything.

You are dealing with the vulnerability of someone logging into or having physical access to your computer. The logout and close browser routine is intended to shortstop a vulnerability that arises from a hacker actually hijacking your logon session — while it is in progress. In this case clearing the history etc. is a case of locking the barn door after the horse is long gone.


If we knew what it was we were doing, it wouldn't be called research, would it?

— Albert Einstein
Re: Securing a desktop mac
joemikeb #31374 10/02/14 12:58 AM
Joined: Aug 2009
Offline

Joined: Aug 2009
Got it.

Re: Securing a desktop mac
joemikeb #31424 10/06/14 07:26 AM
Joined: Aug 2009
Likes: 15
Online

Joined: Aug 2009
Likes: 15
Originally Posted By: joemikeb
I have a logon and wake from sleep password so keychain can fill in the userid and password even on sites that normally exclude automatic password entries.

I don't follow that; would you please clarify?

Thanks.


The new Great Equalizer is the SEND button.

In Memory of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire
Re: Securing a desktop mac
joemikeb #31425 10/06/14 07:41 AM
Joined: Aug 2009
Likes: 15
Online

Joined: Aug 2009
Likes: 15
Originally Posted By: joemikeb
Note 1: I am getting more than a little "antsy" about sites that allow you to log in using a Google or Facebook ID. I will never...do business with a merchant who uses Google or Facebook logins. IMHO that is simply too vulnerable to exploitation.

Note 2:I will definitely get an iPhone 6 and an iWatch because of Apple's more secure charge card scheme. The time is coming when I will feel forced to quit trading with merchants that are too cheap to upgrade their credit card readers and sites to work with the security chip credit and debit cards.

1. I still don't understand people's fears about sites other than those that either have or have access to money or financial records/other critical info.

Somebody who hacks into my eBay or other merchant account, pretty much any of my accounts, in fact, can do no more than either maaaybe embarrass me or pay for it with their own money.

2. How would a merchant site work with a card with a security chip?


The new Great Equalizer is the SEND button.

In Memory of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire
Re: Securing a desktop mac
joemikeb #31426 10/06/14 07:43 AM
Joined: Aug 2009
Likes: 15
Online

Joined: Aug 2009
Likes: 15
> ...a hacker actually hijacking your logon session — while it is in progress.

How is that possible?

Thanks.


The new Great Equalizer is the SEND button.

In Memory of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire
Page 2 of 2 1 2

Moderated by  alternaut, dianne, MacManiac 

Link Copied to Clipboard
Powered by UBB.threads™ PHP Forum Software 7.7.4
(Release build 20200307)
Responsive Width:

PHP: 7.4.33 Page Time: 0.037s Queries: 54 (0.031s) Memory: 0.6755 MB (Peak: 0.8296 MB) Data Comp: Zlib Server Time: 2024-03-28 09:12:20 UTC
Valid HTML 5 and Valid CSS