subject:"Re\: Too many passwords"

Re: Too many passwords

2018-12-05 Thread Daniel Kerr

Hi Tim (and all) - and thanks Alex, glad that helped.

I use that as well. And you can actually get Keychain to create these for you 
as well.
There’s a few ways to access an internal Password Assistant that can help 
generate these.

For example, if you go to System Preferences - Users & Groups.
Click on “Change Password”. 
Just to the right of “New Password” (which you won’t change), you’ll see a 
little key icon. Click on that.
This will open the internal Password Assistant. 
Under “Type” you set this to Memorable, then can change the Length of the 
password as required. (e.g. 12 characters, 18 characters, etc).
Each time you click “Memorable” it will create a new password for you, which 
you can Copy and Paste into programs or places you want to use it.
This then can help you create ones to use. Then just close out of System 
Preferences when finished without changing anything.

I’m not sure how I did it, but I actually have the Password Assistant as a 
“stand alone” Application. I think when you could find it and use it manually. 
So it sits in my Applications folder and I use it a lot to generate memorable 
passwords for things and clients where needed.
Now a days I think the Password Assistant is actually buried deep away so you 
can’t find it “manually”. Shame, as I find it very handy to just open up the 
Application and use it.

But that’s another good way to generate some “useful” passwords as well. A 
handy little Application.

All this talk of passwords reminded me of a (bad) joke,….

An IT Person was helping a client and asked for their computer password.
They replied “ it’s SnowWhiteDocGrumpyHappySleepyDopeyBashfulSneezy”
With a puzzled look the IT person queried,…oh? that’s a,…..strange,…password??
To which the person replied,…well the password hint said I needed 1 large 
character and 7 small characters,…..


Fair warning,..I did say it was a BAD joke,…lol :)

Enjoy all!
I’m off to hide now,…. 

Kind regards
Daniel

---
Daniel Kerr
MacWizardry

Phone: 0414 795 960
Email: 
Web:   

**For everything Apple**

NOTE: Any information provided in this email may be my personal opinion and as 
such should be taken accordingly, and may not be the views of MacWizardry. Any 
information provided does not offer or warrant any form of warranty or accept 
liability. It would be appreciated that if any information in this email is to 
be disseminated, distributed or copied, that permission by the author be 
requested. 

> On 5 Dec 2018, at 1:07 pm, Stephen Chape  wrote:
> 
> I am with you on that one Tim.
> 
>> On 5 Dec 2018, at 5:02 am, Tim Law  wrote:
>> 
>> Alex,
>> 
>> In a blog posting, the owner of 1Password talked about the benefits to the 
>> user of using normal words rather than a collection of wild letters and 
>> numbers. If you ever have to physically enter a password it is much easier 
>> to write “sung.7Persuade.pushy” than a random string and apparently just as 
>> secure as long as the words would never normally appear together.  I’ve 
>> added in the 7 and the upper case P and it creates a highly secure password 
>> that shows all green on those little slider indicators.
>> 
>> Regards
>> 
>> Tim
>> 
>> 
>> 
>> Sent from Tim's Retina iPad 2
>> 
>> On 4 Dec 2018, at 11:35 pm, Alex  wrote:
>> 
>>> Thanks Daniel, that was very helpful on a very vexatious issue.
>>> 
>>> Couple queries tho’.  Do you have any opinion on LastPass?  I have used it 
>>> in a Windows environment.
>>> 
>>> And, if one is to use a password management programme, would it then be 
>>> advisable to set up random letters, numbers & characters as passwords 
>>> rather than the usual passwords one makes up?
>>> 
>>> Cheers,
>>> 
>>> Alex Novakovic
>>> 
 On 3 Dec 2018, at 12:29 pm, Daniel Kerr  wrote:

 Hi Pat

 If you enter the AppleID (which is also used for iCloud, as they are 
 generally one and the same thing), more then 3 times, then yes it will 
 generally want you to reset it.
 You can do this by a few options - some are automated, and don’t require 
 calling Apple.
 If you have access to the email address, you can request an email that 
 will step you through resetting your password.
 Generally if I want to “Test” a password for a client to see if it’s 
 correct or not, then I will use the “main” Apple site - applied.apple.com
 By putting in the email address and password then it will ensure if it’s 
 correct or not. If it logs in - the password is correct. If it advises it 
 isn’t correct then a few tries before the option of resetting it (normally 
 via the email option). It’s very rare to have to call Apple for this at 
 all I find. It’s all automated.

 *Generally* (and I use this term lightly) the computer password will be 
 different to the AppleID password. Though,…in some of the later systems, 
 this can be reset by the same AppleID.
 In System Preferences - Users & Groups -

Re: Too many passwords

2018-12-05 Thread Alex

Thanks Heaps Daniel - great to have the discussion.

And to all of you who so freely share your wisdom & experience.

Cheers,  Alex

> On 5 Dec 2018, at 1:01 am, Daniel Kerr  wrote:
> 
> Hi Alex
> 
> Thanks for that, glad it was helpful.
> 
> In answer to your questions.
> 1. I haven’t really used LastPass, so I can’t really comment on it. I’ve just 
> always used 1Password. I think I had some reservations on LastPass, but that 
> was ages ago and I can’t recall what it was now. Perhaps it was something to 
> do with who owned it? Or possibly because they once had a breach (again I 
> think it was a long time ago). Whereas i’ve never heard of AgileBits ever 
> having problems. They (1Password/AgileBits) always seem more on top of things 
> with info, updates, on top of security stuff. But that could be my bias,…lol.
> So seeing as I have never used LastPass I can’t really say. A quick search 
> seems that they do rate a little “better” in some things - 
> https://www.digitaltrends.com/computing/lastpass-vs-1password-comparison/
> I think (but I could be wrong) that 1Password has been around a lot longer 
> then LastPass - so that could be another reason I use it. :)
> 
> 2. Yes, generally once using a Password Manager it’s best to go through and 
> replace passwords for more random generated ones. Most programs will do this 
> for you. And they generally offer an “audit” feature as well. So you can let 
> it audit your passwords to see if you need to change any, or any are poor in 
> “quality”. And given that the software manages it for you, you don’t actually 
> have to remember them. As it does that for you and auto fills it in if you 
> want to. (or can look it up if really need to know what it is).
> I use a mixture of both generated from 1Password and Apple’s auto-generate 
> feature as well. And I have iCloud Keychain set on. So my passwords sync to 
> my laptop, iMac, iPad and iPhone. So doesn’t matter what I use, all the 
> information is there.
> With my iPhone and iPad, I have those set to 10 wrong attempts of the login 
> passcode will erase the device. As then even though everything is “Secure” 
> and locked away, it just means if someone gets them and tries to break into 
> it, it will completely remotely wipe the device after 10 wrong attempts. And 
> given ti’s backed up to iCloud and my computer daily I won’t actually lose 
> anything. The person will get my items, but all my personal “stuff” will be 
> deleted.
> (Not that I actually have anything to hide, as it’s all encrypted, but it’s 
> just a “nice feeling” to know that the info won’t go anywhere. Though I did 
> have to tell my son many years ago he couldn’t play with my phone and 
> code,…as “Daddy didn’t want him to wipe my stuff”. :) Now with FaceID and/or 
> Fingerprint ID I don’t really use Passwords all that much. As most programs 
> like my banking and 1Password will unlock via FaceID. (or FingerpringID on my 
> iPad Gen6).
> But yes, to answer your question (sorry, I get sidetracked sometimes,…lol) - 
> yes, it’s a good idea to replace passwords. As I “upgrade” some sites here 
> and there I go through and change them all. So they tend to be updated every 
> 2-3 years anyway. And some wholesaler I use I have to do it every 6 months 
> anyway.
> 
> Hope that extra info helps. :)
> 
> Kind regards
> Daniel
> 
> ---
> Daniel Kerr
> MacWizardry
> 
> Phone: 0414 795 960
> Email: 
> Web:   
> 
> 
> **For everything Apple**
> 
> NOTE: Any information provided in this email may be my personal opinion and 
> as such should be taken accordingly, and may not be the views of MacWizardry. 
> Any information provided does not offer or warrant any form of warranty or 
> accept liability. It would be appreciated that if any information in this 
> email is to be disseminated, distributed or copied, that permission by the 
> author be requested. 
> 
>> On 4 Dec 2018, at 11:35 pm, Alex  wrote:
>> 
>> Thanks Daniel, that was very helpful on a very vexatious issue.
>> 
>> Couple queries tho’.  Do you have any opinion on LastPass?  I have used it 
>> in a Windows environment.
>> 
>> And, if one is to use a password management programme, would it then be 
>> advisable to set up random letters, numbers & characters as passwords rather 
>> than the usual passwords one makes up?
>> 
>> Cheers,
>> 
>> Alex Novakovic
>> 
>>> On 3 Dec 2018, at 12:29 pm, Daniel Kerr  wrote:
>>> 
>>> Hi Pat
>>> 
>>> If you enter the AppleID (which is also used for iCloud, as they are 
>>> generally one and the same thing), more then 3 times, then yes it will 
>>> generally want you to reset it.
>>> You can do this by a few options - some are automated, and don’t require 
>>> calling Apple.
>>> If you have access to the email address, you can request an email that will 
>>> step you through resetting your password.
>>> Generally if I want to “Test” a password for a client to see if it’s 
>>> correct or not, then I will use the “main” Apple

Re: Too many passwords

2018-12-04 Thread Stephen Chape

I am with you on that one Tim.

