On 2011-09-12 06:02 , Jean-Christophe Helary wrote:
My problem is that physical access to the work machines means basically access
to all the passwords, whether I use Keychain of 1Password etc.
you can do several things about this:
1. use a different password for the Keychain than your login password
2. use a locking screen saver (which will lock the keychain)
3. use 1Password and set its inactivity lock as desired
4. use very secure master passphrases that you have never shared with anyone
i do all of the above
i've used 1Password for four years (and less-capable software before that); it
holds hundreds of unique passwords and other info; while i have some quibbles
about its design, overall it is extremely well-worked out; so much so it's hard
to explain all the benefits briefly, but many of them directly address "what is
a good policy?"
1. use quality encryption
2. encourage secure passwords, warn about insecure passwords
3. provide reliable syncing/backup and ability to access passwords securely
even via a thumbdrive and/or a public computer
4. ensure ease of use (means user will be likely to use 1Password consistently)
via excellent browser integration and reliable recognition of sites and new
accounts, and facilitating updates when passwords are changed
5. use an approach that's adaptable for some other encryption needs
in addition 1Password works on Mac, Windows, Android, iOS and via an offline
web interface that works with all modern browsers
_______________________________________________
MacOSX-talk mailing list
[email protected]
http://www.omnigroup.com/mailman/listinfo/macosx-talk
