I can understand your concern Stephen. My reasons below why I feel as confident as you can when dealing with security online using 1Password.
Everything you store in 1Password is protected by a Master Password that only you know... 1Password is a ‘Local Password Manager’. Local password managers work similarly to the online ones. They have the similar password-generating, auto form-filling and secure notes features. The difference though is they just save the encrypted password database on your computer, rather than on the web. You can sync the database across computers using Dropbox (which is what I do) but that brings back that risk of cloud storage. On the other hand, you still have multiple layers of security: a hacker would need to first break into your Dropbox account (hard if you have two-factor authentication set up) and then also hack into your encrypted password database. The chances of this happening are probably less than losing your laptop. Kind regards, Ronni Ronni Brown’s iPad Pro 12.9-inch 256GB > On 3 Dec 2018, at 4:12 pm, Stephen Chape <[email protected]> wrote: > > Perhaps I am being over cautious. > It does make me nervous storing those passwords electronically. > > Would like to hear your take on that though ? > >> On 3 Dec 2018, at 3:06 pm, Ronni Brown <[email protected]> wrote: >> >> Hello Stephen, >> >> I have used and recommended 1Password for years, I think from when it was >> first released. >> ALL my passwords including all software purchased details and passwords are >> stored in 1Password. >> As a matter of interest, why don’t you have your Apple ID, Banking, and >> PayPal stored in 1Password? >> >> Kind regards, >> Ronni >> >> Ronni Brown’s iPad Pro 12.9-inch 256GB >> >> >>> On 3 Dec 2018, at 2:37 pm, Stephen Chape <[email protected]> wrote: >>> >>> Hello Pat. >>> >>> I can thoroughly recommend buying 1Password for your Mac. >>> I have used it for a few years and could not get by without it. >>> >>> All my passwords (except Apple ID, Banking and Paypal) are stored in there. >>> All I have to remember is my Master Password. >>> I also keep all my Application Keys and other details there. >>> >>> >>>> On 3 Dec 2018, at 12:31 pm, Daniel Kerr <[email protected]> wrote: >>>> >>>> oops sorry the Apple link should have been appleID.apple.com >>>> Silly auto correct! >>>> >>>> Kind regards >>>> Daniel >>>> >>>> Sent from my iPhone XS >>>> >>>> --- >>>> Daniel Kerr >>>> MacWizardry >>>> >>>> Phone: 0414 795 960 >>>> Email: <daniel AT macwizardry.com.au> >>>> Web: <http://www.macwizardry.com.au> >>>> >>>> >>>> **For everything Apple** >>>> >>>> NOTE: Any information provided in this email may be my personal opinion >>>> and as such should be taken accordingly, and may not be the views of >>>> MacWizardry. Any information provided does not offer or warrant any form >>>> of warranty or accept liability. It would be appreciated that if any >>>> information in this email is to be disseminated, distributed or copied, >>>> that permission by the author be requested. >>>> >>>>> On 3 Dec 2018, at 12:29 pm, Daniel Kerr <[email protected]> wrote: >>>>> >>>>> Hi Pat >>>>> >>>>> If you enter the AppleID (which is also used for iCloud, as they are >>>>> generally one and the same thing), more then 3 times, then yes it will >>>>> generally want you to reset it. >>>>> You can do this by a few options - some are automated, and don’t require >>>>> calling Apple. >>>>> If you have access to the email address, you can request an email that >>>>> will step you through resetting your password. >>>>> Generally if I want to “Test” a password for a client to see if it’s >>>>> correct or not, then I will use the “main” Apple site - applied.apple.com >>>>> By putting in the email address and password then it will ensure if it’s >>>>> correct or not. If it logs in - the password is correct. If it advises it >>>>> isn’t correct then a few tries before the option of resetting it >>>>> (normally via the email option). It’s very rare to have to call Apple for >>>>> this at all I find. It’s all automated. >>>>> >>>>> *Generally* (and I use this term lightly) the computer password will be >>>>> different to the AppleID password. Though,…in some of the later systems, >>>>> this can be reset by the same AppleID. >>>>> In System Preferences - Users & Groups - “username” (on the left hand >>>>> side). On the right hand side there is a tick box that says “Allow user >>>>> to reset password using Apple ID). If this is ticked, then the AppleID >>>>> can be used to change the computer password. And then (generally) these >>>>> are one and the same. >>>>> I personally