or Connect
AppleInsider › Forums › Mobile › iPhone › 1Password for iOS/Mac gets temporary price cut, upcoming iOS 8 version to be free update [u]
New Posts  All Forums:Forum Nav:

1Password for iOS/Mac gets temporary price cut, upcoming iOS 8 version to be free update [u] - Page 2

post #41 of 97

I assume that using any password manager means I can't access my online accounts using anyone else's computer? Like I won't be doing any online banking via my work computer because I won't actually know the "real" password, right?

Lorin Schultz (formerly V5V)

Audio Engineer

V5V Digital Media, Vancouver, BC Canada

Reply

Lorin Schultz (formerly V5V)

Audio Engineer

V5V Digital Media, Vancouver, BC Canada

Reply
post #42 of 97
Quote:
Originally Posted by Lorin Schultz View Post

I assume that using any password manager means I can't access my online accounts using anyone else's computer? Like I won't be doing any online banking via my work computer because I won't actually know the "real" password, right?

Nope and nope.

"The real haunted empire?  It's the New York Times." ~SockRolid

"There is no rule that says the best phones must have the largest screen." ~RoundaboutNow

Reply

"The real haunted empire?  It's the New York Times." ~SockRolid

"There is no rule that says the best phones must have the largest screen." ~RoundaboutNow

Reply
post #43 of 97

It's been a long time since I used it, so can someone please clarify if 1Password directly interacts with Safari now, or do I still need to use their built-in browser?

post #44 of 97
Quote:
Originally Posted by BestKeptSecret View Post
 

It's been a long time since I used it, so can someone please clarify if 1Password directly interacts with Safari now, or do I still need to use their built-in browser?

 

On iOS you have to use their built-in browser until iOS 8 is release. Apple will allow third party extensions with iOS 8, which should be released in few weeks.

post #45 of 97
Quote:
Originally Posted by NasserAE View Post


Why bother with Numbers?! Go to a stationary store and buy one of these notebooks with small lock and key and built in pencil. It will do exactly the same thing and you don't have to worry about syncing and internet!

I can't password lock a notebook.  Maybe yours have a little heart locket or something? :smokey:

post #46 of 97
Quote:
Originally Posted by djames4242 View Post
 

 

You're right - you don't need to pay for a password tool. You can store your passwords in a spreadsheet. You know what else? You don't need to use a car to get to work - that costs money and is, in a sense, a third-party tool when compared to your feet which you could use to walk to work. I bought a car because I wanted the convenience and the speed of getting where I want to go.

 

I'm afraid I have to completely agree with macxpress - this sounds like the most cumbersome, inconvenient method of password management I can imagine. If you only log in to a couple of sites, and if you're the kind of person who isn't willing to pay a little money for convenience, then more power to you for using what works.

 

On the other hand, I currently have 317 distinct website passwords stored in 1Password and I can't even begin to fathom the hassle of wanting to log in to a site, switching to Numbers and opening a document, searching for the site, copying the login name, switching back to Safari, pasting the login name, switching back to Numbers, copying the password, switching back to Safari, and pasting the password. And if there's a secondary or tertiary authentication method (as is often the case with banks), repeating the process a third, and possibly a fourth time.

 

And then if I want to purchase something on a site, opening another Numbers spreadsheet or tab and repeating the process for my credit card number, my expiration date, and my verification code. No. Just. No.

 

Instead of all this, I open 1Password on my Mac or iOS device, type in the name of the site I want to hit, select it, click the link, and within seconds I'm logged in and doing whatever it is I needed to do. If I want to buy something, from within 1Password I hit the lock icon and navigate to my desired method of payment and select it and all of the information is entered and I'm done. Ditto for my shipping and billing address information.

 

Seriously, whatever works for you - but before I'd resort to storing my passwords in a spreadsheet and dealing with lots of app switching and copying and pasting, I'd bang my head against a wall. Of nails. With the pointy-sides out. After they've been left to rust. That sounds far more pleasant.

Whew! :lol:

 

You log into 317 distinct websites?  Daily, weekly or monthly?

Clearly our priorities are very different.  

 

I've probably got about two hundred different passwords from various things.  The less critical are in iCloud Keychain available whenever i need them, a few critical ones like my Apple ID are in my head, and the rest are in a Numbers doc and easy enough to find whenever and where ever I need them.  Don't h8 because you had to spent money to accomplish the same thing.  :smokey:  

 

*Bonus: My Macs also run faster/leaner without all the unnecessary gobbly-gook.  You like the cutesy little lock in the menu bar, I like all power to the warp drive.  To each his own.

post #47 of 97
Quote:
Originally Posted by djames4242 View Post

I open 1Password on my Mac or iOS device, type in the name of the site I want to hit...

