 Re: Taking into Repair and privacy
|
Joined: Aug 2009
Likes: 16
Moderator
|
Moderator
Joined: Aug 2009
Likes: 16 |
I'd love to know what Apple was thinking when they eliminated the option to not have Keychain Access open automatically at login. As far as I can recall, that has not happened since Mac OS X public beta. Keychain still opens automatically when you login but Keychain Access only opens when you launch the app. I wish Apple would put Keychain Access on iOS and iPadOS -- another reason for 1Password, Strongbox, et. al. 
If we knew what it was we were doing, it wouldn't be called research, would it?
— Albert Einstein
|
|
Re: Taking into Repair and privacy
|
Joined: Aug 2009
Likes: 15
|
|
Joined: Aug 2009
Likes: 15 |
Any of my accounts that has access to financial resources has got a long, complicated password that's burned into my brain and archived, along with credit card and other account numbers, in an encrypted disk image with an even longer, more complicated password. In truth, your financial passwords are more likely to get onto the "dark web" from a data breach at your financial institution. A feature of 1Password, Strongbox and other password managers is monitoring data breaches where your password is involved and notifying you to change the password. (I elected to simply close the account.) I don't know if it's the same thing, but I've got 3 or 4 services monitoring the dark web for mentions of my name or SSN. ALL of my other accounts use the exact same password, because even if someone is able to hack that password and figure out which of eight user IDs is associated with it as respects a given account, even if someone accesses my MBP and avails themselves of Safari & AutoFill, there's pretty much no damage that can be done with the info.
Sure, someone could embarrass me on eBay by buying stuff and not paying for it, but other than that, the worst they could do is fill up shopping carts and not complete the transactions (which I even do on my own, and with no repercussions, on occasion). If it works for you, your approach is fine. It gives me the hives, but the difference is I conduct virtually all of my business on the internet. No difference...so do I. But with my scheme, none of my "business" is vulnerable. You've disdained my approach in the past, but for the benefit of people with perhaps hundreds of accounts and assorted methodologies for protecting them, such as kevs and his Excel spreadsheet, I think its finally time to go beyond the paranoia induced by accepted Internet security concepts and quantify - in detail - any risk that my scheme presents. It is your opinion and your choice, and probably similar to the approach taken by the majority of users. It is not an approach I could live with (notice my 600+ passwords) or, in good conscience, recommend. Keychain, that is built into macOS, iOS, and iPadOS does most of what 1Password or Strongbox does, but to me it is more cumbersome to use and less flexible. 600 CONTACTS would be an awful lot, but it's well within the range of possibility. But 600 PASSWORDS is a stunning number. I can't begin to imagine how you've reached that point! I wonder how many of those 600 are actually critical in that they'd leave you vulnerable in some way were they breached? I may need some clarification here, but isn't Keychain less secure than 1Password or Strongbox in that it's unlocked automatically when you log in, while the other two are password protected? OS X once offered an option to have a Keychain password that differed from your login password, but that went by the boards years ago.
The new Great Equalizer is the SEND button.
In Memory of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire
|
|
Re: Taking into Repair and privacy
|
Joined: Aug 2009
Likes: 16
Moderator
|
|
Moderator
Joined: Aug 2009
Likes: 16 |
600 CONTACTS would be an awful lot, but it's well within the range of possibility. But 600 PASSWORDS is a stunning number. I can't begin to imagine how you've reached that point! I wonder how many of those 600 are actually critical in that they'd leave you vulnerable in some way were they breached? Of the 600 entries in Strongbox roughly 450 are actual passwords for various websites. The rest are software keys, financial account information, and other items I want to keep in a single location that is accessible on all of my devices. I may need some clarification here, but isn't Keychain less secure than 1Password or Strongbox in that it's unlocked automatically when you log in, while the other two are password protected?
OS X once offered an option to have a Keychain password that differed from your login password, but that went by the boards years ago. Given that both Keychain and Strongbox each require identification in the form of a password, fingerprint, or facial recognition each time they are used, I would say they are equal. Strongbox/KeePass have the edge on encryption strength, as they hash a photo together with the password. So both are required to open the database.
If we knew what it was we were doing, it wouldn't be called research, would it?
— Albert Einstein
|
|
|
|