> On 5 Dec 2018, at 5:02 am, Tim Law  wrote:
> 
> Alex,
> 
> In a blog posting, the owner of 1Password talked about the benefits to the 
> user of using normal words rather than a collection of wild letters and 
> numbers. If you ever have to physically enter a password it is much easier to 
> write “sung.7Persuade.pushy” than a random string and apparently just as 
> secure as long as the words would never normally appear together.  I’ve added 
> in the 7 and the upper case P and it creates a highly secure password that 
> shows all green on those little slider indicators.
> 
> Regards
> 
> Tim
> 
> 
> 
> Sent from Tim's Retina iPad 2
> 
> On 4 Dec 2018, at 11:35 pm, Alex  > wrote:
> 
>> Thanks Daniel, that was very helpful on a very vexatious issue.
>> 
>> Couple queries tho’.  Do you have any opinion on LastPass?  I have used it 
>> in a Windows environment.
>> 
>> And, if one is to use a password management programme, would it then be 
>> advisable to set up random letters, numbers & characters as passwords rather 
>> than the usual passwords one makes up?
>> 
>> Cheers,
>> 
>> Alex Novakovic
>> 
>>> On 3 Dec 2018, at 12:29 pm, Daniel Kerr >> > wrote:
>>> 
>>> Hi Pat
>>> 
>>> If you enter the AppleID (which is also used for iCloud, as they are 
>>> generally one and the same thing), more then 3 times, then yes it will 
>>> generally want you to reset it.
>>> You can do this by a few options - some are automated, and don’t require 
>>> calling Apple.
>>> If you have access to the email address, you can request an email that will 
>>> step you through resetting your password.
>>> Generally if I want to “Test” a password for a client to see if it’s 
>>> correct or not, then I will use the “main” Apple site - applied.apple.com 
>>> 
>>> By putting in the email address and password then it will ensure if it’s 
>>> correct or not. If it logs in - the password is correct. If it advises it 
>>> isn’t correct then a few tries before the option of resetting it (normally 
>>> via the email option). It’s very rare to have to call Apple for this at all 
>>> I find. It’s all automated.
>>> 
>>> *Generally* (and I use this term lightly) the computer password will be 
>>> different to the AppleID password. Though,…in some of the later systems, 
>>> this can be reset by the same AppleID.
>>> In System Preferences - Users & Groups - “username” (on the left hand 
>>> side). On the right hand side there is a tick box that says “Allow user to 
>>> reset password using Apple ID). If this is ticked, then the AppleID can be 
>>> used to change the computer password. And then (generally) these are one 
>>> and the same.
>>> I personally prefer to keep these different, so the computer password is 
>>> completely different to my AppleID. (for security reasons).
>>> 
>>> This could be where (if you had ticked) some of the issue could have 
>>> happened in your last post to the list where you went through with Apple 
>>> resetting the password.
>>> (I probably would have used the Terminal thing as a last resort, as yes it 
>>> resets Keychain and this makes a whole other issue where passwords stored 
>>> there are a) lost of b) almost non-retrievable. And even if retrieved via a 
>>> TimeMachine backup they will be locked away under the “original” password.
>>> 
>>> As Peter has mentioned unfortunately these days everything has to be a lot 
>>> more secure. The flip side to this would be a lot more hacking of details, 
>>> a lot more social engineering of personal details and a lot more user data 
>>> out in the open. So with things like 2-factor authentication, recovery via 
>>> email of forgotten details, and stronger passwords Apple (and others) are 
>>> doing as much as they can do to protect personal data.
>>> I’d personally prefer it this way, then people having access to my data. I 
>>> like the security of 2-factor authentication knowing that even if someone 
>>> got my AppleID password they can’t access it without physical access to my 
>>> iPhone. (which is also locked, and 10 wrong attempts will just wipe my 
>>> device). I’d rather know my data is as secure as possible and harder for 
>>> others to try and get then a lot less security and easier ways to try and 
>>> get my data. (only have to look at the 4 years that yahoo accounts got 
>>> hacked for example with no notification to their users). And we see a lot 
>>> more of these where some companies seem to be a bit less “slack” about some 
>>> things, and more personal data gets “hacked”.
>>> (I know where two of my spams come from as they come to two email address I 
>>> used for Dropbox and Adobe. So I know those two accounts that get spammed 
>>> where two email addresses I used where “taken” in a list from both of those 
>>> companies.). The spam comes addresses to those two email addresses which I 
>>> then went and closed off and

Re: Too many passwords

2018-12-04 Thread Tim Law

Alex,

In a blog posting, the owner of 1Password talked about the benefits to the user 
of using normal words rather than a collection of wild letters and numbers. If 
you ever have to physically enter a password it is much easier to write 
“sung.7Persuade.pushy” than a random string and apparently just as secure as 
long as the words would never normally appear together.  I’ve added in the 7 
and the upper case P and it creates a highly secure password that shows all 
green on those little slider indicators.

Regards

Tim



Sent from Tim's Retina iPad 2

> On 4 Dec 2018, at 11:35 pm, Alex  wrote:
> 
> Thanks Daniel, that was very helpful on a very vexatious issue.
> 
> Couple queries tho’.  Do you have any opinion on LastPass?  I have used it in 
> a Windows environment.
> 
> And, if one is to use a password management programme, would it then be 
> advisable to set up random letters, numbers & characters as passwords rather 
> than the usual passwords one makes up?
> 
> Cheers,
> 
> Alex Novakovic
> 
>> On 3 Dec 2018, at 12:29 pm, Daniel Kerr  wrote:
>> 
>> Hi Pat
>> 
>> If you enter the AppleID (which is also used for iCloud, as they are 
>> generally one and the same thing), more then 3 times, then yes it will 
>> generally want you to reset it.
>> You can do this by a few options - some are automated, and don’t require 
>> calling Apple.
>> If you have access to the email address, you can request an email that will 
>> step you through resetting your password.
>> Generally if I want to “Test” a password for a client to see if it’s correct 
>> or not, then I will use the “main” Apple site - applied.apple.com
>> By putting in the email address and password then it will ensure if it’s 
>> correct or not. If it logs in - the password is correct. If it advises it 
>> isn’t correct then a few tries before the option of resetting it (normally 
>> via the email option). It’s very rare to have to call Apple for this at all 
>> I find. It’s all automated.
>> 
>> *Generally* (and I use this term lightly) the computer password will be 
>> different to the AppleID password. Though,…in some of the later systems, 
>> this can be reset by the same AppleID.
>> In System Preferences - Users & Groups - “username” (on the left hand side). 
>> On the right hand side there is a tick box that says “Allow user to reset 
>> password using Apple ID). If this is ticked, then the AppleID can be used to 
>> change the computer password. And then (generally) these are one and the 
>> same.
>> I personally prefer to keep these different, so the computer password is 
>> completely different to my AppleID. (for security reasons).
>> 
>> This could be where (if you had ticked) some of the issue could have 
>> happened in your last post to the list where you went through with Apple 
>> resetting the password.
>> (I probably would have used the Terminal thing as a last resort, as yes it 
>> resets Keychain and this makes a whole other issue where passwords stored 
>> there are a) lost of b) almost non-retrievable. And even if retrieved via a 
>> TimeMachine backup they will be locked away under the “original” password.
>> 
>> As Peter has mentioned unfortunately these days everything has to be a lot 
>> more secure. The flip side to this would be a lot more hacking of details, a 
>> lot more social engineering of personal details and a lot more user data out 
>> in the open. So with things like 2-factor authentication, recovery via email 
>> of forgotten details, and stronger passwords Apple (and others) are doing as 
>> much as they can do to protect personal data.
>> I’d personally prefer it this way, then people having access to my data. I 
>> like the security of 2-factor authentication knowing that even if someone 
>> got my AppleID password they can’t access it without physical access to my 
>> iPhone. (which is also locked, and 10 wrong attempts will just wipe my 
>> device). I’d rather know my data is as secure as possible and harder for 
>> others to try and get then a lot less security and easier ways to try and 
>> get my data. (only have to look at the 4 years that yahoo accounts got 
>> hacked for example with no notification to their users). And we see a lot 
>> more of these where some companies seem to be a bit less “slack” about some 
>> things, and more personal data gets “hacked”.
>> (I know where two of my spams come from as they come to two email address I 
>> used for Dropbox and Adobe. So I know those two accounts that get spammed 
>> where two email addresses I used where “taken” in a list from both of those 
>> companies.). The spam comes addresses to those two email addresses which I 
>> then went and closed off and changed.
>> This was another interesting site where I could check which “places” my 
>> email address may have been taken from - https://haveibeenpwned.com
>> This came from an article I read ages ago here - 
>>

Re: Too many passwords

2018-12-04 Thread Daniel Kerr

Hi Alex

Thanks for that, glad it was helpful.