That reads as a very unintuitive thing to do: wanting to go to a website by opening a password app... instead of a browser. But ok, iOS8 to the rescue as I understand it.

Quote:
Originally Posted by SolipsismX View Post

Nope and nope.

Good to know. Though perhaps relevant for @Lorin Schultz, IE is not supported, as stated at the bottom of that page. Then again, it's v3 on that page, so things may have changed now that they're on 4.5.3



Thanks to all for the added info after our last discussion.

One thing though; I think the wording on their site is a bit... childish:

Let's start having fun with 1Password!

"...welcome aboard, we’re glad to have you in our family. ..."

"Fun"? "Family"? "grab 1Password 4 at Apple’s iOS App Store"? -Grab? I'll need to pay for it, right¿

"Dropbox, our favorite file-syncing service, is a great option." - the next time I want your opinion, I'll give it to you

"1Password loves both the web and your data!" - "love"?

What's this, a social media outlet?

Also, the Master PW:



Not exactly an image I would use, with a mere 4 characters.

Anyway, those are my handpicked negatives. And I'm being very harsh on them; it is an excellent PW manager, probably the best one out there.
How to enter the Apple logo  on iOS:
/Settings/Keyboard/Shortcut and paste in  which you copied from an email draft or a note. Screendump
Reply
How to enter the Apple logo  on iOS:
/Settings/Keyboard/Shortcut and paste in  which you copied from an email draft or a note. Screendump
Reply
post #48 of 97
I wanted to take advantage of the sale offer but was very disappointed to learn that 1Password for the Mac requires Mac OS X 10.8.5 Mountain Lion or newer. 1rolleyes.gif1oyvey.gif
post #49 of 97
Quote:
Originally Posted by Lorin Schultz View Post

I assume that using any password manager means I can't access my online accounts using anyone else's computer? Like I won't be doing any online banking via my work computer because I won't actually know the "real" password, right?

In addition to Soli's reply: you don't specifically NEED to have both the Mac OSX and iOS version of the app. They do work in great harmony together, but for your worry and @Riot Nrrrd(TM)'s... uhm... problem, the iOS version "could be" enough.

Quote:
Originally Posted by Riot Nrrrd(TM) View Post

I wanted to take advantage of the sale offer but was very disappointed to learn that 1Password for the Mac requires Mac OS X 10.8.5 Mountain Lion or newer. 1rolleyes.gif1oyvey.gif

Ditto the Emoticons for complaining: 1rolleyes.gif1oyvey.gif
Knowing what you are talking about would help you understand why you are so wrong. By "Realistic" - AI Forum Member
Reply
Knowing what you are talking about would help you understand why you are so wrong. By "Realistic" - AI Forum Member
Reply
post #50 of 97
Quote:
Originally Posted by ThePixelDoc View Post

Ditto the Emoticons for complaining: 1rolleyes.gif1oyvey.gif
I don't see why complaining isn't legitimate. I'm running on Snow Leopard 10.6.8 at home and the vast majority of software I use runs just fine on it.

I've seen some software where the developers say that the APIs they need changed starting in Lion so they dropped Snow Leopard support and only support Lion and newer. I don't like that either, but a least it's a fair excuse. But I can't think of any other software I know of that demands so recent an OS version for their Mac client as 10.8.5.

Disclaimer: I don't know anything about 1Password and have never run it, so if it's possible to use it just on an iOS device and still be able to enter passwords while I'm on my Mac, I'm all ears - but most of the benefits of a password manager come from Forms auto-fill which obviously isn't possible in that scenario.
post #51 of 97
Quote:
Originally Posted by redefiler View Post
 

Don't h8 because you had to spent money to accomplish the same thing.  :smokey:  

 

I don't hate - I bought a computer to do things for me. Sounds like you may have bought a computer to be a rather expensive notebook. No worries. Whatever time you perceive to save by having your computer run faster than mine is more than eaten up by the amount of time taken to switch apps back and forth repeatedly to copy and paste.

 

Really, personal digs aside, each of us has our workflow preferences. However, us Mac users generally spend a lot of money for our computers and to me the cost of the software in comparison is not much considering the convenience and security of password management. I mean, really. I have spent a lot of money on tools like OmniFocus when I could just track my tasks in a spreadsheet (or a spiral notebook). Again, I bought a computer to do things for me and I like the way OmniFocus helps my workflow. 1Password is another one of those tools that I feel saves me time and mental energy.

post #52 of 97
Quote:
Originally Posted by Tallest Skil View Post
 

I don’t remember why I’d need this over what OS X/iOS does natively. Anyone?

