Check out the rest of the videos in this special course: The Practical Guide To Mac Security.
Learn how to use Safari's Password Manager to general strong passwords, store them and use them later.
You can also watch this video at YouTube (but with ads).
Hi Gary,
Just watched your Security Course part 3. Although I am a 1Password user I am still very interested in following along and finding out how everything works. One item on this course that I couldn't follow along with was when you chose the Passwords icon within System preferences, I don't have this icon. I have a new MacBook Air and am up-to-date on MacOS. Is there something I am missing? Hope you can help me. Thanks.
Guy: "Now starting with MACOS MONTEREY there is also the ability to access your password outside of Safari in System Preferences."
Presently Apple does not allow sharing of their system generated passwords. Do you know if they are considering changing this where one could select certain passwords to share with their family members, i.e., for example, one’s financial institution, etc.
Deborah: if at all possible you should have separate logins. I know we can do that for all my banks and credit cards. But if you need to share a password you can. For instance on an iPhone you can clog to Settings, Passwords, select the password and use the Share button. For instance you can use it to send a password to a family member when they are trying to log into a streaming service. Then they can save the password in their iCloud account to use later.
Responding to Guy:
I don't see it either, you need to go into your Apple ID at the top of System Preferences window and then to Passwords & Security.
Responding to Guy:
Oops, answered the wrong question.
Paul: This is a feature of Monterey. I mention that.
Hi Gary, great videos . Question : If I opt for a suggested password will that also apply for my iPhone and iPad ?
Bert: Yes, via iCloud. Make sure you have Keychain turned on in iCloud settings for all devices.
Hi Gary, when using Keychain the only place I see to put notes (ie. Answers to Security Questions, Secret Keys, etc.) is in the Comments section . . . but unlike the Password, where you have to enter your initial password in order for it to show up, the comments always show up . . . not secure. Any other place in Keychain I can enter that information to keep it hidden & safe?
Thank you.
Kathy: What's wrong with them showing up? Only you have access to them since your Mac is locked with your password. You can use Secure Notes for this too (through the Keychain Access app).
Many sites I have an account on now have options to log in with Apple or Google. My understanding is that by sighing in with Apple, my email is not sent to the site. If I already have an account, and I opt to sign in with Apple, am I creating a new account without access to the content of my old account (e.g., wishlists and order history). Can I start using Apple to sign in and still access my "old" account? TIA.
Alex: That would be up to site, whether they would offer a way to merge accounts or change an account in such a way. Really no advantage to it for you if you already have account set up. I would imagine few, if any, sites offer this.
So will keychain passwords work if I am using Duck Duck Go as my browser or do I need a third party manager?
Nanci: If you want to use a third-party browser then a third-party password manager is your best bet, But make sure it has an extension/plugin for that browser.
Hi Gary. Excellent security initiative. I use BigSur 11.5.1. No Password icon in system preferences but I can wait till Monterey comes on. I have 2 questions: Q1: I sometimes use Firefox and sometimes Safari. I guess I can only work with one default browser to rely in generated passwords? Q2: There are still websites which don’t allow more than say 6 digits (even a bank I bank with!!!) or which don’t allow certain characters in their passwords. I guess a password manager cannot be used then?
Hubert: Passwords in System Preferences is for macOS Monterey (In the video I say "Now starting with macOS Monterey there is also the ability to access your password outside of Safari in System Preferences"). If you use a third-party password Manager like 1Password or LastPass you can install extensions for all browsers. So you can then use Safari and Firefox both very easily. If a website is still doing that today in 2021, you can just edit the password to remove some characters.
Hi Gary. I had a look at Bitwarden. No fee. They do indeed ask for a Master password but for this you can alos use the password generator. Do you recommend to use tjis procedure (and record the master password somewhere safe) of is it better to creat one oneself?
Hubert: Use a generator to create a master password, but make sure it is something you can easily type. Still random and unique though. Yes, write it down and store it somewhere safe, though you will quickly memorize it.
In follow up to Kathy's question above, where ARE the secure notes or places to keep things you want to be secure. I have no problem with them being displayed but I do not see how to get to the notes create/edit place. Thanks
Gene: You can use the Keychain Access app to store those (File, New Secure Note) or store them somewhere else like in the Notes app (locked notes).
In updating my safari passwords to a stronger password, I've often come across websites (usually old, long ago accessed websites) where it's no longer possible to log-in. Therefore am unable to update the password and/or delete my account. Some of these sites have even been flagged with the Safari Passwords warning symbol! If I can't get in, should I assume no-one else can either and therefore I can simply delete these accounts from my Safari Preferences Password list?
Janice: Depends on what you mean by "no longer possible to log-in." Is the site closed? Or not working? Or is it just not accepting your password? If the latter, just use their password reset function.
Further to my earlier inquiry, These are website accounts which were originally set up with an ID & password and I haven’t accessed these accounts for a number of years. These sites are stored in my Safari Preferences Password data bank, some flagged with “caution” (easily guessed password, duplicate password or implicated in a data breach). However I’m unable to sign into these websites to update with a more secure password using the original ID and password when I first created the account.
Janice: Then just use the site's "reset password" function to set a new password. Usually they email you a link to click to confirm it is you. Every site does it a little differently.
So if the password reset request is not recognized, shall I assume that the website is no longer active or that the original data given to them is now protected from security breaches? ie: if I can’t get in so no one else can either …
Janice: What do you mean by "not recognized?" If you don't need the site anymore, and you aren't use that same password anywhere, then just forget about it.
Safari-generated passwords do not contains “symbols” other than a hyphen in the approximately two dozen passwords that I’ve asked Safari to generate. Doesn’t that mean that the generated passwords are no stronger than upper case, lowercase and numbers with one extra character? Perhaps a 20-character password without symbols other than hyphen is strong enough?
Fred: Adding a few extra characters would make it slightly stronger, but these are strong enough. They probably avoid symbols because some sites won't allow them and they vary across the world.