Stolen(gone) Macbook security

exoska

macrumors newbie
Original poster
Jan 12, 2009
9
0
Hi,

some $#@! stole my 2 macbooks from my car this week. i am curious about the lost data's safety. i know that i cant get them back but i am afraid that the thief might be capable of using the 100s of logins saved.

so, they were both running on SL . logins were with password.
i know that with a leopard dvd you can bypass/change the login password. but even if they can login, without authentication of the keychain(i think you would not be changing the keychain password from the dvd login) can they access the data of these;

transmit,
1password,
firefox(passwords were secured with a main password)

it s an urgent situation for me, i d be glad if some of you guys can help me out.

thanks in advance.
 

maflynn

Moderator
Staff member
May 3, 2009
65,953
32,307
Boston
What ever passwords are saved in those apps are now accessible to the thieves. If you saved credit card/bank passwords they have access to your financial info

I'd change your passwords now and put a fraud alert on your credit report ASAP

w/o any security or passwords on your computer, you data and personal information is now compromised and you need to move fast to mitigate any problems with ID theft

bummer on you theft :(
 
Comment

exoska

macrumors newbie
Original poster
Jan 12, 2009
9
0
i dont get it,
i think 1password is has the data encrypted.
anyone without the experience of cracking data of that kind cant be able to reach the passwords, is that wrong?
 
Comment

roadbloc

macrumors G3
Aug 24, 2009
8,785
211
UK
If you use 1password, all you passwords ever used are on your computer. And on the keychain. The thieves have it all. Sorry.

All you can do is change your passwords and hope and pray that the thieves are dumb, and don't even know what a mac is, and just format it and put a new os on it.
 
Comment

exoska

macrumors newbie
Original poster
Jan 12, 2009
9
0
ok i ll be changing ,
but ,
keychain is accessed by a password only right?
otherwise you have to crack the data out of it?
 
Comment

TonyK

macrumors 65816
May 24, 2009
1,027
144
was 1Password also using a password for access (not auto open)? If so, it should be okay though it could be cracked I guess if it were a simple password.
 
Comment

TonyK

macrumors 65816
May 24, 2009
1,027
144
1Password data is encrypted. But if 1Password is set to bypass a challenge screen on startup (when opening 1Password), your data is completely visible.

My setup of 1Password *always* asks me for a login password when accessing or starting it.

i dont get it,
i think 1password is has the data encrypted.
anyone without the experience of cracking data of that kind cant be able to reach the passwords, is that wrong?
 
Comment

exoska

macrumors newbie
Original poster
Jan 12, 2009
9
0
well
my 1password was asking for a master password when i launched it.(it was a >12 char password)
and when i tried to use it from a browser.
and it did not ask again for some time(like after a sleep or a screen saver)

i m not sure if what the challenge screen is. i was using the standart 1password setup.
 
Comment

knewsom

macrumors 6502a
Jun 9, 2005
949
0
Better safe than sorry...

I mean, uh, sorrier, sorry dude, that's really a bummer.

But yeah. Change your passwords. QUICK. If you're lucky, the thief won't be any sort of hacker or anything and will just want to try and sell the stolen computers. Then again, you never know who he's going to sell them TO, or if he'll be so kind as to wipe the HD's...

The data IS encrypted, but can be hacked, really, anything can be hacked. Just be safe.
 
Comment

exoska

macrumors newbie
Original poster
Jan 12, 2009
9
0
thanks. the thing is, if you can change the login password from the dvd, and access the desktop of the user, can you run anything as you like? i mean what i recall is if you try to access a app that is keychain integrated it would ask for the password again. you would not be changing the keychain password.

is that wrong?
 
Comment

angelwatt

Moderator emeritus
Aug 16, 2005
7,857
7
USA
thanks. the thing is, if you can change the login password from the dvd, and access the desktop of the user, can you run anything as you like? i mean what i recall is if you try to access a app that is keychain integrated it would ask for the password again. you would not be changing the keychain password.

is that wrong?
Yes, if they change the password using an install disc they can access everything in your account that is associated with the user name. If 1Password has a separate password from your account, then it is safe. If you setup a separate keychain password from your account password, then it is theoretically safe. The default though is to tie the main keychain to your login password, which would be updated when changing the password from the install disc.
 
Comment
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.