Alex, In a blog posting, the owner of 1Password talked about the benefits to the user of using normal words rather than a collection of wild letters and numbers. If you ever have to physically enter a password it is much easier to write “sung.7Persuade.pushy” than a random string and apparently just as secure as long as the words would never normally appear together. I’ve added in the 7 and the upper case P and it creates a highly secure password that shows all green on those little slider indicators.
Regards Tim Sent from Tim's Retina iPad 2 > On 4 Dec 2018, at 11:35 pm, Alex <[email protected]> wrote: > > Thanks Daniel, that was very helpful on a very vexatious issue. > > Couple queries tho’. Do you have any opinion on LastPass? I have used it in > a Windows environment. > > And, if one is to use a password management programme, would it then be > advisable to set up random letters, numbers & characters as passwords rather > than the usual passwords one makes up? > > Cheers, > > Alex Novakovic > >> On 3 Dec 2018, at 12:29 pm, Daniel Kerr <[email protected]> wrote: >> >> Hi Pat >> >> If you enter the AppleID (which is also used for iCloud, as they are >> generally one and the same thing), more then 3 times, then yes it will >> generally want you to reset it. >> You can do this by a few options - some are automated, and don’t require >> calling Apple. >> If you have access to the email address, you can request an email that will >> step you through resetting your password. >> Generally if I want to “Test” a password for a client to see if it’s correct >> or not, then I will use the “main” Apple site - applied.apple.com >> By putting in the email address and password then it will ensure if it’s >> correct or not. If it logs in - the password is correct. If it advises it >> isn’t correct then a few tries before the option of resetting it (normally >> via the email option). It’s very rare to have to call Apple for this at all >> I find. It’s all automated. >> >> *Generally* (and I use this term lightly) the computer password will be >> different to the AppleID password. Though,…in some of the later systems, >> this can be reset by the same AppleID. >> In System Preferences - Users & Groups - “username” (on the left hand side). >> On the right hand side there is a tick box that says “Allow user to reset >> password using Apple ID). If this is ticked, then the AppleID can be used to >> change the computer password. And then (generally) these are one and the >> same. >> I personally prefer to keep these different, so the computer password is >> completely different to my AppleID. (for security reasons). >> >> This could be where (if you had ticked) some of the issue could have >> happened in your last post to the list where you went through with Apple >> resetting the password. >> (I probably would have used the Terminal thing as a last resort, as yes it >> resets Keychain and this makes a whole other issue where passwords stored >> there are a) lost of b) almost non-retrievable. And even if retrieved via a >> TimeMachine backup they will be locked away under the “original” password. >> >> As Peter has mentioned unfortunately these days everything has to be a lot >> more secure. The flip side to this would be a lot more hacking of details, a >> lot more social engineering of personal details and a lot more user data out >> in the open. So with things like 2-factor authentication, recovery via email >> of forgotten details, and stronger passwords Apple (and others) are doing as >> much as they can do to protect personal data. >> I’d personally prefer it this way, then people having access to my data. I >> like the security of 2-factor authentication knowing that even if someone >> got my AppleID password they can’t access it without physical access to my >> iPhone. (which is also locked, and 10 wrong attempts will just wipe my >> device). I’d rather know my data is as secure as possible and harder for >> others to try and get then a lot less security and easier ways to try and >> get my data. (only have to look at the 4 years that yahoo accounts got >> hacked for example with no notification to their users). And we see a lot >> more of these where some companies seem to be a bit less “slack” about some >> things, and more personal data gets “hacked”. >> (I know where two of my spams come from as they come to two email address I >> used for Dropbox and Adobe. So I know those two accounts that get spammed >> where two email addresses I used where “taken” in a list from both of those >> companies.). The spam comes addresses to those two email addresses which I >> then went and closed off and changed. >> This was another interesting site where I could check which “places” my >> email address may have been taken from - https://haveibeenpwned.com >> This came from an article I read ages ago here - >> https://www.businessinsider.com.au/new-email-scam-uses-old-password-fake-porn-threats-webcam-video-bitcoin-2018-7?r=US&IR=T >> >> The downside to all the security obviously is having a lot more (different) >> passwords. This is where things like Keychain Access, 1Password etc come in >> very handy to store all the passwords in for me. (even things like the WAMUG >> mailing list, and the WAMUG committee mailing list I have stored to access >> so I can look after the behind the scenes things for it. And a lot more >> passwords linked to different things for even those that need passwords as >> well). >> So without having to remember them all, that’s where the above programs >> become “life savers”. (and I have them stored in 2 different programs should >> one “fail”). >> The other I’ve set it up for clients who may not want to use the “written >> down password” books is to have a locked Excel spreadsheet. Lock it with a >> main password and give the file a name that doesn’t say “Passwords” (e.g. >> Wine