prefer to keep these different, so the computer password is >>>>> completely different to my AppleID. (for security reasons). >>>>> >>>>> This could be where (if you had ticked) some of the issue could have >>>>> happened in your last post to the list where you went through with Apple >>>>> resetting the password. >>>>> (I probably would have used the Terminal thing as a last resort, as yes >>>>> it resets Keychain and this makes a whole other issue where passwords >>>>> stored there are a) lost of b) almost non-retrievable. And even if >>>>> retrieved via a TimeMachine backup they will be locked away under the >>>>> “original” password. >>>>> >>>>> As Peter has mentioned unfortunately these days everything has to be a >>>>> lot more secure. The flip side to this would be a lot more hacking of >>>>> details, a lot more social engineering of personal details and a lot more >>>>> user data out in the open. So with things like 2-factor authentication, >>>>> recovery via email of forgotten details, and stronger passwords Apple >>>>> (and others) are doing as much as they can do to protect personal data. >>>>> I’d personally prefer it this way, then people having access to my data. >>>>> I like the security of 2-factor authentication knowing that even if >>>>> someone got my AppleID password they can’t access it without physical >>>>> access to my iPhone. (which is also locked, and 10 wrong attempts will >>>>> just wipe my device). I’d rather know my data is as secure as possible >>>>> and harder for others to try and get then a lot less security and easier >>>>> ways to try and get my data. (only have to look at the 4 years that yahoo >>>>> accounts got hacked for example with no notification to their users). And >>>>> we see a lot more of these where some companies seem to be a bit less >>>>> “slack” about some things, and more personal data gets “hacked”. >>>>> (I know where two of my spams come from as they come to two email address >>>>> I used for Dropbox and Adobe. So I know those two accounts that get >>>>> spammed where two email addresses I used where “taken” in a list from >>>>> both of those companies.). The spam comes addresses to those two email >>>>> addresses which I then went and closed off and changed. >>>>> This was another interesting site where I could check which “places” my >>>>> email address may have been taken from - https://haveibeenpwned.com >>>>> This came from an article I read ages ago here - >>>>> https://www.businessinsider.com.au/new-email-scam-uses-old-password-fake-porn-threats-webcam-video-bitcoin-2018-7?r=US&IR=T >>>>> >>>>> The downside to all the security obviously is having a lot more >>>>> (different) passwords. This is where things like Keychain Access, >>>>> 1Password etc come in very handy to store all the passwords in for me. >>>>> (even things like the WAMUG mailing list, and the WAMUG committee mailing >>>>> list I have stored to access so I can look after the behind the scenes >>>>> things for it. And a lot more passwords linked to different things for >>>>> even those that need passwords as well). >>>>> So without having to remember them all, that’s where the above programs >>>>> become “life savers”. (and I have them stored in 2 different programs >>>>> should one “fail”). >>>>> The other I’ve set it up for clients who may not want to use the “written >>>>> down password” books is to have a locked Excel spreadsheet. Lock it with >>>>> a main password and give the file a name that doesn’t say “Passwords” >>>>> (e.g. Wine List, Book List, My Boring Notes file). Then they put all >>>>> their passwords in that. >>>>> Others write them down in books obviously as well. Not one I tend to >>>>> recommend as if someone gets the book they have all the passwords. But it >>>>> depends on how clients are worried about their data really. Some might >>>>> not have things they are worried about. >>>>> >>>>> But back to your topic,..if you have an AppleID, then you would have an >>>>> iCloudID - given they are both the same. >>>>> If you use the above link then you can at least check it and see if it >>>>> logs you in or not. Then you know at least if you have those details for >>>>> that AppleID/iCloud. >>>>> >>>>> Apologies to others for the long post,..was trying to cover a lot in one >>>>> email,….lol. >>>>> >>>>> Hope all that info helps. >>>>> Kind regards >>>>> Daniel >>>>> >>>>> Sent from my iPhone XS >>>>> >>>>> --- >>>>> Daniel Kerr >>>>> MacWizardry >>>>> >>>>> Phone: 0414 795 960 >>>>> Email: <daniel AT macwizardry.com.au> >>>>> Web: <http://www.macwizardry.com.au> >>>>> >>>>> >>>>> **For everything