I thought the exact same thing. Here is why I cut over and why I think it's a great decision:

 

1. I don't like how keychain is secured on mobile devices. It's the same 4-digit pin as your device.

 

2. Keychain sucks for storing passwords that you'd need to type into an app. You can get to the PW, but it's really awkward.

 

3. I can store a whole lot more more stuff in 1P. Passports, banking, software serials, secure notes, etc...

 

4. I don't trust cloud providers like Evernote, even if I encrypt the note. I feel better about a 256 AES encrypted database, even if it *does* sit on an iCloud drive (which I don't need to do, just choose to).

 

Stuff I didn't expect and really like:

 

1. I do a lot of demos. I can open and log into sites really quickly with the 1P Mini app.

 

2. I like the password formulae. Keychain always proposes insane passwords. They are great, but if you need to type them into your Apple TV, it's not ideal. I can generate passwords that are hard to figure out but more usable. I scale strength based on the type of site.

 

3. I actually do use it for a lot more stuff than I thought I would.

post #53 of 97
Quote:
Originally Posted by NasserAE View Post

This makes me wish Apple offer Mac and iOS app bundles when iOS 8 and Yosemite is released. There will be iOS app bundles though, which is good.

On 1Password.. I love this app!!
I don't see why they don't offer the same app Mac and IOS version in 1 package in first place.
post #54 of 97
Quote:
Originally Posted by Damn_Its_Hot View Post
 

I tend to doubt that the example you give is better -- assuming your definition of better is 'more secure'. The first can be hacked with a dictionary attack whereas the second is totally random an uses a mix of lowercase alpha, numbers and punctuation. By simple reasoning alone your 14 char passwords are made up of a common simple phrase consisting of 3 words (one being the most common password used) whereas the other could be stronger and contain as many english language pairs I would consider it stronger. Care to share your source?

http://xkcd.com/936/ -- For the quick explaination. Bottom line, I agree with the over all idea. But, not exactly how the comic presents it.

 

When a website enforces complex passwords, but sets the minimum length to 8 characters -- that's all the user will create an 8 character password. Now, don't get me wrong a complex 8 character password is, eh, secure enough. The problem for the average user, though, will be the password paradox. They will have a hard time remembering complex passwords, so what does that person do? They use the same exact complex password for -everything- which, of course, is terrible. Therefore, the argument is that minimum length should be set much higher, as high as say 25+ characters, but complexity not enforced. The user would then be free to make a more memorable password.

 

Ergo -- since "mynameisjoeblowandiamawesome" is much easier to remember then "(yZ0gN,C" users would create unique passwords more often.

 

From a brute force perspective longer non-complex passwords have greater entropy then shorter more complex passwords and, as such, would take a lot longer to "guess". Which would be fine if dictionary attacks didn't exist. Combining non-capitalized letters together wouldn't be difficult.

 

Now, if I didn't know that users would just capitalize the only the first letter and put a "1" at the end of their password I would suggest that some complexity be required. Instead, what I would like to see is that users combine mnemonics with their passwords.

 

Ergo -- "mynameisjoeblowaiaa" where "aiaa" = "and i am awesome" or something like this.

post #55 of 97
Quote:
Originally Posted by freediverx View Post
 

 

 

Tl/DR: A long password comprised of simple words is more secure and easier to remember than a shorter alphanumeric password with symbols and punctuation.

The concept is an over simplification. In a very "random" password, each position could be made up of 26 upper case, 26 lower case, 10 digits and over 20 symbols. That's 82 possible characters at each position. If you want to build a "simple" password that "easy to remember", you'll go all letters in one case, as in the example. In that case, the shorter password is still more secure (albeit the spread isn't huge).

 

A while ago, sadly don't remember where, I read an article by a password cracker on how passwords are cracked without hash tables. They were pretty clear that the random passwords are the most problematic as they use a variety of techniques to easily guess away many passwords.

post #56 of 97
Quote:

 

Ergo -- since "mynameisjoeblowandiamawesome" is much easier to remember then "(yZ0gN,C" users would create unique passwords more often.

 

 

I don't believe it. With a PW manager you can easily create a unique password for every site. The biggest risk if you use any decent password is that weak security on one site will compromise a PW you used on 50 sites.

 

How many sites do you have PWs at? I started using 1P not too long ago and right now I have 78, with many more not in there yet. What are the odds of someone memorizing the crazy sentence they made for each site without creating a pattern (e.g. thissiteisnamedappleinsiderdotcom)? Low. Before 1P I had 4 passwords: Junk (for dodgy sites I don't trust. Go ahead, lose it.), Low security (trust you a bit, info on site unimportant), Medium security (important data, I trust you), High security (long PW, critical data, high level of trust), plus unique PW for email. Still, lots of reuse and I still needed to keep a dictionary to remind me of what level I bound to what site.

post #57 of 97
Quote:
Originally Posted by AnalogJack View Post
 

 

Well it must be true then.

