Welcome to the MacNN Forums.

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

You are here: MacNN Forums > Software - Troubleshooting and Discussion > Applications > Password management

Password management
Thread Tools
LDB
Fresh-Faced Recruit
Join Date: Jun 2012
Location: Texas
Status: Offline
Reply With Quote
Jun 24, 2012, 02:11 PM
 
With all the hacking and phishing and attacking going on I'm sure it would be wise to update and strengthen passwords. While I'd like to think I could remember numerous random strong passwords I'm sure that's not going to happen. There's the good old yellow pad but that's not so great either. I'm just starting in the Mac world as of a couple of days ago.

Is there a widget of some sort that ties into Safari to create and manage passwords? Some other browser that is better and has password functions? Any/all other suggestions/hints/tips/advice? Thanks for any and all input.
     
flmiller
Fresh-Faced Recruit
Join Date: Mar 2010
Location: Somewhere in Time
Status: Offline
Reply With Quote
Jun 24, 2012, 02:17 PM
 
For me, there is only one worthy password app - 1Password from http://www.agilebits.com/ They have a compatible iPhone app, as well. HTH. (I am anything but fresh-faced.)

Frank
     
LDB  (op)
Fresh-Faced Recruit
Join Date: Jun 2012
Location: Texas
Status: Offline
Reply With Quote
Jun 24, 2012, 02:45 PM
 
I saw mention of 1Password and it was listed at $35 which is kind of high for a single utility but worth it if it's all that. A later mention of if said $40 so it went up but what hasn't. Just now I followed the link and it's up to $50. That's quite a lot for a single utility compared to a full package like iWorks for $79. I might end up going that way anyway but want to look into all options before spending that much.
     
P
Moderator
Join Date: Apr 2000
Location: Gothenburg, Sweden
Status: Offline
Reply With Quote
Jun 24, 2012, 03:00 PM
 
One alternative is to choose a strong password and decide on a rule for salting it for different sites. Password reuse is a much bigger issue than weak passwords these days.
     
cgc
Professional Poster
Join Date: Mar 2003
Location: Down by the river
Status: Offline
Reply With Quote
Jun 24, 2012, 03:41 PM
 
Originally Posted by LDB View Post
I saw mention of 1Password and it was listed at $35 which is kind of high for a single utility but worth it if it's all that. A later mention of if said $40 so it went up but what hasn't. Just now I followed the link and it's up to $50. That's quite a lot for a single utility compared to a full package like iWorks for $79. I might end up going that way anyway but want to look into all options before spending that much.
If you're patient 1Password is commonly in bundles with other apps so you might pay $49.99 but you'll probably get $500-$900 worth of software (w/ 1Password often times).
     
hab
Forum Regular
Join Date: Mar 2002
Location: San Francisco
Status: Offline
Reply With Quote
Jun 25, 2012, 12:42 PM
 
One vote for SplashID from Splashdata. Started using it in the Palm days. They have routinely updated it since then to maintain compatibility with iPhone and other handhelds. The desktop app is great. Syncing is and has been seamless.
21.5" iMac 2.7GHz i5; 15" FP iMac 0.8GHz G4, iPhone 5S
     
mduell
Posting Junkie
Join Date: Oct 2005
Location: Houston, TX
Status: Offline
Reply With Quote
Jun 25, 2012, 08:59 PM
 
1Password seemed like a good idea, but the browser integration is constantly broken rendering it frustrating and mostly useless.
     
tightsocks
Mac Enthusiast
Join Date: Feb 2005
Status: Offline
Reply With Quote
Jun 25, 2012, 09:48 PM
 
Originally Posted by LDB View Post
Is there a widget of some sort that ties into Safari to create and manage passwords? Some other browser that is better and has password functions? Any/all other suggestions/hints/tips/advice? Thanks for any and all input.
Actually, Safari can store passwords in the Keychian if you have the AutoFill preference set to remember 'User names and Passwords.' The only problem is that it does not deal well with non-standard login pages. So it might not be able to manage all of the sites that you use.
When you login to a page Safari will ask you if you want to remember the username/password. If you do, then the next time you visit the page it will fill in the login info into the form auto-magically.
     
tightsocks
Mac Enthusiast
Join Date: Feb 2005
Status: Offline
Reply With Quote
Jun 25, 2012, 09:50 PM
 