In answer to your questions.
1. I haven’t really used LastPass, so I can’t really comment on it. I’ve just 
always used 1Password. I think I had some reservations on LastPass, but that 
was ages ago and I can’t recall what it was now. Perhaps it was something to do 
with who owned it? Or possibly because they once had a breach (again I think it 
was a long time ago). Whereas i’ve never heard of AgileBits ever having 
problems. They (1Password/AgileBits) always seem more on top of things with 
info, updates, on top of security stuff. But that could be my bias,…lol.
So seeing as I have never used LastPass I can’t really say. A quick search 
seems that they do rate a little “better” in some things - 
https://www.digitaltrends.com/computing/lastpass-vs-1password-comparison/
I think (but I could be wrong) that 1Password has been around a lot longer then 
LastPass - so that could be another reason I use it. :)

2. Yes, generally once using a Password Manager it’s best to go through and 
replace passwords for more random generated ones. Most programs will do this 
for you. And they generally offer an “audit” feature as well. So you can let it 
audit your passwords to see if you need to change any, or any are poor in 
“quality”. And given that the software manages it for you, you don’t actually 
have to remember them. As it does that for you and auto fills it in if you want 
to. (or can look it up if really need to know what it is).
I use a mixture of both generated from 1Password and Apple’s auto-generate 
feature as well. And I have iCloud Keychain set on. So my passwords sync to my 
laptop, iMac, iPad and iPhone. So doesn’t matter what I use, all the 
information is there.
With my iPhone and iPad, I have those set to 10 wrong attempts of the login 
passcode will erase the device. As then even though everything is “Secure” and 
locked away, it just means if someone gets them and tries to break into it, it 
will completely remotely wipe the device after 10 wrong attempts. And given 
ti’s backed up to iCloud and my computer daily I won’t actually lose anything. 
The person will get my items, but all my personal “stuff” will be deleted.
(Not that I actually have anything to hide, as it’s all encrypted, but it’s 
just a “nice feeling” to know that the info won’t go anywhere. Though I did 
have to tell my son many years ago he couldn’t play with my phone and code,…as 
“Daddy didn’t want him to wipe my stuff”. :) Now with FaceID and/or Fingerprint 
ID I don’t really use Passwords all that much. As most programs like my banking 
and 1Password will unlock via FaceID. (or FingerpringID on my iPad Gen6).
But yes, to answer your question (sorry, I get sidetracked sometimes,…lol) - 
yes, it’s a good idea to replace passwords. As I “upgrade” some sites here and 
there I go through and change them all. So they tend to be updated every 2-3 
years anyway. And some wholesaler I use I have to do it every 6 months anyway.

Hope that extra info helps. :)

Kind regards
Daniel

---
Daniel Kerr
MacWizardry

Phone: 0414 795 960
Email: 
Web:   

**For everything Apple**

NOTE: Any information provided in this email may be my personal opinion and as 
such should be taken accordingly, and may not be the views of MacWizardry. Any 
information provided does not offer or warrant any form of warranty or accept 
liability. It would be appreciated that if any information in this email is to 
be disseminated, distributed or copied, that permission by the author be 
requested. 

> On 4 Dec 2018, at 11:35 pm, Alex  wrote:
> 
> Thanks Daniel, that was very helpful on a very vexatious issue.
> 
> Couple queries tho’.  Do you have any opinion on LastPass?  I have used it in 
> a Windows environment.
> 
> And, if one is to use a password management programme, would it then be 
> advisable to set up random letters, numbers & characters as passwords rather 
> than the usual passwords one makes up?
> 
> Cheers,
> 
> Alex Novakovic
> 
>> On 3 Dec 2018, at 12:29 pm, Daniel Kerr  wrote:
>> 
>> Hi Pat
>> 
>> If you enter the AppleID (which is also used for iCloud, as they are 
>> generally one and the same thing), more then 3 times, then yes it will 
>> generally want you to reset it.
>> You can do this by a few options - some are automated, and don’t require 
>> calling Apple.
>> If you have access to the email address, you can request an email that will 
>> step you through resetting your password.
>> Generally if I want to “Test” a password for a client to see if it’s correct 
>> or not, then I will use the “main” Apple site - applied.apple.com
>> By putting in the email address and password then it will ensure if it’s 
>> correct or not. If it logs in - the password is correct. If it advises it 
>> isn’t correct then a few tries before the option of resetting it (normally 
>> via the email option). It’s very rare to have to call Apple for this at all 
>> I find. It’s all

Re: Too many passwords

2018-12-04 Thread Alex

Thanks Daniel, that was very helpful on a very vexatious issue.

Couple queries tho’.  Do you have any opinion on LastPass?  I have used it in a 
Windows environment.

And, if one is to use a password management programme, would it then be 
advisable to set up random letters, numbers & characters as passwords rather 
than the usual passwords one makes up?

Cheers,

Alex Novakovic

> On 3 Dec 2018, at 12:29 pm, Daniel Kerr  wrote:
> 
> Hi Pat
> 
> If you enter the AppleID (which is also used for iCloud, as they are 
> generally one and the same thing), more then 3 times, then yes it will 
> generally want you to reset it.
> You can do this by a few options - some are automated, and don’t require 
> calling Apple.
> If you have access to the email address, you can request an email that will 
> step you through resetting your password.
> Generally if I want to “Test” a password for a client to see if it’s correct 
> or not, then I will use the “main” Apple site - applied.apple.com
> By putting in the email address and password then it will ensure if it’s 
> correct or not. If it logs in - the password is correct. If it advises it 
> isn’t correct then a few tries before the option of resetting it (normally 
> via the email option). It’s very rare to have to call Apple for this at all I 
> find. It’s all automated.
> 
> *Generally* (and I use this term lightly) the computer password will be 
> different to the AppleID password. Though,…in some of the later systems, this 
> can be reset by the same AppleID.
> In System Preferences - Users & Groups - “username” (on the left hand side). 
> On the right hand side there is a tick box that says “Allow user to reset 
> password using Apple ID). If this is ticked, then the AppleID can be used to 
> change the computer password. And then (generally) these are one and the same.
> I personally prefer to keep these different, so the computer password is 
> completely different to my AppleID. (for security reasons).
> 
> This could be where (if you had ticked) some of the issue could have happened 
> in your last post to the list where you went through with Apple resetting the 
> password.
> (I probably would have used the Terminal thing as a last resort, as yes it 
> resets Keychain and this makes a whole other issue where passwords stored 
> there are a) lost of b) almost non-retrievable. And even if retrieved via a 
> TimeMachine backup they will be locked away under the “original” password.
> 
> As Peter has mentioned unfortunately these days everything has to be a lot 
> more secure. The flip side to this would be a lot more hacking of details, a 
> lot more social engineering of personal details and a lot more user data out 
> in the open. So with things like 2-factor authentication, recovery via email 
> of forgotten details, and stronger passwords Apple (and others) are doing as 
> much as they can do to protect personal data.
> I’d personally prefer it this way, then people having access to my data. I 
> like the security of 2-factor authentication knowing that even if someone got 
> my AppleID password they can’t access it without physical access to my 
> iPhone. (which is also locked, and 10 wrong attempts will just wipe my 
> device). I’d rather know my data is as secure as possible and harder for 
> others to try and get then a lot less security and easier ways to try and get 
> my data. (only have to look at the 4 years that yahoo accounts got hacked for 
> example with no notification to their users). And we see a lot more of these 
> where some companies seem to be a bit less “slack” about some things, and 
> more personal data gets “hacked”.
> (I know where two of my spams come from as they come to two email address I 
> used for Dropbox and Adobe. So I know those two accounts that get spammed 
> where two email addresses I used where “taken” in a list from both of those 
> companies.). The spam comes addresses to those two email addresses which I 
> then went and closed off and changed.
> This was another interesting site where I could check which “places” my email 
> address may have been taken from - https://haveibeenpwned.com
> This came from an article I read ages ago here - 
> https://www.businessinsider.com.au/new-email-scam-uses-old-password-fake-porn-threats-webcam-video-bitcoin-2018-7?r=US=T
> 
> The downside to all the security obviously is having a lot more (different) 
> passwords. This is where things like Keychain Access, 1Password etc come in 
> very handy to store all the passwords in for me. (even things like the WAMUG 
> mailing list, and the WAMUG committee mailing list I have stored to access so 
> I can look after the behind the scenes things for it. And a lot more 
> passwords linked to different things for even those that need passwords as 
> well).
> So without having to remember them all, that’s where the above programs 
> become “life savers”. (and I have them stored in 2 different programs should 
> one “fail”).
> The other

Re: Too many passwords

2018-12-03 Thread Peter Hinchliffe

> On 3 Dec 2018, at 10:18 pm, Stephen Chape  wrote:
> 
> Thank you Ronni.
> I shall give it some thought.
> 
> All my passwords are also printed on a sheet that is well hidden in my home.
> Just in case something should upset 1Password.
> 
> I must be a Failsafe Nuttter !
> 

I have used 1Password almost since it’s inception many years ago, but back it 
up with Apple’s own Keychain, os that if one goes wrong I have reference to the 
other. Keychain’s pubic interface, Keychain Access, can be found in the 
/Applications/Utilities folder, but it can be a bit intimidating to many people 
because it’s not all that clear what to do with it. A much more straightforward 
interface can be found in Safari Preferences (but of course if you decry Safari 
in favour of Google Chrome, Firefox or something else then the following can be 
ignored). When using Safari, choose Safari > Preferences… from the Menu Bar, 
then click the Passwords icon. You will be asked for your system password (the 
one you log into your computer with) and you will see a list of all the sites 
you have visited which require authentication. You might be surprised at the 
number of them!