List, Book List, My Boring Notes file). Then they put all their >> passwords in that. >> Others write them down in books obviously as well. Not one I tend to >> recommend as if someone gets the book they have all the passwords. But it >> depends on how clients are worried about their data really. Some might not >> have things they are worried about. >> >> But back to your topic,..if you have an AppleID, then you would have an >> iCloudID - given they are both the same. >> If you use the above link then you can at least check it and see if it logs >> you in or not. Then you know at least if you have those details for that >> AppleID/iCloud. >> >> Apologies to others for the long post,..was trying to cover a lot in one >> email,….lol. >> >> Hope all that info helps. >> Kind regards >> Daniel >> >> Sent from my iPhone XS >> >> --- >> Daniel Kerr >> MacWizardry >> >> Phone: 0414 795 960 >> Email: <daniel AT macwizardry.com.au> >> Web: <http://www.macwizardry.com.au> >> >> >> **For everything Apple** >> >> NOTE: Any information provided in this email may be my personal opinion and >> as such should be taken accordingly, and may not be the views of >> MacWizardry. Any information provided does not offer or warrant any form of >> warranty or accept liability. It would be appreciated that if any >> information in this email is to be disseminated, distributed or copied, that >> permission by the author be requested. >> >>> On 3 Dec 2018, at 11:15 am, Pat <[email protected]> wrote: >>> >>> Thanks, Peter and Susan, >>> >>> One thing I read while I was thrashing around trying to fix things, was >>> that if you enter a password incorrectly 2 times, you have to (I forget the >>> exact words) sort it out with Apple (which isn’t easy to do, as you are >>> only given a limited number of topics that you can choose from.) >>> >>> But for now, everything is working reasonably well, but I still haven’t >>> tackled iCloud. Will do, soon. >>> >>> Cheers, >>> Pat >>> >>>> On 3 Dec 2018, at 08:03, Peter Hinchliffe <[email protected]> >>>> wrote: >>>> >>>> >>>> >>>>> On 1 Dec 2018, at 11:31 am, Pat <[email protected]> wrote: >>>>> >>>>> I have a functioning password to open the computer and other ones to send >>>>> and receive mail. But I have just discovered that Apple has a clutch of >>>>> others that I don’t know. I have never voluntarily used iCloud, so as far >>>>> as I am concerned, it has no password. How do I find out how to find it >>>>> or create it, because apparently I need it? >>>>> >>>>> It looks like I may need other passwords for functions about which I have >>>>> no idea. Security gone mad. >>>>> >>>>> I was just trying to transfer something to one of my external disks. >>>>> Couldn’t do it by drag and drop without the damn password. The one that >>>>> opens my computer used to do it, but it was rejected. >>>>> >>>>> I hope someone can help. >>>>> Pat >>>> >>>> As frustrating as all this is, it’s an unfortunate reality in today’s >>>> computing world that you must keep track of your accounts and passwords. >>>> The only way to avoid this is to turn off all access to the internet, >>>> which has now become almost impossible. >>>> >>>> Whether or not you are using iCloud (and if you use a Mac you probably are >>>> whether you think so or not) you are actually being asked for the password >>>> for your Apple ID. Your Apple ID is generally just your regular email >>>> address. Many people go through the motions of creating an Apple ID when >>>> they first set up a new Mac or upgrade their OS, then either forget about >>>> it or don’t realise the significance of what they’ve been asked to do. >>>> >>>> In any event, if you don’t know what your Apple ID password is, you’ll >>>> have to reset it. The most direct way to do this is simply to go to System >>>> Preferences on your Mac and choose iCloud. You will be asked to type a >>>> password. If you type something and it’s not recognised after 3 attempts >>>> you will see a link appear which you can click if you “can’t remember your >>>> password”. If you click that a message will be sent to your email address >>>> showing you the steps to follow to create a new password. >>>> >>>> Kind regards, >>>> >>>> Peter Hinchliffe Apwin Computer Services >>>> FileMaker Pro Solutions Developer >>>> Perth, Western Australia >>>> Phone (618) 9332 6482 Mob 0403 046 948 >>>> -------------------------------------------------------------------- >>>> Mac because I prefer it -- Windows because I have to. >>>> >>>> -- The WA Macintosh User Group Mailing List -- >>>> Archives - <http://www.wamug.org.au/mailinglist/archives.shtml> >>>> Guidelines - <http://www.wamug.org.au/mailinglist/guidelines.shtml> >>>> Settings & Unsubscribe - >>>> <http://lists.wamug.org.au/listinfo/wamug.org.au-wamug> >>> >>> -- The WA Macintosh User Group Mailing List -- >>> Archives - <http://www.wamug.org.au/mailinglist/archives.shtml> >>> Guidelines - <http://www.wamug.org.au/mailinglist/guidelines.shtml> >>> Settings & Unsubscribe - >>> <http://lists.wamug.org.au/listinfo/wamug.org.au-wamug> >> >> -- The WA Macintosh User Group Mailing List -- >> Archives - <http://www.wamug.org.au/mailinglist/archives.shtml> >> Guidelines - <http://www.wamug.org.au/mailinglist/guidelines.shtml> >> Settings & Unsubscribe - >> <http://lists.wamug.org.au/listinfo/wamug.org.au-wamug> > > -- The WA Macintosh User Group Mailing List -- > Archives - <http://www.wamug.org.au/mailinglist/archives.shtml> > Guidelines - <http://www.wamug.org.au/mailinglist/guidelines.shtml> > Settings & Unsubscribe - > <http://lists.wamug.org.au/listinfo/wamug.org.au-wamug>
-- The WA Macintosh User Group Mailing List -- Archives - <http://www.wamug.org.au/mailinglist/archives.shtml> Guidelines - <http://www.wamug.org.au/mailinglist/guidelines.shtml> Settings & Unsubscribe - <http://lists.wamug.org.au/listinfo/wamug.org.au-wamug>
