The Practical Guide To Mac Security: Part 2, Passwords

Check out the rest of the videos in this special course: The Practical Guide To Mac Security.


Learn how to use strong passwords to protect your online accounts and your Mac.
Video transcript available soon.

Comments: 14 Responses to “The Practical Guide To Mac Security: Part 2, Passwords”

    Constance
    3 years ago

    It's "data breach" isn't it? "Breech" usually refers to your pants.

    3 years ago

    Constance: Yes. I realized the typo too late to fix it.

    Larry Roberts
    3 years ago

    With regard to brute force attacks, why do target sites allow possibly millions of failed attempts? Or to put it another way, how are attackers able to avoid attempts to thwart brute force attacks.

    3 years ago

    Larry: First, the attempts come over time from many different bots. So it isn't rapid attacks from one single bot. Second, they don't care which accounts they get. So it is just as good to try one attack on a million separate accounts than to try a million attacks on one account. They just want X compromised accounts each day to use or sell. Use a weak password and no two-factor and you'll eventually be one of the ones they crack.

    Roger Moyer
    3 years ago

    Using Safari built-in password manager is fine, but you still need a very strong password to get into your Mac and protect all your passwords. Any recommendations here? Always seems like the weak link.

    3 years ago

    Roger: You can always use Keychain Access (an app on your Mac) and choose File, New Password to create a password. Click the little key button to bring up the Password Assistant to generate a password there. Then just copy and paste it.

    Tony Biegler
    3 years ago

    Brute Force password attacks could be greatly reduced by website hosts using the "3 strikes and you're out" rule, i.e., after 3 unsuccessful logon attempts lock the account for 24 hours.
    No one would try 3 attempts, wait 24 hours, try 3 more attempts, wait 24 hours, try 3 more ........

    Sherry
    3 years ago

    Is it possible for an attack to hack the Safari built-in password manager?

    3 years ago

    Sherry: they would need physical access to your device and your password to unlock it, or the password and two-factor code to do via iCloud. Extremely difficult, vs how easy it is to get into your accounts if you don’t use strong passwords.

    3 years ago

    Tony: Keep a few things in mind. They attack using botnets. So they try from one location, then another try from another location. Repeat. They also don’t care about YOU. They just want X number of broken accounts. So a million tries vs your account or a million tries vs a million accounts it is the same to them. If your accounts locked you out after 3 failed attempts, then you would always be locked out as bots tried to get in.

    A. J.
    3 years ago

    We would like to use safari keychain password but we spent 6 months away in vacation home. We have another IMac there for use. Would that create a problem since we won’t have access to our primary Mac.

    3 years ago

    A. J.: If you use iCloud then your passwords would appear on both computers as long as you have accounts on those computers using the same iCloud accounts.

    Danny
    3 years ago

    Can Emoji symbols be used in creating a password

    3 years ago

    Danny: I don't think I have ever seen a service that accepts extended character sets like Emoji as passwords.

Comments Closed.