Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

MacRumors Forums: Security Leak

I really don't like the new password changing system that Lastpass uses...saved over my old password before MacRumors confirmed (then denied) my new password. So I had to recover, then try again.
 
Mildredop said:
So what's stopping someone cracking the master password and getting all the random ones for each of my logins in one go?
Click to expand...

Unless they have your database file to begin with (crack either your dropbox or iCloud or have local access to your Mac), then the master password is useless to them.
 
dannyp1996 said:
Just changed my password using the safari suggested password, and have done this for all my accounts recently. Really useful tool.
Click to expand...

Genuine question -

Say, for example, that I let Safar create a complex password for my online banking site. It will be saved and available across Safari on all of my devices. That's great!

How about when I need to enter the complex password into my online banking iOS app? How does that work?
Obviously I didn't memorize the password. Can I copy and paste it from Safari?

I want to love this feature, but I use so many apps with log-ins that I don't know how useful it will be for most sites that also have apps.
 
darkslide29 said:
Genuine question -

Say, for example, that I let Safar create a complex password for my online banking site. It will be saved and available across Safari on all of my devices. That's great!

How about when I need to enter the complex password into my online banking iOS app? How does that work?
Obviously I didn't memorize the password. Can I copy and paste it from Safari?

I want to love this feature, but I use so many apps with log-ins that I don't know how useful it will be for most sites that also have apps.
Click to expand...

Do what I do.

I have a spreadsheet on my computer that is backed up ..

That is the ONLY place it resides. I do NOT trust ANY cloud solution for passwords. Including Apple's.
 
Peace said:
Do what I do.

I have a spreadsheet on my computer that is backed up ..

That is the ONLY place it resides. I do NOT trust ANY cloud solution for passwords. Including Apple's.
Click to expand...

A spreadsheet? It's 2013... use 1Password. So you encrypt your spreadsheet?
 
elgrecomac said:
I assumed that the passwords were hashed but, as they say, if you assume anything it will make an ASS out of U and Me.

Macrumors, this is just plain wrong.

:eek:
Click to expand...


They were salted and hashed. Read the news article and it clearly states that.
 
My only complaint is that it was not posted sooner. I do appreciate this posting showing what happened but last night when the forums went down would have been a great time to post something. There were at least 5 new article posts from when they went down.

I come to macrumors to get my Apple rumors and news.

Where do I go to get my macrumors news?
 
Peace said:
Do what I do.

I have a spreadsheet on my computer that is backed up ..

That is the ONLY place it resides. I do NOT trust ANY cloud solution for passwords. Including Apple's.
Click to expand...

So someone gets on your Mac, opens Excel or Numbers, and BAM they have all of your passwords.

I'd rather use 1Password myself.
 
I decided to give icloud keychain a try, 3 passwords later and I've given up. Back to something I can remember.
 
Peace said:
It's on my personal computer that goes nowhere. If a hacker wants to break into my house he has to go through a stressed out Vietnam vet first and he won't like that. Trust me.

;)
Click to expand...

Last I checked... personal computers can get viruses, can be hacked remotely. I would not feel safe keeping all my passwords in a spreadsheet. Please get 1Password, you'll thank me for it. Boy does it make your life easier (with Safari/Chrome plugin), not to mention a lot safer.
 
iCloud keychain doesn't seem to activate when I try and log in. I had to recover my account because it never showed up. Anyone else having issues with it on this site?

----------
larrylaffer said:
iCloud Keychain does not work with this site. In fact, I just changed my password to use the iCloud one, and Safari didn't autofill the login form, negating the purpose altogether.
Click to expand...

Oh, I posted before seeing this. Yep, iCloud keychain doesn't work for me on this site either.
 
furi0usbee said:
Last I checked... personal computers can get viruses, can be hacked remotely. I would not feel safe keeping all my passwords in a spreadsheet. Please get 1Password, you'll thank me for it. Boy does it make your life easier (with Safari/Chrome plugin), not to mention a lot safer.
Click to expand...

Not gonna happen. Thanks tho !

:)
 
What I will ask is when is the forum software going to be updated. It's still on VB 3.8.7 which is a 2011 release. I know VB costs money, however It does make me wonder about patches on the database and apache
 
That was a close call. Nowadays there are many security threats and we all should be careful. Thanks Mods for restoring the forum
 
darkslide29 said:
Genuine question -

Say, for example, that I let Safar create a complex password for my online banking site. It will be saved and available across Safari on all of my devices. That's great!

How about when I need to enter the complex password into my online banking iOS app? How does that work?
Obviously I didn't memorize the password. Can I copy and paste it from Safari?

I want to love this feature, but I use so many apps with log-ins that I don't know how useful it will be for most sites that also have apps.
Click to expand...

I tend to temporarily write down the automatically generated password, enter this into my various apps, then destroy this temporary record.

You should periodically replace your passwords as a matter of course, so I don't find any issue with having no quick access to my password.

(Note however I do use a memorable - albeit cryptic - password for things such as my email which I do use on a lot of other devices)
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back