I am with you on that one Tim. > On 5 Dec 2018, at 5:02 am, Tim Law <[email protected]> wrote: > > Alex, > > In a blog posting, the owner of 1Password talked about the benefits to the > user of using normal words rather than a collection of wild letters and > numbers. If you ever have to physically enter a password it is much easier to > write “sung.7Persuade.pushy” than a random string and apparently just as > secure as long as the words would never normally appear together. I’ve added > in the 7 and the upper case P and it creates a highly secure password that > shows all green on those little slider indicators. > > Regards > > Tim > > > > Sent from Tim's Retina iPad 2 > > On 4 Dec 2018, at 11:35 pm, Alex <[email protected] > <mailto:[email protected]>> wrote: > >> Thanks Daniel, that was very helpful on a very vexatious issue. >> >> Couple queries tho’. Do you have any opinion on LastPass? I have used it >> in a Windows environment. >> >> And, if one is to use a password management programme, would it then be >> advisable to set up random letters, numbers & characters as passwords rather >> than the usual passwords one makes up? >> >> Cheers, >> >> Alex Novakovic >> >>> On 3 Dec 2018, at 12:29 pm, Daniel Kerr <[email protected] >>> <mailto:[email protected]>> wrote: >>> >>> Hi Pat >>> >>> If you enter the AppleID (which is also used for iCloud, as they are >>> generally one and the same thing), more then 3 times, then yes it will >>> generally want you to reset it. >>> You can do this by a few options - some are automated, and don’t require >>> calling Apple. >>> If you have access to the email address, you can request an email that will >>> step you through resetting your password. >>> Generally if I want to “Test” a password for a client to see if it’s >>> correct or not, then I will use the “main” Apple site - applied.apple.com >>> <http://applied.apple.com/> >>> By putting in the email address and password then it will ensure if it’s >>> correct or not. If it logs in - the password is correct. If it advises it >>> isn’t correct then a few tries before the option of resetting it (normally >>> via the email option). It’s very rare to have to call Apple for this at all >>> I find. It’s all automated. >>> >>> *Generally* (and I use this term lightly) the computer password will be >>> different to the AppleID password. Though,…in some of the later systems, >>> this can be reset by the same AppleID. >>> In System Preferences - Users & Groups - “username” (on the left hand >>> side). On the right hand side there is a tick box that says “Allow user to >>> reset password using Apple ID). If this is ticked, then the AppleID can be >>> used to change the computer password. And then (generally) these are one >>> and the same. >>> I personally prefer to keep these different, so the computer password is >>> completely different to my AppleID. (for security reasons). >>> >>> This could be where (if you had ticked) some of the issue could have >>> happened in your last post to the list where you went through with Apple >>> resetting the password. >>> (I probably would have used the Terminal thing as a last resort, as yes it >>> resets Keychain and this makes a whole other issue where passwords stored >>> there are a) lost of b) almost non-retrievable. And even if retrieved via a >>> TimeMachine backup they will be locked away under the “original” password. >>> >>> As Peter has mentioned unfortunately these days everything has to be a lot >>> more secure. The flip side to this would be a lot more hacking of details, >>> a lot more social engineering of personal details and a lot more user data >>> out in the open. So with things like 2-factor authentication, recovery via >>> email of forgotten details, and stronger passwords Apple (and others) are >>> doing as much as they can do to protect personal data. >>> I’d personally prefer it this way, then people having access to my data. I >>> like the security of 2-factor authentication knowing that even if someone >>> got my AppleID password they can’t access it without physical access to my >>> iPhone. (which is also locked, and 10 wrong attempts will just wipe my >>> device). I’d rather know my data is as secure as possible and harder for >>> others to try and get then a lot less security and easier ways to try and >>> get my data. (only have to look at the 4 years that yahoo accounts got >>> hacked for example with no notification to their users). And we see a lot >>> more of these where some companies