Your not that one Agilebits guy... but you have spunk. Keep doing your thing.
----------
1Password for Mac has been pretty solid for me though.
Edit: Never mind, I apparently have very old information.
Last edited:
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
1Password for Mac Gets Updated with 30 New Features, 1Password Mini Item Editing
- Thread starter MacRumors
- Start date
- Sort by reaction score
Your not that one Agilebits guy... but you have spunk. Keep doing your thing.
----------
1Password for Mac has been pretty solid for me though.
Edit: Never mind, I apparently have very old information.
1Password
It took me awhile, but I finally broke down and bought it. Actually I've bought it across both platforms so I have it at work as well. It is was expensive, but now all of the sites are secured with real passwords.
With that said, if you are only in the Mac / iOS world, the Safari password system built into Mavericks is secure (actually, the design of the process is very secure). The weakest link would be your password to access your Mac and / or iOS device.
It took me awhile, but I finally broke down and bought it. Actually I've bought it across both platforms so I have it at work as well. It is was expensive, but now all of the sites are secured with real passwords.
With that said, if you are only in the Mac / iOS world, the Safari password system built into Mavericks is secure (actually, the design of the process is very secure). The weakest link would be your password to access your Mac and / or iOS device.
I've been beta testing iOS 7 version along with the (now) released OS X version. You can select which browser in iOS you wish 1Password to use (such as Safari) and autofill. It's coming.
I think I must be in the minority in not needing these kind of apps. I really don't get it.
My (#$%DF345#$%) type passwords are not only stored in my brain but require my personal authorization response with a time limit + Google authenticator.
Unless you have dementia or something I don't see the need for these password apps.
Anything I let Safari autofill I don't care about and can be hacked away to a hacker's delight.
Is there something I'm missing/not getting? Am I missing a cool convenience or something?
My (#$%DF345#$%) type passwords are not only stored in my brain but require my personal authorization response with a time limit + Google authenticator.
Unless you have dementia or something I don't see the need for these password apps.
Anything I let Safari autofill I don't care about and can be hacked away to a hacker's delight.
Is there something I'm missing/not getting? Am I missing a cool convenience or something?
I can't remember all the different passwords I use on each site I am a member of or do transactions with etc. And having a program on my computer, iPad or iPhone is much better and more secure (in my mind) than having unsecured text notes with the passwords on them. The program ensures that I can have hard to hack passwords and security of storage and use, without the hassle of trying to memorize numerous passwords that are 12 characters long (with numbers, letters, and symbols).
Alternative? No!
About this kind of product, feature or encryption level is not important.
It is but the most important thing is if the developer is trustworthy or not.
There are alternative products for Mac and iOS. But I believe it's stupid to use unknown software.
They can send your passwords to their server.
About this kind of product, feature or encryption level is not important.
It is but the most important thing is if the developer is trustworthy or not.
There are alternative products for Mac and iOS. But I believe it's stupid to use unknown software.
They can send your passwords to their server.
Oh, I have trouble remembering my 16-30 character passwords with random numbers and letters. Perhaps I should think of a pneumonic or something. You know... to prevent dementia and stuff.
Lets see here...
Well, that covers my MR password...now to come up with one for my bank...
Not sure if you tried this yet. After I had 1Password all set up on my iPhone, I had to shut my iPhone off and restart it for the sync to happen. Do not know if this will help you, but worked for me.
I think we're probably talking about auto-type, which would be app independent. I was involved on a discussion on their forums over this, and it seems to be pretty low on their priority list, if ever. It was a show-stopper for me, as I use lots of other apps besides browsers where I need a password.
I was sort of blown away that it was missing when I tried the demo. This seems to be the most popular password manager around, yet it's missing such a crucial feature (at least for some people).
Does ANYONE knows IF it …. allows you to input/type security questions and answers for certain sites, such as government, banks, certain data base, etc….???
I have been doing it the old fashion way, on paper …. actually on Pages. For example, for one site I have a password (long) and four security questions, none of which I can really remember. It's a pain to go back and forth.
I have been doing it the old fashion way, on paper …. actually on Pages. For example, for one site I have a password (long) and four security questions, none of which I can really remember. It's a pain to go back and forth.
(Nuts, I typed a long reply and the system lost it... so here goes again, but probably a bit shorter...)
That is interesting to hear, as this was one reason I tried it out a month or two ago (but no auto-type killed the deal before I got to testing that).
Essentially, I've given up on trying to do any kind of sync. We're using another product called PasswordWallet by Selznick, and had similar problems trying to setup a sync between myself and some business partners via Dropbox. I think that's just stretching these kinds of apps too far, and to the developer's credit, sync is REALLY hard.
What we've done is divide up a few 'wallets' by who mostly works with that set of data, then that person 'owns' that master file and just tosses a COPY of it into a shared area as needed by the group. So, that copy gets treated as essentially read-only. Locally, with my master-files, I only enable one computer's local-sync ability so I can sync up my iPad and iPod as needed. I actually store the file on Dropbox (which is a no-no for the app's sync, as they use Dropbox APIs) but treat it as a single-access type file, as I never have more than one system in it as a time anyway, and then I get Dropbox's revisioning in case something ever goes wrong.