Yeah, you're right, Jack. Reading is over-rated! :)

 

Best.

post #58 of 97
Quote:
Originally Posted by barthrh View Post

I don't believe it. With a PW manager you can easily create a unique password for every site. The biggest risk if you use any decent password is that weak security on one site will compromise a PW you used on 50 sites.

How many sites do you have PWs at? I started using 1P not too long ago and right now I have 78, with many more not in there yet. What are the odds of someone memorizing the crazy sentence they made for each site without creating a pattern (e.g. thissiteisnamedappleinsiderdotcom)? Low. Before 1P I had 4 passwords: Junk (for dodgy sites I don't trust. Go ahead, lose it.), Low security (trust you a bit, info on site unimportant), Medium security (important data, I trust you), High security (long PW, critical data, high level of trust), plus unique PW for email. Still, lots of reuse and I still needed to keep a dictionary to remind me of what level I bound to what site.

And 1P's auditing features help you figure out which ones are weak passwords, which ones haven't bene changed in a long time (something I typically don't need to worry about since I'm using a unique password for each site but I do change them every 3 years), and their new Watchtower service that lets you know if a site has been compromised. On top of that there are all the other features included.

My only quibbles with 1P are (in order of most to least difficult):
  1. An option for multiple passwords and/or a delay response on the Mac. For example, I have one account that has been put in a username and password, which then goes to another screen which asks for an additional security item. I'd like this to be a single click option to complete both pages. A similar situation for another site that has me put in a username on one page, which then goes to another name and has me put in a password after verifying a word and image (that is for phishing scams, if you haven't seen that setup before).
  2. No category for health info. You can put your health insurance info in the Membership category but I want something that will list vaccinations with their year and expiration date, as well as other relevant info that one may need but doesn't often access and therefore doesn't usually recall from memory. I current use their Secure Notes for this.
  3. Now that 1P uses browser extensions, instead of plug-ins, it's harder to tell when an extension has been updated. I would like them to simple generate a standard Mac notification to say something like, "Your 1Password browser extension(s) were updated to version 4.2.5."

I've requested all these features.

"The real haunted empire?  It's the New York Times." ~SockRolid

"There is no rule that says the best phones must have the largest screen." ~RoundaboutNow

Reply

"The real haunted empire?  It's the New York Times." ~SockRolid

"There is no rule that says the best phones must have the largest screen." ~RoundaboutNow

Reply
post #59 of 97
Quote:
Originally Posted by barthrh View Post
 

I don't believe it. With a PW manager you can easily create a unique password for every site. The biggest risk if you use any decent password is that weak security on one site will compromise a PW you used on 50 sites.

 

How many sites do you have PWs at? I started using 1P not too long ago and right now I have 78, with many more not in there yet. What are the odds of someone memorizing the crazy sentence they made for each site without creating a pattern (e.g. thissiteisnamedappleinsiderdotcom)? Low. Before 1P I had 4 passwords: Junk (for dodgy sites I don't trust. Go ahead, lose it.), Low security (trust you a bit, info on site unimportant), Medium security (important data, I trust you), High security (long PW, critical data, high level of trust), plus unique PW for email. Still, lots of reuse and I still needed to keep a dictionary to remind me of what level I bound to what site.

Oh, I absolutely agree that password managers are the future. I was just responding to the 'long non-complex password' model/idea/theory whatever you want to call it. There are loads of problems with it. Users will still game the system. Which is why I stated that I agree with it in principle, but not exactly as presented.

 

Long, complex, high entropy passwords that are unique for every website are absolutely the best. Getting people to use password managers and getting them to work in every situation and getting the people to not use "1234" or whatever as their 1Password is another.

post #60 of 97
Quote:
Originally Posted by AJMonline View Post
 
I just saw FreeDiverX's post and his cartoon demonstrates the concept of passphrases perfectly.    I still like the longer 8 part passphrases, but if the words are random, he is correct that 4 should be enough.

That was a nice cartoon. I use something similar to make up passwords. I use easy to remember location descriptions or cross streets. For example: PennsylvaniaAveNW@MadisonPlNW.  Of course that is not my current address, but you get the idea. I'm sure 1Password is much more secure than my system, however I have not tried it yet, mostly because I think it would probably take a long time to set up and get used to, not sure.

Life is too short to drink bad coffee.

Reply

Life is too short to drink bad coffee.