If you select any item on the list, it will show you the password for that 
site. You might also see a little yellow triangle on the ame line. This 
indicates sites which share the same password. This cna be a security risk, so 
it’s a good guide to help you go through the problem sites and update all your 
risky passwords. If you can’t think of new ones, Safari will provide helpful, 
strong suggestions for you, and keep track of them into the bargain. 

Of course, this is only tracking passwords you use on the Web, but 1Password 
will take care of the others. With both 1Passsword and Keychain on your side, 
you shouldn’t need that old notebook anymore. 

And one more thing: turn on iCloud Keychain, so that your passwords work across 
all your devices. Record once, use everywhere. 

Kind regards,

Peter HinchliffeApwin Computer Services
FileMaker Pro Solutions Developer
Perth, Western Australia
Phone (618) 9332 6482Mob 0403 046 948

Mac because I prefer it -- Windows because I have to.

-- The WA Macintosh User Group Mailing List --
Archives - 
Guidelines - 
Settings & Unsubscribe -

Re: Too many passwords

2018-12-03 Thread Stephen Chape

Thank you Ronni.
I shall give it some thought.

All my passwords are also printed on a sheet that is well hidden in my home.
Just in case something should upset 1Password.

I must be a Failsafe Nuttter !

> On 3 Dec 2018, at 4:44 pm, Ronni Brown  wrote:
> 
> 
> I can understand your concern Stephen.
> My reasons below why I feel as confident as you can when dealing with 
> security online using 1Password.
> 
> Everything you store in 1Password is protected by a Master Password that only 
> you know...
> 1Password is a ‘Local Password Manager’. Local password managers work 
> similarly to the online ones. They have the similar password-generating, auto 
> form-filling and secure notes features. 
> The difference though is they just save the encrypted password database on 
> your computer, rather than on the web.
> 
> You can sync the database across computers using Dropbox (which is what I do) 
> but that brings back that risk of cloud storage. On the other hand, you still 
> have multiple layers of security: a hacker would need to first break into 
> your Dropbox account (hard if you have two-factor authentication set up) and 
> then also hack into your encrypted password database. 
> The chances of this happening are probably less than losing your laptop.
> 
> Kind regards,
> Ronni
> 
>  Ronni Brown’s iPad Pro 12.9-inch 256GB 
> 
> 
> On 3 Dec 2018, at 4:12 pm, Stephen Chape  > wrote:
> 
>> Perhaps I am being over cautious.
>> It does make me nervous storing those passwords electronically.
>> 
>> Would like to hear your take on that though ?
>> 
>>> On 3 Dec 2018, at 3:06 pm, Ronni Brown >> > wrote:
>>> 
>>> Hello Stephen, 
>>> 
>>> I have used and recommended 1Password for years, I think from when it was 
>>> first released.
>>> ALL my passwords including all software purchased details and passwords are 
>>> stored in 1Password.
>>> As a matter of interest, why don’t you have your Apple ID, Banking, and 
>>> PayPal stored in 1Password?
>>> 
>>> Kind regards,
>>> Ronni
>>> 
>>>  Ronni Brown’s iPad Pro 12.9-inch 256GB 
>>> 
>>> 
>>> On 3 Dec 2018, at 2:37 pm, Stephen Chape >> > wrote:
>>> 
 Hello Pat.
 
 I can thoroughly recommend buying 1Password for your Mac.
 I have used it for a few years and could not get by without it.
 
 All my passwords (except Apple ID, Banking and Paypal) are stored in there.
 All I have to remember is my Master Password.
 I also keep all my Application Keys and other details there.
 
 
> On 3 Dec 2018, at 12:31 pm, Daniel Kerr  > wrote:
> 
> oops sorry the Apple link should have been appleID.apple.com 
> 
> Silly auto correct!
> 
> Kind regards
> Daniel
> 
>  Sent from my iPhone XS 
> 
> ---
> Daniel Kerr
> MacWizardry
> 
> Phone: 0414 795 960
> Email: http://macwizardry.com.au/>>
> Web:   >
> 
> 
> **For everything Apple**
> 
> NOTE: Any information provided in this email may be my personal opinion 
> and as such should be taken accordingly, and may not be the views of 
> MacWizardry. Any information provided does not offer or warrant any form 
> of warranty or accept liability. It would be appreciated that if any 
> information in this email is to be disseminated, distributed or copied, 
> that permission by the author be requested. 
> 
>> On 3 Dec 2018, at 12:29 pm, Daniel Kerr > > wrote:
>> 
>> Hi Pat
>> 
>> If you enter the AppleID (which is also used for iCloud, as they are 
>> generally one and the same thing), more then 3 times, then yes it will 
>> generally want you to reset it.
>> You can do this by a few options - some are automated, and don’t require 
>> calling Apple.
>> If you have access to the email address, you can request an email that 
>> will step you through resetting your password.
>> Generally if I want to “Test” a password for a client to see if it’s 
>> correct or not, then I will use the “main” Apple site - 
>> applied.apple.com 
>> By putting in the email address and password then it will ensure if it’s 
>> correct or not. If it logs in - the password is correct. If it advises 
>> it isn’t correct then a few tries before the option of resetting it 
>> (normally via the email option). It’s very rare to have to call Apple 
>> for this at all I find. It’s all automated.
>> 
>> *Generally* (and I use this term lightly) the computer password will be 
>> different to the AppleID password. Though,…in some of the later systems, 
>> this can be reset by the same AppleID.
>> In System Preferences - Users & Groups - “username” (on the left hand

Re: Too many passwords

2018-12-03 Thread Ronni Brown

I can understand your concern Stephen.
My reasons below why I feel as confident as you can when dealing with security 
online using 1Password.

Everything you store in 1Password is protected by a Master Password that only 
you know...
1Password is a ‘Local Password Manager’. Local password managers work similarly 
to the online ones. They have the similar password-generating, auto 
form-filling and secure notes features. 
The difference though is they just save the encrypted password database on your 
computer, rather than on the web.

You can sync the database across computers using Dropbox (which is what I do) 
but that brings back that risk of cloud storage. On the other hand, you still 
have multiple layers of security: a hacker would need to first break into your 
Dropbox account (hard if you have two-factor authentication set up) and then 
also hack into your encrypted password database. 
The chances of this happening are probably less than losing your laptop.

Kind regards,
Ronni

 Ronni Brown’s iPad Pro 12.9-inch 256GB 

> On 3 Dec 2018, at 4:12 pm, Stephen Chape  wrote:
> 
> Perhaps I am being over cautious.
> It does make me nervous storing those passwords electronically.
> 
> Would like to hear your take on that though ?
> 
>> On 3 Dec 2018, at 3:06 pm, Ronni Brown  wrote:
>> 
>> Hello Stephen, 
>> 
>> I have used and recommended 1Password for years, I think from when it was 
>> first released.
>> ALL my passwords including all software purchased details and passwords are 
>> stored in 1Password.
>> As a matter of interest, why don’t you have your Apple ID, Banking, and 
>> PayPal stored in 1Password?
>> 
>> Kind regards,
>> Ronni
>> 
>>  Ronni Brown’s iPad Pro 12.9-inch 256GB 
>> 
>> 
>>> On 3 Dec 2018, at 2:37 pm, Stephen Chape  wrote:
>>> 
>>> Hello Pat.
>>> 
>>> I can thoroughly recommend buying 1Password for your Mac.
>>> I have used it for a few years and could not get by without it.
>>> 
>>> All my passwords (except Apple ID, Banking and Paypal) are stored in there.
>>> All I have to remember is my Master Password.
>>> I also keep all my Application Keys and other details there.
>>> 
>>> 
 On 3 Dec 2018, at 12:31 pm, Daniel Kerr  wrote:

 oops sorry the Apple link should have been appleID.apple.com
 Silly auto correct!