seem to be a bit less “slack” about some >>> things, and more personal data gets “hacked”. >>> (I know where two of my spams come from as they come to two email address I >>> used for Dropbox and Adobe. So I know those two accounts that get spammed >>> where two email addresses I used where “taken” in a list from both of those >>> companies.). The spam comes addresses to those two email addresses which I >>> then went and closed off and changed. >>> This was another interesting site where I could check which “places” my >>> email address may have been taken from - https://haveibeenpwned.com >>> <https://haveibeenpwned.com/> >>> This came from an article I read ages ago here - >>> https://www.businessinsider.com.au/new-email-scam-uses-old-password-fake-porn-threats-webcam-video-bitcoin-2018-7?r=US&IR=T >>> >>> <https://www.businessinsider.com.au/new-email-scam-uses-old-password-fake-porn-threats-webcam-video-bitcoin-2018-7?r=US&IR=T> >>> >>> The downside to all the security obviously is having a lot more (different) >>> passwords. This is where things like Keychain Access, 1Password etc come in >>> very handy to store all the passwords in for me. (even things like the >>> WAMUG mailing list, and the WAMUG committee mailing list I have stored to >>> access so I can look after the behind the scenes things for it. And a lot >>> more passwords linked to different things for even those that need >>> passwords as well). >>> So without having to remember them all, that’s where the above programs >>> become “life savers”. (and I have them stored in 2 different programs >>> should one “fail”). >>> The other I’ve set it up for clients who may not want to use the “written >>> down password” books is to have a locked Excel spreadsheet. Lock it with a >>> main password and give the file a name that doesn’t say “Passwords” (e.g. >>> Wine List, Book List, My Boring Notes file). Then they put all their >>> passwords in that. >>> Others write them down in books obviously as well. Not one I tend to >>> recommend as if someone gets the book they have all the passwords. But it >>> depends on how clients are worried about their data really. Some might not >>> have things they are worried about. >>> >>> But back to your topic,..if you have an AppleID, then you would have an >>> iCloudID - given they are both the same. >>> If you use the above link then you can at least check it and see if it logs >>> you in or not. Then you know at least if you have those details for that >>> AppleID/iCloud. >>> >>> Apologies to others for the long post,..was trying to cover a lot in one >>> email,….lol. >>> >>> Hope all that info helps. >>> Kind regards >>> Daniel >>> >>> Sent from my iPhone XS >>> >>> --- >>> Daniel Kerr >>> MacWizardry >>> >>> Phone: 0414 795 960 >>> Email: <daniel AT macwizardry.com.au <http://macwizardry.com.au/>> >>> Web: <http://www.macwizardry.com.au <http://www.macwizardry.com.au/>> >>> >>> >>> **For everything Apple** >>> >>> NOTE: Any information provided in this email may be my personal opinion and >>> as such should be taken accordingly, and may not be the views of >>> MacWizardry. Any information provided does not offer or warrant any form of >>> warranty or accept liability. It would be appreciated that if any >>> information in this email is to be disseminated, distributed or copied, >>> that permission by the author be requested. >>> >>>> On 3 Dec 2018, at 11:15 am, Pat <[email protected] >>>> <mailto:[email protected]>> wrote: >>>> >>>> Thanks, Peter and Susan, >>>> >>>> One thing I read while I was thrashing around trying to fix things, was >>>> that if you enter a password incorrectly 2 times, you have to (I forget >>>> the exact words) sort it out with Apple (which isn’t easy to do, as you >>>> are only given a limited number of topics that you can choose from.) >>>> >>>> But for now, everything is working reasonably well, but I still haven’t >>>> tackled iCloud. Will do, soon. >>>> >>>> Cheers, >>>> Pat >>>> >>>>> On 3 Dec 2018, at 08:03, Peter Hinchliffe <[email protected] >>>>> <mailto:[email protected]>> wrote: >>>>> >>>>> >>>>> >>>>>> On 1 Dec 2018, at 11:31 am, Pat <[email protected] >>>>>> <mailto:[email protected]>> wrote: >>>>>> >>>>>> I have a functioning password to open the computer and other ones to >>>>>> send and receive mail. But I have just discovered that Apple has a >>>>>> clutch of others that I don’t know. I have never voluntarily used >>>>>> iCloud, so as far as I am concerned, it has no password. How do I find >>>>>> out how to find it or create it, because apparently I need it? >>>>>> >>>>>> It looks like I may need other passwords for functions about which I >>>>>> have no idea. Security gone mad. >>>>>> >>>>>> I was just trying to transfer something to one of my external disks. >>>>>> Couldn’t do it by drag and drop without the damn password. The one that >>>>>> opens my computer used to do it, but it was rejected. >>>>>> >>>>>> I hope someone can help. >>>>>> Pat >>>>> >>>>> As frustrating as all this is, it’s an unfortunate reality in today’s >>>>> computing world that you must keep track of your accounts and passwords. >>>>> The only way to avoid this is to turn off all access to the internet, >>>>> which has now become almost impossible. >>>>> >>>>> Whether or not you are using iCloud (and if you use a Mac you probably >>>>> are whether you think so or not) you are actually being asked for the >>>>> password for your Apple ID. Your Apple ID is generally just your regular >>>>> email address. Many people go through the motions of creating an Apple ID >>>>> when they first set up a new Mac or upgrade their OS, then either forget >>>>> about it or don’t realise the significance of what they’ve been asked to >>>>> do. >>>>> >>>>> In any event, if you don’t know what your Apple ID password is, you’ll >>>>> have to reset it. The most direct way to do this is simply to go to >>>>> System Preferences on your Mac and choose iCloud. You will be asked to >>>>> type a password. If you type something and it’s not recognised after 3 >>>>> attempts you will see a link appear which you can click if you “can’t >>>>> remember your password”. If you click that a message will be sent to your >>>>> email address showing you the steps to follow to create a new password. >>>>> >>>>> Kind regards, >>>>> >>>>> Peter Hinchliffe Apwin Computer Services >>>>> FileMaker Pro Solutions Developer >>>>> Perth, Western Australia >>>>> Phone (618) 9332 6482 Mob 0403 046 948 >>>>> -------------------------------------------------------------------- >>>>> Mac because I prefer it -- Windows because I have to. >>>>> >>>>> -- The WA Macintosh User Group Mailing List -- >>>>> Archives - <http://www.wamug.org.au/mailinglist/archives.shtml >>>>> <http://www.wamug.org.au/mailinglist/archives.shtml>> >>>>> Guidelines - <http://www.wamug.org.au/mailinglist/guidelines.shtml >>>>> <http://www.wamug.org.au/mailinglist/guidelines.shtml>> >>>>> Settings & Unsubscribe - >>>>> <http://lists.wamug.org.au/listinfo/wamug.org.au-wamug >>>>> <http://lists.wamug.org.au/listinfo/wamug.org.au-wamug>> >>>> >>>> -- The WA Macintosh User Group Mailing List -- >>>> Archives - <http://www.wamug.org.au/mailinglist/archives.shtml >>>> <http://www.wamug.org.au/mailinglist/archives.shtml>> >>>> Guidelines - <http://www.wamug.org.au/mailinglist/guidelines.shtml >>>> <http://www.wamug.org.au/mailinglist/guidelines.shtml>> >>>> Settings & Unsubscribe - >>>> <http://lists.wamug.org.au/listinfo/wamug.org.au-wamug >>>> <http://lists.wamug.org.au/listinfo/wamug.org.au-wamug>> >>> >>> -- The WA Macintosh User Group Mailing List -- >>> Archives - <http://www.wamug.org.au/mailinglist/archives.shtml >>> <http://www.wamug.org.au/mailinglist/archives.shtml>> >>> Guidelines - <http://www.wamug.org.au/mailinglist/guidelines.shtml >>> <http://www.wamug.org.au/mailinglist/guidelines.shtml>> >>> Settings & Unsubscribe - >>> <http://lists.wamug.org.au/listinfo/wamug.org.au-wamug >>> <http://lists.wamug.org.au/listinfo/wamug.org.au-wamug>> >> >> -- The WA Macintosh User Group Mailing List -- >> Archives - <http://www.wamug.org.au/mailinglist/archives.shtml >> <http://www.wamug.org.au/mailinglist/archives.shtml>> >> Guidelines - <http://www.wamug.org.au/mailinglist/guidelines.shtml >> <http://www.wamug.org.au/mailinglist/guidelines.shtml>> >> Settings & Unsubscribe - >> <http://lists.wamug.org.au/listinfo/wamug.org.au-wamug >> <http://lists.wamug.org.au/listinfo/wamug.org.au-wamug>> > -- The WA Macintosh User Group Mailing List -- > Archives - <http://www.wamug.org.au/mailinglist/archives.shtml> > Guidelines - <http://www.wamug.org.au/mailinglist/guidelines.shtml> > Settings & Unsubscribe - > <http://lists.wamug.org.au/listinfo/wamug.org.au-wamug>
Regards, Stephen Chape
-- The WA Macintosh User Group Mailing List -- Archives - <http://www.wamug.org.au/mailinglist/archives.shtml> Guidelines - <http://www.wamug.org.au/mailinglist/guidelines.shtml> Settings & Unsubscribe - <http://lists.wamug.org.au/listinfo/wamug.org.au-wamug>
