Keychain Access
Started by MadaboutDana
on 5/15/2019
MadaboutDana
5/15/2019 8:25 am
Buried away in Mac users' apps and usually completely ignored is a modest little app called Keychain Access.
Following a very useful tip found completely by chance here: http://www.cryan.com/daily/20190412.jsp I've discovered this app can be used to create secret notes.
And once you start checking it out, you discover that's it's just as good a password storage system as any of the commercial alternatives (1Password, I'm looking at you, you expensive, subscription-ridden redundancy). You can create your own private keychains, and stored passwords are double-locked (you have to reenter your password to view the actual password, even if you're already logged in).
Who knew?!
Following a very useful tip found completely by chance here: http://www.cryan.com/daily/20190412.jsp I've discovered this app can be used to create secret notes.
And once you start checking it out, you discover that's it's just as good a password storage system as any of the commercial alternatives (1Password, I'm looking at you, you expensive, subscription-ridden redundancy). You can create your own private keychains, and stored passwords are double-locked (you have to reenter your password to view the actual password, even if you're already logged in).
Who knew?!
NickG
5/15/2019 9:16 am
All true and very useful. The only limitation of Keychain access is that there isn't an equivalent IOS app (you can access parts of KA via the IOS Settings/Accounts and Passwords but only login details).
As a side note, a good, free-to-cheap alternative to 1Password, which I'm trialing - Enpass (http://www.enpass.io It seems to me to have all the facilities of 1Password at a fraction of the price. There's a free desktop version with a modest ($11.99) in-app purchase for some extra features (unlock via touch-id, custom templates, custom categories). Other than that, all functions are there. On IOS or Android, it's $11.99.
Enpass seems to me to work as well as 1Password, and is quite a bit cheaper. I've been a 1Password user for many years, but I'm not happy at all with the push to subscriptions, nor the idea that I use their servers as a repository. If Enpass continues to work well, that's the way I'll go. Incidentally, Enpass imports 1Password data.
As a side note, a good, free-to-cheap alternative to 1Password, which I'm trialing - Enpass (http://www.enpass.io It seems to me to have all the facilities of 1Password at a fraction of the price. There's a free desktop version with a modest ($11.99) in-app purchase for some extra features (unlock via touch-id, custom templates, custom categories). Other than that, all functions are there. On IOS or Android, it's $11.99.
Enpass seems to me to work as well as 1Password, and is quite a bit cheaper. I've been a 1Password user for many years, but I'm not happy at all with the push to subscriptions, nor the idea that I use their servers as a repository. If Enpass continues to work well, that's the way I'll go. Incidentally, Enpass imports 1Password data.
MadaboutDana
5/15/2019 10:27 am
Those were the two changes that put me totally off 1Password. No way I'm going to store my passwords on somebody else's server! The ones I've already stored in all kinds of services (yes, that means you, Yahoo) have already been distributed to goodness knows how many would-be pirates.
bellybeeping
5/16/2019 5:01 am
I am still using 1Password with Dropbox, and not having too many issues. If I try to generate a password on my phone, I'll have to wait a bit for it to sync over sometimes, but otherwise it's okay.
The old non-1password sync version on Windows is another story -- It doesn't even support Chrome anymore without hacks to trick it.
The old non-1password sync version on Windows is another story -- It doesn't even support Chrome anymore without hacks to trick it.
Paul Korm
5/16/2019 12:59 pm
I've never had a problem or concern with 1Password vulnerability, but I suppose that's the same as saying I haven't yet been rear ended in traffic.
But I stay with 1Password for the practical reason that it provides a secure way I can leave information and access to my digital financial assets to my attorney and my executor. There comes a time when that sort thing is prudent.
But I stay with 1Password for the practical reason that it provides a secure way I can leave information and access to my digital financial assets to my attorney and my executor. There comes a time when that sort thing is prudent.
Amontillado
5/16/2019 2:58 pm
Keychain Access works fine, but it's a little cumbersome for notes, at least to me.
I use pwSafe for things that don't end up in Keychain Access. Work passwords, for example.
Another thing I like to do is create an encrypted volume in a file.
For instance, USB sticks don't last forever. So, you can open Disk Utilities and use File->New image->Blank image
You can choose to encrypt it from there.
At that point, you can copy the file to a USB stick, and keep a backup copy on your hard drive.
Mounting it is done by double-clicking the "dmg" file. If you let Keychain Access save the password, it doesn't have to be entered every time.
If you look at the disk devices in Terminal with diskutil cs list, you'll see the file mounted on a loopback device.
A rule of thumb for me is never use an unencrypted USB stick. Generally never, anyway. I might save something personal on it, like bank records, in the future, and I occasionally lose the silly things.
I use pwSafe for things that don't end up in Keychain Access. Work passwords, for example.
Another thing I like to do is create an encrypted volume in a file.
For instance, USB sticks don't last forever. So, you can open Disk Utilities and use File->New image->Blank image
You can choose to encrypt it from there.
At that point, you can copy the file to a USB stick, and keep a backup copy on your hard drive.
Mounting it is done by double-clicking the "dmg" file. If you let Keychain Access save the password, it doesn't have to be entered every time.
If you look at the disk devices in Terminal with diskutil cs list, you'll see the file mounted on a loopback device.
A rule of thumb for me is never use an unencrypted USB stick. Generally never, anyway. I might save something personal on it, like bank records, in the future, and I occasionally lose the silly things.