 Kind regards
 Daniel

  Sent from my iPhone XS 

 ---
 Daniel Kerr
 MacWizardry

 Phone: 0414 795 960
 Email: 
 Web:   

 **For everything Apple**

 NOTE: Any information provided in this email may be my personal opinion 
 and as such should be taken accordingly, and may not be the views of 
 MacWizardry. Any information provided does not offer or warrant any form 
 of warranty or accept liability. It would be appreciated that if any 
 information in this email is to be disseminated, distributed or copied, 
 that permission by the author be requested. 

> On 3 Dec 2018, at 12:29 pm, Daniel Kerr  wrote:
> 
> Hi Pat
> 
> If you enter the AppleID (which is also used for iCloud, as they are 
> generally one and the same thing), more then 3 times, then yes it will 
> generally want you to reset it.
> You can do this by a few options - some are automated, and don’t require 
> calling Apple.
> If you have access to the email address, you can request an email that 
> will step you through resetting your password.
> Generally if I want to “Test” a password for a client to see if it’s 
> correct or not, then I will use the “main” Apple site - applied.apple.com
> By putting in the email address and password then it will ensure if it’s 
> correct or not. If it logs in - the password is correct. If it advises it 
> isn’t correct then a few tries before the option of resetting it 
> (normally via the email option). It’s very rare to have to call Apple for 
> this at all I find. It’s all automated.
> 
> *Generally* (and I use this term lightly) the computer password will be 
> different to the AppleID password. Though,…in some of the later systems, 
> this can be reset by the same AppleID.
> In System Preferences - Users & Groups - “username” (on the left hand 
> side). On the right hand side there is a tick box that says “Allow user 
> to reset password using Apple ID). If this is ticked, then the AppleID 
> can be used to change the computer password. And then (generally) these 
> are one and the same.
> I personally prefer to keep these different, so the computer password is 
> completely different to my AppleID. (for security reasons).
> 
> This could be where (if you had ticked) some of the issue could have 
> happened in your last post to the list where you went through with Apple 
> resetting the password.
> (I probably would have used the Terminal thing as a last resort, as yes 
> it

Re: Too many passwords

2018-12-03 Thread Marcus Harris

For my twenty cents worth. I use Apple passwords for something like a social 
club but not for banking or broking. But I suspect even that’s over cautious as 
the master pass is the one to access the Apple device. Once in the Mac or iPad 
I should only need take care not to use a stranger’s wifi to bank.
Cheers 
Marcus

Marcus Harris 75
 Apple iPhone7

> On 3 Dec 2018, at 4:12 pm, Stephen Chape  wrote:
> 
> Perhaps I am being over cautious.
> It does make me nervous storing those passwords electronically.
> 
> Would like to hear your take on that though ?
> 
>> On 3 Dec 2018, at 3:06 pm, Ronni Brown  wrote:
>> 
>> Hello Stephen, 
>> 
>> I have used and recommended 1Password for years, I think from when it was 
>> first released.
>> ALL my passwords including all software purchased details and passwords are 
>> stored in 1Password.
>> As a matter of interest, why don’t you have your Apple ID, Banking, and 
>> PayPal stored in 1Password?
>> 
>> Kind regards,
>> Ronni
>> 
>>  Ronni Brown’s iPad Pro 12.9-inch 256GB 
>> 
>> 
>>> On 3 Dec 2018, at 2:37 pm, Stephen Chape  wrote:
>>> 
>>> Hello Pat.
>>> 
>>> I can thoroughly recommend buying 1Password for your Mac.
>>> I have used it for a few years and could not get by without it.
>>> 
>>> All my passwords (except Apple ID, Banking and Paypal) are stored in there.
>>> All I have to remember is my Master Password.
>>> I also keep all my Application Keys and other details there.
>>> 
>>> 
 On 3 Dec 2018, at 12:31 pm, Daniel Kerr  wrote:
 
 oops sorry the Apple link should have been appleID.apple.com
 Silly auto correct!
 
 Kind regards
 Daniel
 
  Sent from my iPhone XS 
 
 ---
 Daniel Kerr
 MacWizardry
 
 Phone: 0414 795 960
 Email: 
 Web:   
 
 
 **For everything Apple**
 
 NOTE: Any information provided in this email may be my personal opinion 
 and as such should be taken accordingly, and may not be the views of 
 MacWizardry. Any information provided does not offer or warrant any form 
 of warranty or accept liability. It would be appreciated that if any 
 information in this email is to be disseminated, distributed or copied, 
 that permission by the author be requested. 
 
> On 3 Dec 2018, at 12:29 pm, Daniel Kerr  wrote:
> 
> Hi Pat
> 
> If you enter the AppleID (which is also used for iCloud, as they are 
> generally one and the same thing), more then 3 times, then yes it will 
> generally want you to reset it.
> You can do this by a few options - some are automated, and don’t require 
> calling Apple.
> If you have access to the email address, you can request an email that 
> will step you through resetting your password.
> Generally if I want to “Test” a password for a client to see if it’s 
> correct or not, then I will use the “main” Apple site - applied.apple.com
> By putting in the email address and password then it will ensure if it’s 
> correct or not. If it logs in - the password is correct. If it advises it 
> isn’t correct then a few tries before the option of resetting it 
> (normally via the email option). It’s very rare to have to call Apple for 
> this at all I find. It’s all automated.
> 
> *Generally* (and I use this term lightly) the computer password will be 
> different to the AppleID password. Though,…in some of the later systems, 
> this can be reset by the same AppleID.
> In System Preferences - Users & Groups - “username” (on the left hand 
> side). On the right hand side there is a tick box that says “Allow user 
> to reset password using Apple ID). If this is ticked, then the AppleID 
> can be used to change the computer password. And then (generally) these 
> are one and the same.
> I personally prefer to keep these different, so the computer password is 
> completely different to my AppleID. (for security reasons).
> 
> This could be where (if you had ticked) some of the issue could have 
> happened in your last post to the list where you went through with Apple 
> resetting the password.
> (I probably would have used the Terminal thing as a last resort, as yes 
> it resets Keychain and this makes a whole other issue where passwords 
> stored there are a) lost of b) almost non-retrievable. And even if 
> retrieved via a TimeMachine backup they will be locked away under the 
> “original” password.
> 
> As Peter has mentioned unfortunately these days everything has to be a 
> lot more secure. The flip side to this would be a lot more hacking of 
> details, a lot more social engineering of personal details and a lot more 
> user data out in the open. So with things like 2-factor authentication, 
> recovery via email of forgotten details, and stronger passwords Apple 
> (and others) are doing as much as they can

Re: Too many passwords

2018-12-03 Thread Stephen Chape

Perhaps I am being over cautious.
It does make me nervous storing those passwords electronically.

Would like to hear your take on that though ?

> On 3 Dec 2018, at 3:06 pm, Ronni Brown  wrote:
> 
> Hello Stephen, 
> 
> I have used and recommended 1Password for years, I think from when it was 
> first released.
> ALL my passwords including all software purchased details and passwords are 
> stored in 1Password.
> As a matter of interest, why don’t you have your Apple ID, Banking, and 
> PayPal stored in 1Password?
> 
> Kind regards,
> Ronni
> 
>  Ronni Brown’s iPad Pro 12.9-inch 256GB 
> 
> 
> On 3 Dec 2018, at 2:37 pm, Stephen Chape  > wrote:
> 
>> Hello Pat.
>> 
>> I can thoroughly recommend buying 1Password for your Mac.
>> I have used it for a few years and could not get by without it.
>> 
>> All my passwords (except Apple ID, Banking and Paypal) are stored in there.
>> All I have to remember is my Master Password.
>> I also keep all my Application Keys and other details there.
>> 
>> 
>>> On 3 Dec 2018, at 12:31 pm, Daniel Kerr >> > wrote:
>>> 
>>> oops sorry the Apple link should have been appleID.apple.com 
>>> 
>>> Silly auto correct!
>>> 
>>> Kind regards
>>> Daniel
>>> 
>>>  Sent from my iPhone XS 
>>> 
>>> ---
>>> Daniel Kerr
>>> MacWizardry
>>> 
>>> Phone: 0414 795 960
>>> Email: http://macwizardry.com.au/>>
>>> Web:   >
>>> 
>>> 
>>> **For everything Apple**
>>> 
>>> NOTE: Any information provided in this email may be my personal opinion and 
>>> as such should be taken accordingly, and may not be the views of 
>>> MacWizardry. Any information provided does not offer or warrant any form of 
>>> warranty or accept liability. It would be appreciated that if any 
>>> information in this email is to be disseminated, distributed or copied, 
>>> that permission by the author be requested. 
>>> 
 On 3 Dec 2018, at 12:29 pm, Daniel Kerr >>> > wrote:

 Hi Pat

 If you enter the AppleID (which is also used for iCloud, as they are 
 generally one and the same thing), more then 3 times, then yes it will 
 generally want you to reset it.
 You can do this by a few options - some are automated, and don’t require 
 calling Apple.
 If you have access to the email address, you can request an email that 
 will step you through resetting your password.
 Generally if I want to “Test” a password for a client to see if it’s 
 correct or not, then I will use the “main” Apple site - applied.apple.com 

 By putting in the email address and password then it will ensure if it’s 
 correct or not. If it logs in - the password is correct. If it advises it 
 isn’t correct then a few tries before the option of resetting it (normally 
 via the email option). It’s very rare to have to call Apple for this at 
 all I find. It’s all automated.

