Register FAQ / Rules Forum Spy Search Today's Posts Mark Forums Read
Go Back   MacRumors Forums > Apple Hardware > Notebooks > MacBook Pro

Reply
 
Thread Tools Search this Thread Display Modes
Old Jan 28, 2013, 11:49 AM   #26
xShane
macrumors 6502a
 
xShane's Avatar
 
Join Date: Nov 2012
Location: United States
Quote:
Originally Posted by mslide View Post
Actually, that's probably one of the more insecure ways to do it. Humans are not nearly as unique/creative as we think we are especially when it comes to creating passwords. Not to mention how easy it is for modern computers, loaded with GPUs, to crack "secure" passwords.

I'll take a password manager, governed by a master password that was truly generated in a random fashion by me, over my head any day.
Except for the fact it's not truly generated in a random fashion.
__________________
Macbook Pro 15" 2.6, 8GB, 750GB, 1GB VRAM
"Everything for the people, nothing by the people."

"Be the change that you wish to see in the world."
xShane is offline   0 Reply With Quote
Old Jan 28, 2013, 11:52 AM   #27
ybz90
macrumors 6502a
 
Join Date: Jul 2009
Quote:
Originally Posted by xShane View Post
You just (basically) criticized me for a "rude attempt" to ridicule you, yet to turn around and do the same thing. Practice what you preach, huh?

Anyhow, back to the main point. The OP asked for a password manager, and I suggested a reasonable one. He doesn't have to use my suggestion -- it is merely a suggestion. Chances are, he's not going to acquire all the other suggestions, either. You instantly jumped and attacked me, first.

For obvious reasons, I'm not going to disclose how I mentally manage or create my passwords.

It's not wise to put all of your eggs in one basket, or in other words, all of your passwords in one application. What if your password storing application is compromised. Oops, I guess all of your stored passwords are in trouble.

Furthermore, the program's algorithm that generates your passwords could in theory be reverse engineered. And don't give me this "random" BS. It's not truly random.
Mine was not a personal attack; I attacked the content of your message, which I do not think is helpful at all to the OP, not your character, intelligence or person. As for your counterpoints, they are valid in the sense that no solution is perfect, but the cons involved in using something like 1Password, especially for the OP's case, is better than the alternatives, including the one you suggested.

And to be fair, let's be honest, it's not really a reasonable suggestion. Unless you disclose your mental organization strategy, it isn't very useful for the OP, now is it? To me, the reasons for not disclosing password management/creation are not obvious, unless they are formulaic and can easily lead to your own actual passwords, in which case, I don't see how it's better than pseudo-random password generation. Or maybe they don't exist. Just saying.

The fact is, what you suggested really isn't useful to the OP. That's my problem with it. I attacked your post because it is harmful advice. Maybe it works for you, but without knowing how you do it, it won't work for 99% of people out there (maybe it won't even work for most people even if the knew how you do it, which you aren't disclosing anyway), and as such, it constitutes really horrible advice. The average person who sees your post and takes your advice won't do your magical, fancy pants mental algorithms, and will leave themselves susceptible to password theft.

You basically said: Do X, which requires doing Y or else it will totally stupid. I'm not telling you Y though.

----------

Quote:
Originally Posted by xShane View Post
Except for the fact it's not truly generated in a random fashion.
No machine random generators are truly random, but the human mind certainly is not either, and reverse engineering the generator shouldn't be a problem as the hacker would not know any of the information regarding seeds, when it was generated, possible hardware specific identifiers, etc that may or may not be required in the algorithm.

----------

Quote:
Originally Posted by xShane View Post
*You* can't be serious. A notepad doc? Seriously?
I'll agree with you here. A physical notepad is probably the worst thing to do. (edit: digital is pretty bad too).

Last edited by ybz90; Jan 28, 2013 at 12:05 PM.
ybz90 is offline   0 Reply With Quote
Old Jan 28, 2013, 11:55 AM   #28
mslide
macrumors 6502a
 
Join Date: Sep 2007
Quote:
Originally Posted by xShane View Post
Except for the fact it's not truly generated in a random fashion.
Are you referring to my claim that my master password was generated in a random fashion? It was indeed. I did not use a computer to generate it. Nor did I use a long phrase, sentence, etc. I used a dice to generate it. I'm about as anal and paranoid as you can get when it comes to generating a master password.
mslide is offline   0 Reply With Quote
Old Jan 28, 2013, 12:02 PM   #29
xShane
macrumors 6502a
 
xShane's Avatar
 
Join Date: Nov 2012
Location: United States
Quote:
Originally Posted by ybz90 View Post
Mine was not a personal attack; I attacked the content of your message, which I do not think is helpful at all to the OP, not your character, intelligence or person. As for your counterpoints, they are valid in the sense that no solution is perfect, but the cons involved in using something like 1Password, especially for the OP's case, is better than the alternatives, including the one you suggested.

And to be fair, let's be honest, it's not really a reasonable suggestion. Unless you disclose your mental organization strategy, it isn't very useful for the OP, now is it? To me, the reasons for not disclosing password management/creation are not obvious, unless they are formulaic and can easily lead to your own actual passwords, in which case, I don't see how it's better than pseudo-random password generation. Or maybe they don't exist. Just saying.