Reply
post #61 of 97
deleted double post

Life is too short to drink bad coffee.

Reply

Life is too short to drink bad coffee.

Reply
post #62 of 97
Quote:
Originally Posted by Curtis Hannah View Post


I don't see why they don't offer the same app Mac and IOS version in 1 package in first place.

 

It is because the only way to get iOS apps is through Apple App Store. There is no way to tie iOS App Store sale to Mac App Store or non Mac App Store sale.

post #63 of 97
Does surfing the web through the browser from 1Password help? I understand it automatically can log you in, but does it automatically log you out? Asked by @DocNo42

Most importantly the authentication token in your cookie is unencrypted - how many people think to log out when done surfing a site?

http://forums.appleinsider.com/t/181695/apples-steve-jobs-had-vision-of-building-an-open-wi-fi-utopia/40#post_2576299
How to enter the Apple logo  on iOS:
/Settings/Keyboard/Shortcut and paste in  which you copied from an email draft or a note. Screendump
Reply
How to enter the Apple logo  on iOS:
/Settings/Keyboard/Shortcut and paste in  which you copied from an email draft or a note. Screendump
Reply
post #64 of 97
Quote:
Originally Posted by djames4242 View Post
 

 

I don't hate - I bought a computer to do things for me. Sounds like you may have bought a computer to be a rather expensive notebook. No worries. Whatever time you perceive to save by having your computer run faster than mine is more than eaten up by the amount of time taken to switch apps back and forth repeatedly to copy and paste.

 

Really, personal digs aside, each of us has our workflow preferences. However, us Mac users generally spend a lot of money for our computers and to me the cost of the software in comparison is not much considering the convenience and security of password management. I mean, really. I have spent a lot of money on tools like OmniFocus when I could just track my tasks in a spreadsheet (or a spiral notebook). Again, I bought a computer to do things for me and I like the way OmniFocus helps my workflow. 1Password is another one of those tools that I feel saves me time and mental energy.

iCloud Keychain works without copying and pasting.  I can also memorize a few strong critical passwords without taxing my mighty brain.  Not that hard, champ.  :smokey:

 

I run lean systems, and preserve CPU/resources by avoiding non-essential add-on apps.  That should tell you where my computer priorities are.  However since this subtle nuance is probably lost on you, as is the importance of doing so, I'll try to explain so 'serious' 1Password and Omnifocus users can understand:
 
CPU and data intensive tasks often require the full resources of a computer.   1Password is not an intensive task for a computer.  If you are the type of computer user that does a lot of intensive tasks, you're probably not phased in the slightest by website passwords, and therefore not bloating your system with needless cruft.
 
For any knowledgable Mac user, the feature set of 1Password is mostly redundant, and the rest are far from mission critical.  For those computer users whose needs top out with the 'tremendous complexity' of logging into websites, then extraneous remembering-passwords utilities are probably for you.  Maybe you should also consider some productivity seminars too?
post #65 of 97
Quote:
Originally Posted by redefiler View Post

 Maybe you should also consider some productivity seminars too?
[/COLOR]

What is wrong with you?
How to enter the Apple logo  on iOS:
/Settings/Keyboard/Shortcut and paste in  which you copied from an email draft or a note. Screendump
Reply
How to enter the Apple logo  on iOS:
/Settings/Keyboard/Shortcut and paste in  which you copied from an email draft or a note. Screendump
Reply
post #66 of 97
Quote:
Originally Posted by PhilBoogie View Post


What is wrong with you?

It's just a problem with your screen resolution settings.

post #67 of 97
Quote:
Originally Posted by redefiler View Post
 

iCloud Keychain works without copying and pasting.  I can also memorize a few strong critical passwords without taxing my mighty brain.  Not that hard, champ.  :smokey:

 

I run lean systems, and preserve CPU/resources by avoiding non-essential add-on apps.  That should tell you where my computer priorities are.  However since this subtle nuance is probably lost on you, as is the importance of doing so, I'll try to explain so 'serious' 1Password and Omnifocus users can understand:
 
CPU and data intensive tasks often require the full resources of a computer.   1Password is not an intensive task for a computer.  If you are the type of computer user that does a lot of intensive tasks, you're probably not phased in the slightest by website passwords, and therefore not bloating your system with needless cruft.
 
For any knowledgable Mac user, the feature set of 1Password is mostly redundant, and the rest are far from mission critical.  For those computer users whose needs top out with the 'tremendous complexity' of logging into websites, then extraneous remembering-passwords utilities are probably for you.  Maybe you should also consider some productivity seminars too?