Originally Posted by mduell View Post
1Password seemed like a good idea, but the browser integration is constantly broken rendering it frustrating and mostly useless.
I use the 1Password browser extensions in Safari and Firefox and they seem to be pretty robust for me.
The devs have a very active support forum as well.
     
mduell
Posting Junkie
Join Date: Oct 2005
Location: Houston, TX
Status: Offline
Reply With Quote
Jun 25, 2012, 10:05 PM
 
Originally Posted by tightsocks View Post
I use the 1Password browser extensions in Safari and Firefox and they seem to be pretty robust for me.
The devs have a very active support forum as well.
I was using it in the Firefox ~4 era, and it was:
1) Upgrade Firefox.
2) Plugin disables.
3) Plugin updates a week or two later.
4) Go to 1 a couple weeks later.

Until it stopped updating/recovering at all around Firefox 8, at which point I had stopped using it anyway.
     
tightsocks
Mac Enthusiast
Join Date: Feb 2005
Status: Offline
Reply With Quote
Jun 26, 2012, 01:24 AM
 
Originally Posted by hab View Post
One vote for SplashID from Splashdata. Started using it in the Palm days. They have routinely updated it since then to maintain compatibility with iPhone and other handhelds. The desktop app is great. Syncing is and has been seamless.
Make sure that you are using the most up to date version.
Previous versions were totally insecure as they used flawed encryption with a hardcoded master key.
This was discovered in early 2012.
     
subego
Clinically Insane
Join Date: Jun 2001
Location: Chicago, Bang! Bang!
Status: Offline
Reply With Quote
Jun 26, 2012, 01:33 AM
 
I like 1Password, however...

I've never had loading problems with the plug-in (in Safari), but I've seen it behave badly (as in not saving a generated password) on sites with flash in their login code.

It's also a little quirky, you usually have to massage it a bit to get it do do what you want.
     
ghporter
Administrator
Join Date: Apr 2001
Location: San Antonio TX USA
Status: Offline
Reply With Quote
Jun 26, 2012, 06:57 AM
 
I typically use the system P suggested: a single, complex "base" password with a set of rules for "salting" it (altering or adding to it) for specific uses. As an example, if your "base" password were "abcdefg1234567" you could add something to the beginning or end to customize it and help you remember the customization like "abcdefg1234567Macnn" for MacNN, "ASabcdefg1234567" for the Apple Store, or "abcdefGM1234567" for GMail. You can use upper case, special characters, etc. to add to the complexity of the base without making your mnemonic additions harder to remember.

In short, a complex password only gets more complex with additions. If you add simple stuff to help you remember your customized passwords, you're still doing that to a complex password which is very hard to hack.

P.S. aside from at the workplace, it is OK to write down your passwords. Just don't keep your list with your work computer. Afraid of having your list with your home computer? You can lock up your list somewhere at home, but have a list to keep you from forgetting all of them.

Glenn -----OTR/L, MOT, Tx
     
mduell
Posting Junkie
Join Date: Oct 2005
Location: Houston, TX
Status: Offline
Reply With Quote
Jun 26, 2012, 03:15 PM
 
Nobody posted the obligatory xkcd yet:

     
P
Moderator
Join Date: Apr 2000
Location: Gothenburg, Sweden
Status: Offline
Reply With Quote
Jun 26, 2012, 05:33 PM
 
That would be great, but in effect few websites let you have passwords that long. This one is more apropos.
The new Mac Pro has up to 30 MB of cache inside the processor itself. That's more than the HD in my first Mac. Somehow I'm still running out of space.
     
subego
Clinically Insane
Join Date: Jun 2001
Location: Chicago, Bang! Bang!
Status: Offline
Reply With Quote
Jun 26, 2012, 07:36 PM
 
Let it be known it is highly likely a site which will not let you use a long password has shitty security.
     
P
Moderator
Join Date: Apr 2000
Location: Gothenburg, Sweden
Status: Offline
Reply With Quote
Jun 27, 2012, 03:50 AM
 
Do things like iCloud and Gmail allow 50 character passwords, and really check all the characters?
The new Mac Pro has up to 30 MB of cache inside the processor itself. That's more than the HD in my first Mac. Somehow I'm still running out of space.
     
   
Thread Tools
 
Forum Links
Forum Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Top
Privacy Policy
All times are GMT -4. The time now is 09:18 PM.
All contents of these forums © 1995-2017 MacNN. All rights reserved.
Branding + Design: www.gesamtbild.com
vBulletin v.3.8.8 © 2000-2017, Jelsoft Enterprises Ltd.,