Security Friday: Data Breaches and Password Migration – TMO Daily Observations 2021-06-25
Show Notes
- Daily Observations Archive
- Security Friday News and Articles
- Web Hosting Service 'DreamHost' Leaked 814 Records of Customer Data
- Apple Exec Says Users Who Want ‘Sideloading’ Move to Android
- How to Unlock and Extract Data From iPhones Using GrayKey
- How to Export Passwords From Chrome, Firefox, and Safari
- People Can Now Store Medical Records in 1Password
- TMO Daily Observations Twitter feed
From a convenience standpoint Apple Keychain is pretty seamless with Safari. Only issue I’ve run into is that Key Chain keeps old user names and passwords as well as the latest ones. Every so often KeyChain will try to provide the older password. This requires you to go into Keychain, look of the desired website and delete the older passwords.
One Password from a convenience standpoint is very buggy with the installed Safari extension which so far on three separate Macs running Mac OS 11.4 just doesn’t work. You can uninstall and reinstall the 1 Password extention in Safari and no go, still doesn’t work. Have to open 1Password in the menu bar or through the main App icon in “Apps” and copy and paste your user name and password for the website login you need to access. As far as logging into to 1Password, the big feature in the latest release allows your Apple Watch to open 1Password without typing in the master password. This is buggy as well as it sometimes alerts the watch to open by double clicking the side button and other times does not.
Lastly, 1Password is only as secure as your master password. You can go through the recommended exercise of picking unique long / complex passwords for each website but, your master password for 1Password is usually something you remember which by nature is probably less secure than the passwords within 1Password itself. So at the end of the day, Safari/Keychain maybe more secure than on 1Password simply because of the rememberable one password you chose to open 1Password. Plus, the Safari/Keychain convenance is better than the 1Password experience.
I’m using the 1P extension in Safari on multiple Macs running 11.4 and it works fine, so if it isn’t working for you then you might want to contact their Support. I know if you’re not using the subscription version the extension won’t work in Safari, but otherwise it should be fine.
I find that I have lots and lots of things that need filled in so for me aside from credentials on a web page, so 1Password is the right choice for my setup. As we say on the show, it doesn’t matter which password manager you use as long as you use one.
Thanks for listening! 🙂