Ouch... So I capitulated in my last post and admitted you and I have different workflows. Which one of them is correct? Both - I don't get yours, but it works for you, just as mine works for me. Feel free to (continue to) correct me if I'm wrong, but I don't believe I never insulted you nor asked for you to be so degrading. I'll take my ignorance (and my years of experience) and leave you to either enjoy your superiority, or the insecurity that causes you to insult me; I'm not sure which it is because, I'm afraid, subtle nuances are clearly beyond my grasp.

 

Or maybe, just maybe it's you who can't understand how anyone could possibly have a different idea than you and yet still have a couple of brain cells knocking about? Hmmm... I'll leave you to ponder that. Either way, I'll just leave you alone. I'd hate to continue embarrassing myself.

post #68 of 97
Quote:
Originally Posted by Riot Nrrrd(TM) View Post

I don't see why complaining isn't legitimate. I'm running on Snow Leopard 10.6.8 at home and the vast majority of software I use runs just fine on it.

I've seen some software where the developers say that the APIs they need changed starting in Lion so they dropped Snow Leopard support and only support Lion and newer. I don't like that either, but a least it's a fair excuse. But I can't think of any other software I know of that demands so recent an OS version for their Mac client as 10.8.5.

Disclaimer: I don't know anything about 1Password and have never run it, so if it's possible to use it just on an iOS device and still be able to enter passwords while I'm on my Mac, I'm all ears - but most of the benefits of a password manager come from Forms auto-fill which obviously isn't possible in that scenario.

What can I say? If you're happy with Snow Leopard and iOS as it is... then you're just going to have to accept and forfeit using some of the apps available.

Not only now mind you, but when Yosemite and iOS 8 hit in October, a number of devs will drop old versions (as of Lion I expect) and new titles will surely be for 10.9 or iOS 7 and above.

Sorry... but that's how Apple and it's dev community works. Regardless, and in everything else in life... "Be Happy" and don't be a complainer...1smoking.gif
Knowing what you are talking about would help you understand why you are so wrong. By "Realistic" - AI Forum Member
Reply
Knowing what you are talking about would help you understand why you are so wrong. By "Realistic" - AI Forum Member
Reply
post #69 of 97
1Password stores every piece of important info and makes it secure to "carry" with you. Logins, credit cards, bank accounts, driver's licenses, Social Security numbers, passports, reward membership, etc. And it's all secured through tight encryption.
post #70 of 97
iCloud Keychain does everything I need. Stores credit card details securely and enters them automatically in Safari. Safari suggests strong passwords when needed. For all the other bumpf like serial numbers, Driving Licence, etc., I store these separately, as it's very rare that I need access to that information.
"If the young are not initiated into the village, they will burn it down just to feel its warmth."
- African proverb
Reply
"If the young are not initiated into the village, they will burn it down just to feel its warmth."
- African proverb
Reply
post #71 of 97
Quote:
Originally Posted by Benjamin Frost View Post

iCloud Keychain does everything I need. Stores credit card details securely and enters them automatically in Safari. Safari suggests strong passwords when needed. For all the other bumpf like serial numbers, Driving Licence, etc., I store these separately, as it's very rare that I need access to that information.

  1. How do you keep track of the age of your last password change?
  2. How can you tell if you have any duplicate passwords?
  3. How can you tell if you have any weak passwords?
  4. How can you tell which passwords should be changed because their site has recently been compromised?
  5. How do you keep track of all your secret questions and answers in case you need to reset a password?
  6. How do you store your credit card details, like annual fee, when the annual fee is charged, APR, when the bill is due, percentage rate for purchases, percentage rate for cash advances, and other aspects of a CC that iCloud Keychain has zero fields for?



Additionally, I also use 1Password to store the proper email address with alias (e.g.: solipsismx+ai@email.com) for various sites. Granted, that is easy to parse out but not enough people use it at this point that I doubt it's commonly used and it makes it easy for me to set up smart folders in Mail.

"The real haunted empire?  It's the New York Times." ~SockRolid

"There is no rule that says the best phones must have the largest screen." ~RoundaboutNow

Reply

"The real haunted empire?  It's the New York Times." ~SockRolid

"There is no rule that says the best phones must have the largest screen." ~RoundaboutNow

Reply
post #72 of 97
Quote:
Originally Posted by SolipsismX View Post

Quote:
Originally Posted by Benjamin Frost View Post

iCloud Keychain does everything I need. Stores credit card details securely and enters them automatically in Safari. Safari suggests strong passwords when needed. For all the other bumpf like serial numbers, Driving Licence, etc., I store these separately, as it's very rare that I need access to that information.