 *Generally* (and I use this term lightly) the computer password will be 
 different to the AppleID password. Though,…in some of the later systems, 
 this can be reset by the same AppleID.
 In System Preferences - Users & Groups - “username” (on the left hand 
 side). On the right hand side there is a tick box that says “Allow user to 
 reset password using Apple ID). If this is ticked, then the AppleID can be 
 used to change the computer password. And then (generally) these are one 
 and the same.
 I personally prefer to keep these different, so the computer password is 
 completely different to my AppleID. (for security reasons).

 This could be where (if you had ticked) some of the issue could have 
 happened in your last post to the list where you went through with Apple 
 resetting the password.
 (I probably would have used the Terminal thing as a last resort, as yes it 
 resets Keychain and this makes a whole other issue where passwords stored 
 there are a) lost of b) almost non-retrievable. And even if retrieved via 
 a TimeMachine backup they will be locked away under the “original” 
 password.

 As Peter has mentioned unfortunately these days everything has to be a lot 
 more secure. The flip side to this would be a lot more hacking of details, 
 a lot more social engineering of personal details and a lot more user data 
 out in the open. So with things like 2-factor authentication, recovery via 
 email of forgotten details, and stronger passwords Apple (and others) are 
 doing as much as they can do to protect personal data.
 I’d personally prefer it this way, then people having access to my data. I 
 like the security of 2-factor authentication knowing that even if someone 
 got my AppleID password they can’t access it without physical access to my 
 iPhone.

Re: Too many passwords

2018-12-02 Thread Ronni Brown

Hello Stephen, 

I have used and recommended 1Password for years, I think from when it was first 
released.
ALL my passwords including all software purchased details and passwords are 
stored in 1Password.
As a matter of interest, why don’t you have your Apple ID, Banking, and PayPal 
stored in 1Password?

Kind regards,
Ronni

 Ronni Brown’s iPad Pro 12.9-inch 256GB 


> On 3 Dec 2018, at 2:37 pm, Stephen Chape  wrote:
> 
> Hello Pat.
> 
> I can thoroughly recommend buying 1Password for your Mac.
> I have used it for a few years and could not get by without it.
> 
> All my passwords (except Apple ID, Banking and Paypal) are stored in there.
> All I have to remember is my Master Password.
> I also keep all my Application Keys and other details there.
> 
> 
>> On 3 Dec 2018, at 12:31 pm, Daniel Kerr  wrote:
>> 
>> oops sorry the Apple link should have been appleID.apple.com
>> Silly auto correct!
>> 
>> Kind regards
>> Daniel
>> 
>>  Sent from my iPhone XS 
>> 
>> ---
>> Daniel Kerr
>> MacWizardry
>> 
>> Phone: 0414 795 960
>> Email: 
>> Web:   
>> 
>> 
>> **For everything Apple**
>> 
>> NOTE: Any information provided in this email may be my personal opinion and 
>> as such should be taken accordingly, and may not be the views of 
>> MacWizardry. Any information provided does not offer or warrant any form of 
>> warranty or accept liability. It would be appreciated that if any 
>> information in this email is to be disseminated, distributed or copied, that 
>> permission by the author be requested. 
>> 
>>> On 3 Dec 2018, at 12:29 pm, Daniel Kerr  wrote:
>>> 
>>> Hi Pat
>>> 
>>> If you enter the AppleID (which is also used for iCloud, as they are 
>>> generally one and the same thing), more then 3 times, then yes it will 
>>> generally want you to reset it.
>>> You can do this by a few options - some are automated, and don’t require 
>>> calling Apple.
>>> If you have access to the email address, you can request an email that will 
>>> step you through resetting your password.
>>> Generally if I want to “Test” a password for a client to see if it’s 
>>> correct or not, then I will use the “main” Apple site - applied.apple.com
>>> By putting in the email address and password then it will ensure if it’s 
>>> correct or not. If it logs in - the password is correct. If it advises it 
>>> isn’t correct then a few tries before the option of resetting it (normally 
>>> via the email option). It’s very rare to have to call Apple for this at all 
>>> I find. It’s all automated.
>>> 
>>> *Generally* (and I use this term lightly) the computer password will be 
>>> different to the AppleID password. Though,…in some of the later systems, 
>>> this can be reset by the same AppleID.
>>> In System Preferences - Users & Groups - “username” (on the left hand 
>>> side). On the right hand side there is a tick box that says “Allow user to 
>>> reset password using Apple ID). If this is ticked, then the AppleID can be 
>>> used to change the computer password. And then (generally) these are one 
>>> and the same.
>>> I personally prefer to keep these different, so the computer password is 
>>> completely different to my AppleID. (for security reasons).
>>> 
>>> This could be where (if you had ticked) some of the issue could have 
>>> happened in your last post to the list where you went through with Apple 
>>> resetting the password.
>>> (I probably would have used the Terminal thing as a last resort, as yes it 
>>> resets Keychain and this makes a whole other issue where passwords stored 
>>> there are a) lost of b) almost non-retrievable. And even if retrieved via a 
>>> TimeMachine backup they will be locked away under the “original” password.
>>> 
>>> As Peter has mentioned unfortunately these days everything has to be a lot 
>>> more secure. The flip side to this would be a lot more hacking of details, 
>>> a lot more social engineering of personal details and a lot more user data 
>>> out in the open. So with things like 2-factor authentication, recovery via 
>>> email of forgotten details, and stronger passwords Apple (and others) are 
>>> doing as much as they can do to protect personal data.
>>> I’d personally prefer it this way, then people having access to my data. I 
>>> like the security of 2-factor authentication knowing that even if someone 
>>> got my AppleID password they can’t access it without physical access to my 
>>> iPhone. (which is also locked, and 10 wrong attempts will just wipe my 
>>> device). I’d rather know my data is as secure as possible and harder for 
>>> others to try and get then a lot less security and easier ways to try and 
>>> get my data. (only have to look at the 4 years that yahoo accounts got 
>>> hacked for example with no notification to their users). And we see a lot 
>>> more of these where some companies seem to be a bit less “slack” about some 
>>> things, and more personal data gets “hacked”.
>>> (I know where two of my spams come from as they

Re: Too many passwords

2018-12-02 Thread Stephen Chape

Hello Pat.

I can thoroughly recommend buying 1Password for your Mac.
I have used it for a few years and could not get by without it.

All my passwords (except Apple ID, Banking and Paypal) are stored in there.
All I have to remember is my Master Password.
I also keep all my Application Keys and other details there.


> On 3 Dec 2018, at 12:31 pm, Daniel Kerr  wrote:
> 
> oops sorry the Apple link should have been appleID.apple.com
> Silly auto correct!
> 
> Kind regards
> Daniel
> 
>  Sent from my iPhone XS 
> 
> ---
> Daniel Kerr
> MacWizardry
> 
> Phone: 0414 795 960
> Email: 
> Web:   
> 
> 
> **For everything Apple**
> 
> NOTE: Any information provided in this email may be my personal opinion and 
> as such should be taken accordingly, and may not be the views of MacWizardry. 
> Any information provided does not offer or warrant any form of warranty or 
> accept liability. It would be appreciated that if any information in this 
> email is to be disseminated, distributed or copied, that permission by the 
> author be requested. 
> 
>> On 3 Dec 2018, at 12:29 pm, Daniel Kerr  wrote:
>> 
>> Hi Pat
>> 
>> If you enter the AppleID (which is also used for iCloud, as they are 
>> generally one and the same thing), more then 3 times, then yes it will 
>> generally want you to reset it.
>> You can do this by a few options - some are automated, and don’t require 
>> calling Apple.
>> If you have access to the email address, you can request an email that will 
>> step you through resetting your password.
>> Generally if I want to “Test” a password for a client to see if it’s correct 
>> or not, then I will use the “main” Apple site - applied.apple.com
>> By putting in the email address and password then it will ensure if it’s 
>> correct or not. If it logs in - the password is correct. If it advises it 
>> isn’t correct then a few tries before the option of resetting it (normally 
>> via the email option). It’s very rare to have to call Apple for this at all 
>> I find. It’s all automated.
>> 
>> *Generally* (and I use this term lightly) the computer password will be 
>> different to the AppleID password. Though,…in some of the later systems, 
>> this can be reset by the same AppleID.
>> In System Preferences - Users & Groups - “username” (on the left hand side). 
>> On the right hand side there is a tick box that says “Allow user to reset 
>> password using Apple ID). If this is ticked, then the AppleID can be used to 
>> change the computer password. And then (generally) these are one and the 
>> same.
>> I personally prefer to keep these different, so the computer password is 
>> completely different to my AppleID. (for security reasons).
>> 
>> This could be where (if you had ticked) some of the issue could have 
>> happened in your last post to the list where you went through with Apple 
>> resetting the password.
>> (I probably would have used the Terminal thing as a last resort, as yes it 
>> resets Keychain and this makes a whole other issue where passwords stored 
>> there are a) lost of b) almost non-retrievable. And even if retrieved via a 
>> TimeMachine backup they will be locked away under the “original” password.
>> 
>> As Peter has mentioned unfortunately these days everything has to be a lot 
>> more secure. The flip side to this would be a lot more hacking of details, a 
>> lot more social engineering of personal details and a lot more user data out 
>> in the open. So with things like 2-factor authentication, recovery via email 
>> of forgotten details, and stronger passwords Apple (and others) are doing as 
>> much as they can do to protect personal data.
>> I’d personally prefer it this way, then people having access to my data. I 
>> like the security of 2-factor authentication knowing that even if someone 
>> got my AppleID password they can’t access it without physical access to my 
>> iPhone. (which is also locked, and 10 wrong attempts will just wipe my 
>> device). I’d rather know my data is as secure as possible and harder for 
>> others to try and get then a lot less security and easier ways to try and 
>> get my data. (only have to look at the 4 years that yahoo accounts got 
>> hacked for example with no notification to their users). And we see a lot 
>> more of these where some companies seem to be a bit less “slack” about some 
>> things, and more personal data gets “hacked”.
>> (I know where two of my spams come from as they come to two email address I 
>> used for Dropbox and Adobe. So I know those two accounts that get spammed 
>> where two email addresses I used where “taken” in a list from both of those 
>> companies.). The spam comes addresses to those two email addresses which I 
>> then went and closed off and changed.
>> This was another interesting site where I could check which “places” my 
>> email address may have been taken from - https://haveibeenpwned.com
>> This came from an article I read ages ago here - 
>>

