NEW

NEW!!! GET HELP FROM A DISTANCE! Call (512)560-2609 or email helpimnotageek@gmail.com and set up a time for a session.

Friday, April 15, 2016

Allowing your Computer or Keychain in Mac to Save Your Passwords

Passwords are the bane of our existence when it comes to technology. So, anything that makes them easier is hard to turn down. What should you do when you are on a site and the question pops up, "Do you want to save this password?" or "Save this password in your Keychain?" YES or NO??

I did some searching and found several good reasons why you might want to say NO to this question and why Keychain and other Browser password savers are not as secure as Dashlane, 1Password, LastPass or other password managers.

First of all, let's clarify where this information is coming from. Browsers have their own password savers.  For example in Firefox under the Preferences you can see this window:


If you put a check in the box next to Remember Passwords for sites you will always get that question. Then you can click on Saved Passwords to see what you have saved. When I clicked on Saved Passwords there were 9 saved there! At first they were hidden, but then I clicked on SHOW and there they were. Anyone could have done that!  I deleted them all right away because I didn't even know that they were there!



One thing that would have made it more secure is if I used a master password. You can see above that there is a box next to that which you can check. If I had created a master password then someone could not get into my passwords so easily. 

Chrome, Internet Explorer and other browsers have similar password savers.

Keychain (the Apple built in password saver)  is a little different because it is actually on your computer and not connected to a browser. If you choose to activate Keychain in your iCloud account it will also sync to any other Apple Devices you have.

Most password managers will generate strong passwords for you. That is one thing that saves a lot of time when you are at a new site. You do not have to think up one more password that is really difficult, but that you can remember. The password management software will remember it so it can create really long difficult passwords and you will never have to even know them.

NOW FOR THE PROS AND CONS

PROS


  • It is much better than having the same password for everything.
  • If you create a master password it is more secure.
  • It works well (with a master password) for someone who never has someone else accessing their computer.
CONS
  • If you do not put in a Master Password (and many people do not) then all of your passwords can easily be found.
  • Keychain only works on the Safari browser and does not work with every single site. Use of Keychain is not supported by Banks, Credit Cards and some other places because of security issues. Other password managers each work on their own software (Safari, Internet Explorer, Chrome, Firefox, etc...)
  • Keychain does not generate the strongest passwords.
  • Easier to hack than a Password Manager like LastPass or Dashlane. With these password managers your master password NEVER leaves your machine. It is not stored anywhere else. 

On some of the sites I read it said to NEVER use the password savers in browsers or Keychain. It is just not as safe as the other tools. 

And now for one more free tip. To find all of this out I just typed my question into Chrome (my favorite browser and here are some of the sites that I read to learn what I shared with you. It does take some time, but you can do that too. Maybe it is how you found this blog!




Que Publishing

Gizmag

HOW TO SET IT UP - FROM APPLE

iMore

Ask Leo

Step by Step how to access the Password Saving Feature of Browsers

More about Password Managers

I have now used Dashlane for a few years and LOVE it. Other people swear by different password managers, so I doubt that there is one that is the best, but it is definitely worth finding and using a password manager!!

1 comment:

  1. Password security is a joke. I’ve been an IT contractor for over a dozen different companies on various program and the way that employees share with utter disregard for security protocol is scary. I’m astonished more companies don’t get hacked into. They all need to start using a serious password manager like PasswordWrench yesterday.

    ReplyDelete