I use my computer at home, mainly to surf the web, no wi-fi. Am I really that vulnerable that I would need 2 factor authorization?
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
macOS Monterey Features Dedicated Password Section in System Preferences, Built-In Authenticator and More
- Thread starter MacRumors
- Start date
- Sort by reaction score
You have to pay for 1Password. This is free.
Right now I'm using Authy on PayPal. I wonder if I can change that to this. 🤔
There is some fears using 2FA but since I have multiple Apple devices those fears are long gone.
And with Recovery Contact it now is almost impossible to get locked out of your devices again.
Last edited:
You can host your 1Password content on your local network so you get the convenience of having it shared between your devices but it's not on the internet for everyone... everyone as in those who really want your info so bad they'll get through the encryption and/or perform criminal acts etc of course. And if you're high-profile enough to consider this type of risk it's unlikely you're using a consumer-level password manager to begin with.
Yes, actually. Everyone is. I love the people who say “it won’t happen to me” and then it does. Especially even people use easy passwords or reuse passwords.
With Strongbox, I can open my database offline.
If you want to use KeyChain, go ahead but, please make a backup of your credentials using Bitwarden or Strongbox (both free). That way, if something happens with Keychain or your device(s) you can still log into th websites you need.
If you want to use KeyChain, go ahead but, please make a backup of your credentials using Bitwarden or Strongbox (both free). That way, if something happens with Keychain or your device(s) you can still log into th websites you need.
Last edited:
That’s a good question. I’m not in front of my Mac, but if I remember correctly, open keychain access (I think it’s in the utilities folder), and somewhere there, you’ll find a checkbox for show in menu bar.
For what it’s worth, I haven’t opened the keychain utility for years. Passwords are obviously shown in Safari preferences, and I use Notes for secure notes.
Last edited:
I use iCloud Keychain for every single password. Easily one of the greatest things on a Mac.
Unless I’m misunderstanding, you can generate passwords using the keychain utility:
How to add passwords to Keychain Access on Mac
Learn how to open the built-in Keychain Access app on your Mac, manually add account passwords to it, and see them when needed.
www.idownloadblog.com
Yeah, so glad they're doing this. I HATE passwords, and though obviously this doesn't "solve" their existence, a built-in manager is at least something. It's absurd, to me, that passwords still exist, tbh. All the crazy-advanced tech in the world and we still use passwords! Haha... I guess it's the simple, seemingly obvious things that are the hardest to improve upon/innovate.
Sounds great until your system gets auto signed out of iCloud due to Apple-network issues and macOS decides to wipe your iCloud Keychain.
If at this time you donot have another device with the passwords still synced, that keychain is just permanently deleted.
Gonna stick to 1Password until this is resolved
If at this time you donot have another device with the passwords still synced, that keychain is just permanently deleted.
Gonna stick to 1Password until this is resolved
Am I the only one that genuinely doesn't understand Apple's approach to two-factor authentication? Why am I trying to have my Mac bypass 2FA by becoming a 2FA token device itself? I never understood this. I log on to appleid.apple.com, it asks for a 2FA code, and then that 2FA code is provided on the mac itself.
Now they're taking it to the next level with the same concept, except now it's also the 2FA codes for all your websites that support 2FA too. It's called a second *factor* for a reason! Please someone ELI5 Apple's 2FA approach.
Now they're taking it to the next level with the same concept, except now it's also the 2FA codes for all your websites that support 2FA too. It's called a second *factor* for a reason! Please someone ELI5 Apple's 2FA approach.
If it doesn't sync with other Password apps, it is unlikely I'll be using it significantly.
I'm on too many devices and cross-platform is a must. Apple is not really known for cross-platform, generally, so it's not likely I'll be able to benefit from this. Sad panda is sad.
I'm on too many devices and cross-platform is a must. Apple is not really known for cross-platform, generally, so it's not likely I'll be able to benefit from this. Sad panda is sad.
I agree with you about Apple's approach. I see the example of the appleid.apple.com site as a problem and a backwards security problem at that.
I've wondered a little about that before, as well. But I think the point is that your machine is linked to your Apple ID, so really it's just sending the authentication code to a "known good" device. It doesn't really matter that it's the same machine. If you just think of the login as coming from some random browser you happen to be on—like at a cafe, or some colleague's place—then the 2FA wouldn't come to that machine, it would go to your phone (or your Mac, if it was somewhere else, and logged in/running). Another way to think of it is that's it's kind of a coincidence that the browser you're running happens to be on your machine... haha... (though I realize that's super counterintuitive!)
If the machine you are using is a trusted device as you say, you shouldn't be prompted to certify again using a code that comes to the device you are asked to certify.
Yes and no. You really only need 2FA on your email -- since losing that means it's trivial to reset any other password and basically steal anything they are aware of you have.
Since most people recycle passwords -- that's double risk.
Companies lose passwords ALL.THE.TIME. And you never are told.
If a credit agency can lose your name, address, and SSN... and not be held accountable, there is zero incentive to keep your passwords secure for most places.
WiFi doesn't really matter unless you have a bored teenager with nothing else to do or became the target of someone (which usually requires you to be an interesting person somehow or another, which is rare). If someone hacks your WiFi, the worst they can do, generally is see what you're doing sort of. Encrypted stuff is still encrypted so they can't see that.
What you need to prevent is losing your email address. I would strongly recommend Authy (maybe the Apple one won't suck but... until we -know- , we don't know). Then add in your phone number.
In this situation, given a bit of elbow grease, you can get everything back. You can email your drivers license / ID to prove you are you, you can reset passwords, etc. Money transactions can be reversed / tracked, etc. Unless it's PayPal, then you lose anything in there (they are not regulated like a bank, this is by design on their part).
So you have to ask yourself firstly: What am I willing to lose?
If you could easily walk away from your digital life entirely at any moment for any reason -- then 2FA doesn't matter to you, most likely. Otherwise, if there is ANY data that is important to you -- first step is to lock that down. THEN investigate recovery of that -- usually email or cell phone methods -- and then make sure THOSE are secure.
You are, indeed, correct. One can "lose" passwords (e.g. password stored in plaintext, hacker takes database, now your email and password is out in the open...) -- having 2FA means they still need the code, at the time of logging in, to get in.
So while it may not be ideal -- it's still infinitely more secure. It requires security on YOUR part instead of relying soley on the company / website to protect you.
If 2FA is not turned on on the Apple ID account, that makes the account vulnerable to take over, especially if the person uses the same password all the time, especially a weak one. In the case of the member replied to, he needs it on even in his use case.
switch to Bitwarden. Last pass is pretty horrible . Switching takes 2 minutes to export and then import everything .