Re: Too many passwords

2018-12-02 Thread Daniel Kerr

oops sorry the Apple link should have been appleID.apple.com
Silly auto correct!

Kind regards
Daniel

 Sent from my iPhone XS 

---
Daniel Kerr
MacWizardry

Phone: 0414 795 960
Email: 
Web:   


**For everything Apple**

NOTE: Any information provided in this email may be my personal opinion and as 
such should be taken accordingly, and may not be the views of MacWizardry. Any 
information provided does not offer or warrant any form of warranty or accept 
liability. It would be appreciated that if any information in this email is to 
be disseminated, distributed or copied, that permission by the author be 
requested. 

> On 3 Dec 2018, at 12:29 pm, Daniel Kerr  wrote:
> 
> Hi Pat
> 
> If you enter the AppleID (which is also used for iCloud, as they are 
> generally one and the same thing), more then 3 times, then yes it will 
> generally want you to reset it.
> You can do this by a few options - some are automated, and don’t require 
> calling Apple.
> If you have access to the email address, you can request an email that will 
> step you through resetting your password.
> Generally if I want to “Test” a password for a client to see if it’s correct 
> or not, then I will use the “main” Apple site - applied.apple.com
> By putting in the email address and password then it will ensure if it’s 
> correct or not. If it logs in - the password is correct. If it advises it 
> isn’t correct then a few tries before the option of resetting it (normally 
> via the email option). It’s very rare to have to call Apple for this at all I 
> find. It’s all automated.
> 
> *Generally* (and I use this term lightly) the computer password will be 
> different to the AppleID password. Though,…in some of the later systems, this 
> can be reset by the same AppleID.
> In System Preferences - Users & Groups - “username” (on the left hand side). 
> On the right hand side there is a tick box that says “Allow user to reset 
> password using Apple ID). If this is ticked, then the AppleID can be used to 
> change the computer password. And then (generally) these are one and the same.
> I personally prefer to keep these different, so the computer password is 
> completely different to my AppleID. (for security reasons).
> 
> This could be where (if you had ticked) some of the issue could have happened 
> in your last post to the list where you went through with Apple resetting the 
> password.
> (I probably would have used the Terminal thing as a last resort, as yes it 
> resets Keychain and this makes a whole other issue where passwords stored 
> there are a) lost of b) almost non-retrievable. And even if retrieved via a 
> TimeMachine backup they will be locked away under the “original” password.
> 
> As Peter has mentioned unfortunately these days everything has to be a lot 
> more secure. The flip side to this would be a lot more hacking of details, a 
> lot more social engineering of personal details and a lot more user data out 
> in the open. So with things like 2-factor authentication, recovery via email 
> of forgotten details, and stronger passwords Apple (and others) are doing as 
> much as they can do to protect personal data.
> I’d personally prefer it this way, then people having access to my data. I 
> like the security of 2-factor authentication knowing that even if someone got 
> my AppleID password they can’t access it without physical access to my 
> iPhone. (which is also locked, and 10 wrong attempts will just wipe my 
> device). I’d rather know my data is as secure as possible and harder for 
> others to try and get then a lot less security and easier ways to try and get 
> my data. (only have to look at the 4 years that yahoo accounts got hacked for 
> example with no notification to their users). And we see a lot more of these 
> where some companies seem to be a bit less “slack” about some things, and 
> more personal data gets “hacked”.
> (I know where two of my spams come from as they come to two email address I 
> used for Dropbox and Adobe. So I know those two accounts that get spammed 
> where two email addresses I used where “taken” in a list from both of those 
> companies.). The spam comes addresses to those two email addresses which I 
> then went and closed off and changed.
> This was another interesting site where I could check which “places” my email 
> address may have been taken from - https://haveibeenpwned.com
> This came from an article I read ages ago here - 
> https://www.businessinsider.com.au/new-email-scam-uses-old-password-fake-porn-threats-webcam-video-bitcoin-2018-7?r=US=T
> 
> The downside to all the security obviously is having a lot more (different) 
> passwords. This is where things like Keychain Access, 1Password etc come in 
> very handy to store all the passwords in for me. (even things like the WAMUG 
> mailing list, and the WAMUG committee mailing list I have stored to access so 
> I can look after the behind the scenes things for it. And a lot

If you enter the AppleID (which is also used for iCloud, as they are generally
one and the same thing), more then 3 times, then yes it will generally want you
to reset it.
You can do this by a few options - some are automated, and don’t require
calling Apple.
If you have access to the email address, you can request an email that will
step you through resetting your password.
Generally if I want to “Test” a password for a client to see if it’s correct or
not, then I will use the “main” Apple site - applied.apple.com
By putting in the email address and password then it will ensure if it’s
correct or not. If it logs in - the password is correct. If it advises it isn’t
correct then a few tries before the option of resetting it (normally via the
email option). It’s very rare to have to call Apple for this at all I find.
It’s all automated.

*Generally* (and I use this term lightly) the computer password will be
different to the AppleID password. Though,…in some of the later systems, this
can be reset by the same AppleID.
In System Preferences - Users & Groups - “username” (on the left hand side). On
the right hand side there is a tick box that says “Allow user to reset password
using Apple ID). If this is ticked, then the AppleID can be used to change the
computer password. And then (generally) these are one and the same.
I personally prefer to keep these different, so the computer password is
completely different to my AppleID. (for security reasons).

This could be where (if you had ticked) some of the issue could have happened
in your last post to the list where you went through with Apple resetting the
password.
(I probably would have used the Terminal thing as a last resort, as yes it
resets Keychain and this makes a whole other issue where passwords stored there
are a) lost of b) almost non-retrievable. And even if retrieved via a
TimeMachine backup they will be locked away under the “original” password.

As Peter has mentioned unfortunately these days everything has to be a lot more
secure. The flip side to this would be a lot more hacking of details, a lot
more social engineering of personal details and a lot more user data out in the
open. So with things like 2-factor authentication, recovery via email of
forgotten details, and stronger passwords Apple (and others) are doing as much
as they can do to protect personal data.
I’d personally prefer it this way, then people having access to my data. I like
the security of 2-factor authentication knowing that even if someone got my
AppleID password they can’t access it without physical access to my iPhone.
(which is also locked, and 10 wrong attempts will just wipe my device). I’d
rather know my data is as secure as possible and harder for others to try and
get then a lot less security and easier ways to try and get my data. (only have
to look at the 4 years that yahoo accounts got hacked for example with no
notification to their users). And we see a lot more of these where some
companies seem to be a bit less “slack” about some things, and more personal
data gets “hacked”.
(I know where two of my spams come from as they come to two email address I
used for Dropbox and Adobe. So I know those two accounts that get spammed where
two email addresses I used where “taken” in a list from both of those
companies.). The spam comes addresses to those two email addresses which I then
went and closed off and changed.
This was another interesting site where I could check which “places” my email
address may have been taken from - https://haveibeenpwned.com
This came from an article I read ages ago here -
https://www.businessinsider.com.au/new-email-scam-uses-old-password-fake-porn-threats-webcam-video-bitcoin-2018-7?r=US=T

The downside to all the security obviously is having a lot more (different)
passwords. This is where things like Keychain Access, 1Password etc come in
very handy to store all the passwords in for me. (even things like the WAMUG
mailing list, and the WAMUG committee mailing list I have stored to access so I
can look after the behind the scenes things for it. And a lot more passwords
linked to different things for even those that need passwords as well).
So without having to remember them all, that’s where the above programs become
“life savers”. (and I have them stored in 2 different programs should one
“fail”).
The other I’ve set it up for clients who may not want to use the “written down
password” books is to have a locked Excel spreadsheet. Lock it with a main
password and give the file a name that doesn’t say “Passwords” (e.g. Wine List,
Book List, My Boring Notes file). Then they put all their passwords in that.
Others write them down in books obviously as well. Not one I tend to recommend
as if someone gets the book they have all the passwords. But it depends on how
clients are worried about their data really. Some might not have things they
are worried about.