  1. How do you keep track of the age of your last password change?
  2. How can you tell if you have any duplicate passwords?
  3. How can you tell if you have any weak passwords?
  4. How can you tell which passwords should be changed because their site has recently been compromised?
  5. How do you keep track of all your secret questions and answers in case you need to reset a password?
  6. How do you store your credit card details, like annual fee, when the annual fee is charged, APR, when the bill is due, percentage rate for purchases, percentage rate for cash advances, and other aspects of a CC that iCloud Keychain has zero fields for?

1 because Safari only suggests strong ones, I don't need to keep changing them, and therefore don't need to keep track of password changes.

2 Safari keeps track of duplicate passwords. It always suggests unique passwords, so there are none.

3 Safari only suggests strong passwords.

4 A reputable site will tell you if their passwords have been compromised; I only frequent those.

5 I store these answer separately, if at all, as it is unlikely I would need them. All sites will reset these if necessary anyway.

6 I'm not interested in storing these minor details.

I don't understand your sentence about 'proper email addresses.'


Additionally, I also use 1Password to store the proper email address with alias (e.g.: solipsismx+ai@email.com) for various sites. Granted, that is easy to parse out but not enough people use it at this point that I doubt it's commonly used and it makes it easy for me to set up smart folders in Mail.
"If the young are not initiated into the village, they will burn it down just to feel its warmth."
- African proverb
Reply
"If the young are not initiated into the village, they will burn it down just to feel its warmth."
- African proverb
Reply
post #73 of 97
Quote:
Originally Posted by Benjamin Frost View Post

1 because Safari only suggests strong ones, I don't need to keep changing them, and therefore don't need to keep track of password changes.

2 Safari keeps track of duplicate passwords. It always suggests unique passwords, so there are none.

3 Safari only suggests strong passwords.

4 A reputable site will tell you if their passwords have been compromised; I only frequent those.

5 I store these answer separately, if at all, as it is unlikely I would need them. All sites will reset these if necessary anyway.

6 I'm not interested in storing these minor details.

I don't understand your sentence about 'proper email addresses.'

1) What good does that do if the site was compromised to the fullest?

2) So if you have duplicate passwords from before Safari will suggest the ones you need to change?

3) So if you have weak passwords from before Safari will suggest the ones you need to change?

4) So you'd like to believe.

5a) If you store them separately, I guess that's fine, but it's less convenient than having data split all over the place.

5b) If you don't have to write them down then you either have an eidetic memory, you're using the same questions and answers, or you're using authentic questions and answers for each site.

5c) If a site resets them then what good do they do you?

6) I am, because I like to know when these charges are coming up so I maximize how much I take advantage of my credit rating. I even write down the bonus points each cards gets for various purchases which is on each card so I can maximize how much money I get back. This yield me a couple thousand US dollars each year without having to pay any interest to the banks.

7) I gave an example of what an email alias is and why one would use it. It's been a part of the email protocol for many years now and is in use by all the major email servers to which I'm aware.

"The real haunted empire?  It's the New York Times." ~SockRolid

"There is no rule that says the best phones must have the largest screen." ~RoundaboutNow

Reply

"The real haunted empire?  It's the New York Times." ~SockRolid

"There is no rule that says the best phones must have the largest screen." ~RoundaboutNow

Reply
post #74 of 97

Speaking of weak passwords, why is there an UPPER password length limit for iCloud accounts? I can’t use my standard password in its entirety there.

Originally Posted by Slurpy

There's just a TINY chance that Apple will also be able to figure out payments. Oh wait, they did already… …and you’re already fucked.

 

Reply

Originally Posted by Slurpy

There's just a TINY chance that Apple will also be able to figure out payments. Oh wait, they did already… …and you’re already fucked.

 

Reply
post #75 of 97
Quote:
Originally Posted by Tallest Skil View Post

Speaking of weak passwords, why is there an UPPER password length limit for iCloud accounts? I can’t use my standard password in its entirety there.

I'd say so the DB field can be limited, but a lot of sites are far too low. Oddly, I see financial institutions that tend to have short password lengths. That said, that's not my biggest issue with password length, it's when they don't tell you there is an upper limit and then silently truncate the password you've saved so that the next time you log in it doesn't work. How hard is it to say "password must be between x and y" before you put it in or come back with a PHP error saying that the password is too long?


PS: One thing I'd like 1Password to add, which I haven't yet inquired about, is getting to choose which special characters will be used for a site or, more conveniently, having them be aware of which websites allow only a small selection of special characters.

"The real haunted empire?  It's the New York Times." ~SockRolid

"There is no rule that says the best phones must have the largest screen." ~RoundaboutNow

Reply

"The real haunted empire?  It's the New York Times." ~SockRolid

"There is no rule that says the best phones must have the largest screen." ~RoundaboutNow

Reply
post #76 of 97
Quote:
Originally Posted by SolipsismX View Post
 

How can you tell which passwords should be changed because their site has recently been compromised?