In other words, if you're just working between two systems you personally use, I wouldn't even mess with sync. Just keep the file in a shared area and access it one computer at a time (this obviously doesn't work well if multiple people are involved, hence our solution)... and keep good back-ups and revisions of it. It's kind of the KISS method, but on something this important, I'm not messing around with potential data-loss!
BTW, PasswordWallet is a really nice app to check out as well. While it looks a bit older than 1Password, IMO, it's more full-featured and much more screen-space efficient. And, the local-sync ability (i.e.: iPad to computer, etc) has been rock-solid for years (I started using it in my palm-pilot days).
----------
Just going from memory here, but I'm pretty sure it has a 'notes' area, and possibly custom fields. So, you can store your question and response stuff in the notes area. That's what I do (I use another app called PasswordWallet).
No kidding! In today's Internet, you absolutely need a password manager.
The best security advice I give people is to use a strong and unique password for EVERY site or account of any kind they setup. Put it all in a password manager and then be VERY careful with that file (lots of backups, archives, revisions, etc.). If the app doesn't do a good job of that on it's own... do it manually. For example, quit the app and make a copy of the file somewhere safe.
And, IMO, it's critical that it has a good *reliable* sync or way to get the data from the desktop into iOS devices (or other mobile devices) as then you have that info with you when you're not at your computer.
Here are the official release notes:
https://app-updates.agilebits.com/product_history/OPM4
Apparently they still haven't implemented Wi-Fi sync between desktops
https://app-updates.agilebits.com/product_history/OPM4
Apparently they still haven't implemented Wi-Fi sync between desktops
It has a discount occasionally, I picked it up for half price.
----------
My father has dementia, your use of the word is offensive. No, I don't have dementia, but I don't have a good enough memory to remember dozens of secure passwords, either. Bank accounts, credit card numbers, software licenses - you can remember all that information? If you do, that's great, but some people find these apps useful.
lol I refuse to use one password as well.
I don't have a problem remembering the few passwords I use on a daily basis even if they are over 8 or 9 characters long. Also with keychain it's made devices a hell of a lot easier to log in.
I know the benefits off the app but I'm not a big fan of a program generating passwords for me even if they might be slightly more complex.
- It actually generates secure passwords for you!
- Cross-platform
- Cross-browser (Safari, Firefox, Chrome, ...)
- Stores more than just "web-passwords" and credit-card numbers, such as router passwords, notes, ... well, any structured secure data you could imagine (and you can extend those structures with additional fields, e.g. for your local DVD store membership ID card)
- Most importantly (for me): local Wi-Fi sync between iOS/OS X!
So are you using the same password on all your accounts? I doubt you remember 20 different username/password pairs (I am registered maybe on more websites than that).
It's just not save to repeat passwords across the web because time to time website developers suffer from dementia and stuff and leak your password
I use Msecure and it is great! I don't have anything to complain. It is cheaper. It is at least as good as 1Pasword.
I don't work for them. I am just a happy customer.
I don't work for them. I am just a happy customer.
Last edited:
Quick question for you: Do you consider any of the following passwords secure?
- thereisnofatebutwhatwemake
- eastofthesunwestofthemoon
- !)@(#*$&%^Test123
- *tecno9654postgres
- !@#$%^&*()_+lisa
- Ph'nglui mglw'nafh Cthulhu R'lyeh wgah'nagl fhtagn1
If your answer to just one of the above is "Yes": Think again real hard about using a good password manager!
Those passwords above were all guessed using "dictionary lookup" attacks within hours or days (not weeks or years)! Several hours to days!
(And please note: there are all considerably longer than your simple "8 or 9 character passwords"!)
Rule of thumb: if you try to come up with a password that is based on any (combination of) word(s) that can be found "on the Internet" (Twitter, Wikipedia, websites, news groups, the Bible, other book texts available in electronic form, ...), it is very likely that it will be guessed! Even 1f u d0!permutat1ons$and_try2bcl3v3r! ("rule-based substitution attacks").
For a detailed background why you should be very concerned:
http://arstechnica.com/security/201...ing-the-next-frontier-of-password-cracking/2/
"How the Bible and YouTube are fueling the next frontier of password cracking"
And considering that several major (commercial) sites were hacked and millions of encrypted passwords were stolen in the past few months, you should really have different passwords for each and every service!
(What people often forget: they might have a hugely "secure password" for e.g. their Apple ID, but they have a weak password for their email, so attackers can guess the email password, reset the Apple ID with a confirmation email sent to that email address, and *zonK*! There you go! Your Apple ID accessible now to them as well!)
Well, as I said: reconsider of what you think is "secure"...
Last edited:
By the way: we are talking about highly tuned password cracking algorithms, but they were run on ordinary (graphics) hardware, that is, using OpenCL and several commercially available GPUs stacked together. So nothing a few 1000 of dollars could not buy.
So we are not just talking about dedicated [name your favourite three-letter security agency here] high performance hardware clusters...
----------
Point taken