Apple** >>>>> >>>>> NOTE: Any information provided in this email may be my personal opinion >>>>> and as such should be taken accordingly, and may not be the views of >>>>> MacWizardry. Any information provided does not offer or warrant any form >>>>> of warranty or accept liability. It would be appreciated that if any >>>>> information in this email is to be disseminated, distributed or copied, >>>>> that permission by the author be requested. >>>>> >>>>>> On 3 Dec 2018, at 11:15 am, Pat <[email protected]> wrote: >>>>>> >>>>>> Thanks, Peter and Susan, >>>>>> >>>>>> One thing I read while I was thrashing around trying to fix things, was >>>>>> that if you enter a password incorrectly 2 times, you have to (I forget >>>>>> the exact words) sort it out with Apple (which isn’t easy to do, as you >>>>>> are only given a limited number of topics that you can choose from.) >>>>>> >>>>>> But for now, everything is working reasonably well, but I still haven’t >>>>>> tackled iCloud. Will do, soon. >>>>>> >>>>>> Cheers, >>>>>> Pat >>>>>> >>>>>>> On 3 Dec 2018, at 08:03, Peter Hinchliffe <[email protected]> >>>>>>> wrote: >>>>>>> >>>>>>> >>>>>>> >>>>>>>> On 1 Dec 2018, at 11:31 am, Pat <[email protected]> wrote: >>>>>>>> >>>>>>>> I have a functioning password to open the computer and other ones to >>>>>>>> send and receive mail. But I have just discovered that Apple has a >>>>>>>> clutch of others that I don’t know. I have never voluntarily used >>>>>>>> iCloud, so as far as I am concerned, it has no password. How do I find >>>>>>>> out how to find it or create it, because apparently I need it? >>>>>>>> >>>>>>>> It looks like I may need other passwords for functions about which I >>>>>>>> have no idea. Security gone mad. >>>>>>>> >>>>>>>> I was just trying to transfer something to one of my external disks. >>>>>>>> Couldn’t do it by drag and drop without the damn password. The one >>>>>>>> that opens my computer used to do it, but it was rejected. >>>>>>>> >>>>>>>> I hope someone can help. >>>>>>>> Pat >>>>>>> >>>>>>> As frustrating as all this is, it’s an unfortunate reality in today’s >>>>>>> computing world that you must keep track of your accounts and >>>>>>> passwords. The only way to avoid this is to turn off all access to the >>>>>>> internet, which has now become almost impossible. >>>>>>> >>>>>>> Whether or not you are using iCloud (and if you use a Mac you probably >>>>>>> are whether you think so or not) you are actually being asked for the >>>>>>> password for your Apple ID. Your Apple ID is generally just your >>>>>>> regular email address. Many people go through the motions of creating >>>>>>> an Apple ID when they first set up a new Mac or upgrade their OS, then >>>>>>> either forget about it or don’t realise the significance of what >>>>>>> they’ve been asked to do. >>>>>>> >>>>>>> In any event, if you don’t know what your Apple ID password is, you’ll >>>>>>> have to reset it. The most direct way to do this is simply to go to >>>>>>> System Preferences on your Mac and choose iCloud. You will be asked to >>>>>>> type a password. If you type something and it’s not recognised after 3 >>>>>>> attempts you will see a link appear which you can click if you “can’t >>>>>>> remember your password”. If you click that a message will be sent to >>>>>>> your email address showing you the steps to follow to create a new >>>>>>> password. >>>>>>> >>>>>>> Kind regards, >>>>>>> >>>>>>> Peter Hinchliffe Apwin Computer Services >>>>>>> FileMaker Pro Solutions Developer >>>>>>> Perth, Western Australia >>>>>>> Phone (618) 9332 6482 Mob 0403 046 948 >>>>>>> -------------------------------------------------------------------- >>>>>>> Mac because I prefer it -- Windows because I have to. >>> >>> >>> Regards, >>> Stephen Chape >>> >>> >> -- The WA Macintosh User Group Mailing List -- >> Archives - <http://www.wamug.org.au/mailinglist/archives.shtml> >> Guidelines - <http://www.wamug.org.au/mailinglist/guidelines.shtml> >> Settings & Unsubscribe - >> <http://lists.wamug.org.au/listinfo/wamug.org.au-wamug> > > > Regards, > Stephen Chape > > > > > > > -- The WA Macintosh User Group Mailing List -- > Archives - <http://www.wamug.org.au/mailinglist/archives.shtml> > Guidelines - <http://www.wamug.org.au/mailinglist/guidelines.shtml> > Settings & Unsubscribe - > <http://lists.wamug.org.au/listinfo/wamug.org.au-wamug>
-- The WA Macintosh User Group Mailing List -- Archives - <http://www.wamug.org.au/mailinglist/archives.shtml> Guidelines - <http://www.wamug.org.au/mailinglist/guidelines.shtml> Settings & Unsubscribe - <http://lists.wamug.org.au/listinfo/wamug.org.au-wamug>