 

How does 1Password know if a site has been compromised?

Lorin Schultz (formerly V5V)

Audio Engineer

V5V Digital Media, Vancouver, BC Canada

Reply

Lorin Schultz (formerly V5V)

Audio Engineer

V5V Digital Media, Vancouver, BC Canada

Reply
post #77 of 97
Quote:
Originally Posted by Lorin Schultz View Post

How does 1Password know if a site has been compromised?

I'm glad you asked. Right now it checks the SSL to see if it's vulnerable to Heartbleed. This is what caused them to create this feature in the first place. After Heartbleed occurred I had this "novel" idea that I thought would be great for the next major revision of 1Password… so I told them, and they said it was already in the works and would be in the next update.


Note this is just the first step and isn't only reliant on Heartbleed.

"The real haunted empire?  It's the New York Times." ~SockRolid

"There is no rule that says the best phones must have the largest screen." ~RoundaboutNow

Reply

"The real haunted empire?  It's the New York Times." ~SockRolid

"There is no rule that says the best phones must have the largest screen." ~RoundaboutNow

Reply
post #78 of 97
Quote:
Originally Posted by redefiler View Post

If the recent stolen password thing is anything other than hype, it's yet another fine reason not to add another entity like 1Password, and point of failure into the ways your junk can get jacked.

Let's see, you store your passwords on an online service in an unencrypted form so that "if the password thing is anything but hype" you just about guarantee easy access to, by your own admission, your most critically account credentials.

vs.

Storing them in an extremely secure tool that keeps them encrypted at all times, automatically secures itself after a short time, gives you a way to make using your passwords more easy to encourage you to actually use completely random and different ones per web site, and can be used with just about any mix of device and OS.

Yes, what an incredible point of failure that is 1rolleyes.gif

And to who ever made a quip about writing down passwords as being insecure - just stop it. That single worst piece of security advice EVER is what causes most people to pick asinine passwords in the first place. Writing down passwords is perfectly fine if you secure the paper they are written on! Telling people to write them down then secure them is far more realistic than telling people to use different passwords and just memorize them.

No matter where they are, I routinely print out all my names and passwords and stick 'em in my safe or safety deposit box. Because crap happens, be it iCloud deciding to randomly wipe out documents in your iCloud account or you forgetting your master password to 1Password. Being prepared is always a good thing.

As well as having some common sense. Really people, there is nothing magical about this crap. Passwords based on words are weak due to little things called dictionaries. Entropy is your friend, but it's not magic. Whole words decrease entropy, randomness and password length increase it. And no, substituting a 3 for an E doesn't increase entropy that much - for some crazy reason crackers are on to 'leet speak' 1rolleyes.gif
post #79 of 97
Quote:
Originally Posted by PhilBoogie View Post

Does surfing the web through the browser from 1Password help?

Nope - as I answered over there it's the way web browsers work and 1Password does nothing to change internet standards. It's a separate security issue.
post #80 of 97
Quote:
Originally Posted by DocNo42 View Post

Let's see, you store your passwords on an online service in an unencrypted form... blah blah blah

vs.

Storing them in an extremely secure... blah blah blah

 

:rolleyes: iCloud is encrypted.  iCloud documents are encrypted. 1Password is encrypted.  Everybody is encrypted.  This isn't the unique snowflake feature that some of you think it is.

 

Quote:
Originally Posted by djames4242 View Post


Ouch... So I capitulated in my last post and admitted you and I have different workflows. Which one of them is correct? Both - I don't get yours, but it works for you, just as mine works for me. Feel free to (continue to) correct me if I'm wrong, but I don't believe I never insulted you nor asked for you to be so degrading. I'll take my ignorance (and my years of experience) and leave you to either enjoy your superiority, or the insecurity that causes you to insult me; I'm not sure which it is because, I'm afraid, subtle nuances are clearly beyond my grasp.

 

Or maybe, just maybe it's you who can't understand how anyone could possibly have a different idea than you and yet still have a couple of brain cells knocking about? Hmmm... I'll leave you to ponder that. Either way, I'll just leave you alone. I'd hate to continue embarrassing myself.

Sweet, I accept your capitulation and await significant reparations (I accept Major credit cards/Paypal).  :smokey: 

New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: iPhone
  • 1Password for iOS/Mac gets temporary price cut, upcoming iOS 8 version to be free update [u]
AppleInsider › Forums › Mobile › iPhone › 1Password for iOS/Mac gets temporary price cut, upcoming iOS 8 version to be free update [u]