But back to your

Re: Too many passwords

2018-12-02 Thread Pat

Thanks, Peter and Susan,

One thing I read while I was thrashing around trying to fix things, was that if 
you enter a password incorrectly 2 times, you have to (I forget the exact 
words) sort it out with Apple (which isn’t easy to do, as you are only given a 
limited number of topics that you can choose from.) 

But for now, everything is working reasonably well, but I still haven’t tackled 
iCloud. Will do, soon.

Cheers,
Pat

> On 3 Dec 2018, at 08:03, Peter Hinchliffe  wrote:
> 
> 
> 
>> On 1 Dec 2018, at 11:31 am, Pat  wrote:
>> 
>> I have a functioning password to open the computer and other ones to send 
>> and receive mail. But I have just discovered that Apple has a clutch of 
>> others that I don’t know. I have never voluntarily used iCloud, so as far as 
>> I am concerned, it has no password. How do I find out how to find it or 
>> create it, because apparently I need it?
>> 
>> It looks like I may need other passwords for functions about which I have no 
>> idea. Security gone mad.
>> 
>> I was just trying to transfer something to one of my external disks. 
>> Couldn’t do it by drag and drop without the damn password. The one that 
>> opens my computer used to do it, but it was rejected.
>> 
>> I hope someone can help. 
>> Pat
> 
> As frustrating as all this is, it’s an unfortunate reality in today’s 
> computing world that you must keep track of your accounts and passwords. The 
> only way to avoid this is to turn off all access to the internet, which has 
> now become almost impossible.
> 
> Whether or not you are using iCloud (and if you use a Mac you probably are 
> whether you think so or not) you are actually being asked for the password 
> for your Apple ID. Your Apple ID is generally just your regular email 
> address. Many people go through the motions of creating an Apple ID when they 
> first set up a new Mac or upgrade their OS, then either forget about it or 
> don’t realise the significance of what they’ve been asked to do. 
> 
> In any event, if you don’t know what your Apple ID password is, you’ll have 
> to reset it. The most direct way to do this is simply to go to System 
> Preferences on your Mac and choose iCloud. You will be asked to type a 
> password. If you type something and it’s not recognised after 3 attempts you 
> will see a link appear which you can click if you “can’t remember your 
> password”. If you click that a message will be sent to your email address 
> showing you the steps to follow to create a new password.
> 
> Kind regards,
> 
> Peter HinchliffeApwin Computer Services
> FileMaker Pro Solutions Developer
> Perth, Western Australia
> Phone (618) 9332 6482Mob 0403 046 948
> 
> Mac because I prefer it -- Windows because I have to.
> 
> -- The WA Macintosh User Group Mailing List --
> Archives - 
> Guidelines - 
> Settings & Unsubscribe - 
> 

-- The WA Macintosh User Group Mailing List --
Archives - 
Guidelines - 
Settings & Unsubscribe -

Re: Too many passwords

2018-12-02 Thread Susan Hastings

Hi Pat, with regard to the externally disk, if you have a folder on it, you can 
drag and drop your files into the folder without a password. If you don’t have 
a folder there you can easily create one. I would endorse Peter’s comment about 
the importance of keeping track of your passwords. I have a physical notebook 
which I guard with my life. Cheers, Susan.

Sent from my iPad

> On 3 Dec 2018, at 8:03 am, Peter Hinchliffe  wrote:
> 
> 
> 
>> On 1 Dec 2018, at 11:31 am, Pat  wrote:
>> 
>> I have a functioning password to open the computer and other ones to send 
>> and receive mail. But I have just discovered that Apple has a clutch of 
>> others that I don’t know. I have never voluntarily used iCloud, so as far as 
>> I am concerned, it has no password. How do I find out how to find it or 
>> create it, because apparently I need it?
>> 
>> It looks like I may need other passwords for functions about which I have no 
>> idea. Security gone mad.
>> 
>> I was just trying to transfer something to one of my external disks. 
>> Couldn’t do it by drag and drop without the damn password. The one that 
>> opens my computer used to do it, but it was rejected.
>> 
>> I hope someone can help. 
>> Pat
> 
> As frustrating as all this is, it’s an unfortunate reality in today’s 
> computing world that you must keep track of your accounts and passwords. The 
> only way to avoid this is to turn off all access to the internet, which has 
> now become almost impossible.
> 
> Whether or not you are using iCloud (and if you use a Mac you probably are 
> whether you think so or not) you are actually being asked for the password 
> for your Apple ID. Your Apple ID is generally just your regular email 
> address. Many people go through the motions of creating an Apple ID when they 
> first set up a new Mac or upgrade their OS, then either forget about it or 
> don’t realise the significance of what they’ve been asked to do. 
> 
> In any event, if you don’t know what your Apple ID password is, you’ll have 
> to reset it. The most direct way to do this is simply to go to System 
> Preferences on your Mac and choose iCloud. You will be asked to type a 
> password. If you type something and it’s not recognised after 3 attempts you 
> will see a link appear which you can click if you “can’t remember your 
> password”. If you click that a message will be sent to your email address 
> showing you the steps to follow to create a new password.
> 
> Kind regards,
> 
> Peter HinchliffeApwin Computer Services
> FileMaker Pro Solutions Developer
> Perth, Western Australia
> Phone (618) 9332 6482Mob 0403 046 948
> 
> Mac because I prefer it -- Windows because I have to.
> 
> -- The WA Macintosh User Group Mailing List --
> Archives - 
> Guidelines - 
> Settings & Unsubscribe - 
> 

-- The WA Macintosh User Group Mailing List --
Archives - 
Guidelines - 
Settings & Unsubscribe -

Re: Too many passwords

2018-12-02 Thread Peter Hinchliffe

> On 1 Dec 2018, at 11:31 am, Pat  wrote:
> 
> I have a functioning password to open the computer and other ones to send and 
> receive mail. But I have just discovered that Apple has a clutch of others 
> that I don’t know. I have never voluntarily used iCloud, so as far as I am 
> concerned, it has no password. How do I find out how to find it or create it, 
> because apparently I need it?
> 
> It looks like I may need other passwords for functions about which I have no 
> idea. Security gone mad.
> 
> I was just trying to transfer something to one of my external disks. Couldn’t 
> do it by drag and drop without the damn password. The one that opens my 
> computer used to do it, but it was rejected.
> 
> I hope someone can help. 
> Pat

As frustrating as all this is, it’s an unfortunate reality in today’s computing 
world that you must keep track of your accounts and passwords. The only way to 
avoid this is to turn off all access to the internet, which has now become 
almost impossible.

Whether or not you are using iCloud (and if you use a Mac you probably are 
whether you think so or not) you are actually being asked for the password for 
your Apple ID. Your Apple ID is generally just your regular email address. Many 
people go through the motions of creating an Apple ID when they first set up a 
new Mac or upgrade their OS, then either forget about it or don’t realise the 
significance of what they’ve been asked to do. 

In any event, if you don’t know what your Apple ID password is, you’ll have to 
reset it. The most direct way to do this is simply to go to System Preferences 
on your Mac and choose iCloud. You will be asked to type a password. If you 
type something and it’s not recognised after 3 attempts you will see a link 
appear which you can click if you “can’t remember your password”. If you click 
that a message will be sent to your email address showing you the steps to 
follow to create a new password.

Kind regards,

Peter HinchliffeApwin Computer Services
FileMaker Pro Solutions Developer
Perth, Western Australia
Phone (618) 9332 6482Mob 0403 046 948

Mac because I prefer it -- Windows because I have to.

-- The WA Macintosh User Group Mailing List --
Archives - 
Guidelines - 
Settings & Unsubscribe -

Re: Too many passwords

Re: Too many passwords

Re: Too many passwords

Re: Too many passwords

Re: Too many passwords

Re: Too many passwords

Re: Too many passwords

Re: Too many passwords

Re: Too many passwords

Re: Too many passwords

Re: Too many passwords

Re: Too many passwords

Re: Too many passwords

Re: Too many passwords

Re: Too many passwords

Re: Too many passwords

Re: Too many passwords

Re: Too many passwords

18 matches

Site Navigation

Mail list logo

Footer information