On Mon, Sep 12, 2011 at 08:02, Jean-Christophe Helary <[email protected]> wrote: > > My problem is that physical access to the work machines means basically > access to all the passwords, whether I use Keychain of 1Password etc.
Are you trying to limit access to different types of passwords? In other, words getting access to your forum passwords wouldn't mean getting access to your banking details? Or are you concerned with being limited when you're away from the password database on your machine? For limiting access, you could set up multiple keychains (though 1Password won't support this in the future). For mobile access, 1Password does have an iPhone app. > As the xkcd cartoon shows I could use easy to remember passwords, but as a > SOHO, what is the best way to manage them ? Small Office Home Office? Or Safety and Occupational Health Office? I assume that Safety and Health would have guidelines on how passwords are generated and how they are stored. > Keep them in a safe on a piece of paper? People are generally pretty good about keeping pieces of paper safe (re: money). Storing them in a database is easier to manage, more convenient, and potentially more secure. > Always hand-login and never ask the machine to remember them? That doesn't really help with the password management side of things, but if it's an important account and you're not the only user of the machine, it's probably not a good idea to have the machine remember the password. > Change them every month? This depends again on the importance of the account. Changing every password every month is quite a bit of hassle. I'm sure not going to change my MacOSX-Talk password monthly. The worst someone could do is change my subscription settings. Further, how likely is it that the password could be compromised before you know that there's been a breach. > My understanding is that most password problems do not come from software > problems but from human problems. What is the best way to reduce the risks > to something acceptable ? Perfect security is easy. But, then the system is literally not useable. You need to balance the risks and benefits. Password databases, like 1Password, are nice because they make long, complex passwords easy to manage. They also lessen some of the pain of changing passwords frequently. There's still room for user error, like if you choose "password" as your master key. > Another thing about 1Password is that I can't imagine how a $40 utility can > solve a human problem that has been around for thousands of years. Now think about how the current version, with a free upgrade to the next major release, is on sale in the Mac App Store for $20. > But maybe I'm missing something obvious. One is that 1Password doesn't "solve" the problem. All it does is make the management a lot easier. There are still issues, but the overall problem is lessened. -- arno s hautala /-| [email protected] pgp b2c9d448 _______________________________________________ MacOSX-talk mailing list [email protected] http://www.omnigroup.com/mailman/listinfo/macosx-talk