The fact is, what you suggested really isn't useful to the OP. That's my problem with it. I attacked your post because it is harmful advice. Maybe it works for you, but without knowing how you do it, it won't work for 99% of people out there (maybe it won't even work for most people even if the knew how you do it, which you aren't disclosing anyway), and as such, it constitutes really horrible advice. The average person who sees your post and takes your advice won't do your magical, fancy pants mental algorithms, and will leave themselves susceptible to password theft.

You basically said: Do X, which requires doing Y or else it will totally stupid. I'm not telling you Y though.

----------



No machine random generators are truly random, but the human mind certainly is not either, and reverse engineering the generator shouldn't be a problem as the hacker would not know any of the information regarding seeds, when it was generated, possible hardware specific identifiers, etc that may or may not be required in the algorithm.

----------



I'll agree with you here. A physical notepad is probably the worst thing to do. (edit: digital is pretty bad too).
You're probably right -- without a good understanding of how to create your own passwords so that they are secure, creating passwords on your own probably isn't that reliable. But that was beyond the scope of the OP's requests. I was assuming he/she is a fairly intellectual individual, and such, I was only recommending how to store their passwords, not how to create them.

----------

Quote:
Originally Posted by mslide View Post
Are you referring to my claim that my master password was generated in a random fashion? It was indeed. I did not use a computer to generate it. Nor did I use a long phrase, sentence, etc. I used a dice to generate it. I'm about as anal and paranoid as you can get when it comes to generating a master password.
Okay, I apologize for assuming. I thought that you meant you used a program to generate your master password
__________________
Macbook Pro 15" 2.6, 8GB, 750GB, 1GB VRAM
"Everything for the people, nothing by the people."

"Be the change that you wish to see in the world."
xShane is offline   0 Reply With Quote
Old Jan 28, 2013, 12:03 PM   #30
ybz90
macrumors 6502a
 
Join Date: Jul 2009
Quote:
Originally Posted by xShane View Post
You're probably right -- without a good understanding of how to create your own passwords so that they are secure, creating passwords on your own probably isn't that reliable. But that was beyond the scope of the OP's requests. I was assuming he/she is a fairly intellectual individual, and such, I was only recommending how to store their passwords, not how to create them.
Fair enough, I admit I do not know your particular needs or usage scenario, so perhaps it was unfair for me to judge your case based on my own.
ybz90 is offline   1 Reply With Quote
Old Jan 28, 2013, 12:15 PM   #31
xShane
macrumors 6502a
 
xShane's Avatar
 
Join Date: Nov 2012
Location: United States
Quote:
Originally Posted by ybz90 View Post
Fair enough, I admit I do not know your particular needs or usage scenario, so perhaps it was unfair for me to judge your case based on my own.
Then it sounds like we have come to a fair conclusion.

I'm sorry for personally attacking you, as it wasn't right for me to do so. I only intended to suggest a solution as a possible password manager. I do not believe current password managing software is truly secure. Is it more secure than how an individual creates and stores there password in their head? That's an entirely different debate in its own right.
__________________
Macbook Pro 15" 2.6, 8GB, 750GB, 1GB VRAM
"Everything for the people, nothing by the people."

"Be the change that you wish to see in the world."
xShane is offline   1 Reply With Quote
Old Jan 28, 2013, 11:53 PM   #32
SupadudeX
macrumors member
 
Join Date: Nov 2006
Quote:
Originally Posted by Spink10 View Post
Do you use it on iOS? Haven't decided if it is worth it for $1 a month. Im cheap!

----------



Do you use for iOS?
I just use the free version. Haven't tried it on iOS.
SupadudeX is offline   0 Reply With Quote
Old Jan 29, 2013, 03:08 AM   #33
CarreraGuy
macrumors regular
 
Join Date: Jan 2013
Lastpass...it's free but paid version gives you mobile and yubikey support.

Steve Gibson @grc gave it his complete run through and thumbs up.

And if you're super secure check out their grid feature - (one flavor of their second factor authentication) so God forbid someone gets your master password they would also need your grid. You can also disable the grid for certain devices.

They also have LastPass pocket if you want everything offline.
__________________
13" 2010 MacBook Pro, 2.4GHz Core 2 duo, 8gb RAM, 500gb SSD
iPhone 5 16gb
CarreraGuy is offline   0 Reply With Quote

Reply
MacRumors Forums > Apple Hardware > Notebooks > MacBook Pro

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Similar Threads
thread Thread Starter Forum Replies Last Post
Which password manager do you use, and why? buddyspencer Mac Applications and Mac App Store 32 Mar 5, 2014 01:28 PM
New OS X Password Manager Application - Password Brain BollingenSoft Mac Applications and Mac App Store 5 Feb 19, 2014 06:43 AM
Football Manager on a MacBook Pro 13? ElNeebre MacBook Pro 3 Oct 24, 2013 07:24 PM
What is the best password manager? DarrenUK Mac Applications and Mac App Store 35 May 16, 2013 09:53 AM
Password Guard Makes iPhone Your Personal Password Manager ioani iPhone and iPod touch Apps 1 Aug 24, 2012 10:38 AM

Forum Jump

All times are GMT -5. The time now is 06:41 AM.

Mac Rumors | Mac | iPhone | iPhone Game Reviews | iPhone Apps

Mobile Version | Fixed | Fluid | Fluid HD
Copyright 2002-2013, MacRumors.com, LLC