unmasking passwords as I write

Discussion in 'macOS' started by palmharbor, Sep 21, 2012.

  1. palmharbor macrumors 6502

    Joined:
    Jul 31, 2007
    #1
    I am going nuts with Passwords and username & apps that only work once in a while.
    I use my Mac in my house and I do not need secrecy by obscuring
    my passwords. Does anyone know an app that will reveal your own
    passwords on the mac etc.
    I have searched and found nothing.
     
  2. aaronvan Suspended

    aaronvan

    Joined:
    Dec 21, 2011
    Location:
    República Cascadia
    #2
    An age-old request! Bruce Schneier says 98% of users don't need obscured passwords even in the workplace and nobody needs it at home. Yet Apple and M$ continues to decide for the users what level of password security they need. I think Steve was strongly against visible passwords but he is gone so it's time to take another look. There are a few Safari scripts out there, but this should be a global option in system preferences.
     
  3. Weaselboy Moderator

    Weaselboy

    Staff Member

    Joined:
    Jan 23, 2005
    Location:
    California
    #3
    This Safari extension will help with that issue for browser passwords.
     
  4. rhoydotp, Nov 19, 2012
    Last edited: Nov 19, 2012

    rhoydotp macrumors 6502

    rhoydotp

    Joined:
    Sep 28, 2006
    #4
    that's because this is an unusual request. but maybe a bit of background will help.

    your Mac doesn't even know what your password is (or at least it shouldn't). what happens is that when you change or set a password, it will be encrypted using a 'salt'. the password database will then have the encrypted password plus the 'salt'. when the user authenticates, the password db will be queried for the 'salt' and apply the same encryption algo to what the user have just keyed-in. after that, it will just do a string match. hence, most of the tool will only "reset" the password, but never recover the actual string.

    ... so, unless you do a brute attack, there is really no way to find the password afterwards once the user puts it in. good luck on your search.


    EDIT: if yo don't really care, write your password on sticky :)
     
  5. rhoydotp macrumors 6502

    rhoydotp

    Joined:
    Sep 28, 2006
    #5
    why do we even bother using a dead-bolt on our doors or even closing the window. i can't believe someone would even suggest this! :confused:
     
  6. aaronvan Suspended

    aaronvan

    Joined:
    Dec 21, 2011
    Location:
    República Cascadia
    #6
    The point is we usually don’t have someone peering over our shoulder when we log-in so there is no benefit to obscuring passwords and a lot of time can be saved by not obscuring them.
     
  7. wackymacky macrumors 68000

    wackymacky

    Joined:
    Sep 20, 2007
    Location:
    38°39′20″N 27°13′10″W
    #7
    I think the point is passwords appearing as :apple::apple::apple::apple: on the screen rather than displaying the text doesn't offer more security at home where there is no threat of someone looking over your shoulder to read what you're typing, as apposed to the use of strong passwords and secure password/key storage.

    Though to be honest most of my "secure" passwords are a combination of symbols/letters/numbers and typing them by "touch" is easy than trying to read (asG56#,bk!d`sm5t.9Fe on the screen.
     
  8. rhoydotp macrumors 6502

    rhoydotp

    Joined:
    Sep 28, 2006
    #8
    i know it's not your intention but this bit is really funny! a lot of time by showing your own password that you should know? funny stuff, man!

    i see where you are coming from and maybe there is merit to that. hopefully someone gives you an option to do that later on.
     
  9. aaronvan Suspended

    aaronvan

    Joined:
    Dec 21, 2011
    Location:
    República Cascadia
    #9
    I'm glad you're so easily amused. For those who want intelligent discussion on this topic:

    http://www.schneier.com/blog/archives/2009/06/the_problem_wit_2.html

    http://www.out-law.com/page-10128

    http://www.thetechherald.com/articles/Is-usability-worth-more-than-security/6488/
     
  10. old-wiz macrumors G3

    Joined:
    Mar 26, 2008
    Location:
    West Suburban Boston Ma
    #10
    why not just get an ap like 1Password?
    it stores your logins and passwords and you only need to remember the 1password password
     
  11. rhoydotp macrumors 6502

    rhoydotp

    Joined:
    Sep 28, 2006
    #11
    because talking about making password clear is really intelligent. I think I'm done with this discussion, my intelligence is not capable dealing with such complex subjects ... good luck pushing this through, apple might listen. they been doing some stupid things lately ... or highly intelligent, depends on which side you're looking from
     

Share This Page