KeyChain and Password Security

Similar Messages

• Ipad2 and password security flaw

  SLide to unlock featuee is flawed! Its a hack without the hacking. Shut off ipad2 ios8 and go to slide to unlock and it just bypasses password security.

  So what, I bumped it. And you responded. Of course my question is the most important to me. That's why I posted it.
  This is in no way a feature. It reveals your password to anyone who can see it. It doesn't matter why my friend would be that close. But someone could see it 10 feet behind you in a line at a store too. My friends sit next to me at restaurant when we're having dinner. I guess I must be really abnormal for that, aren't I?

• Keychains and Passwords

  Does anyone know how to get rid of the log in password or the prompts that I keep getting everytime that I start the computer or open mail ?
  I've unlocked the keychain and unlocked the file vault It says anyone can access everything but it doesn't behave that way and it's driving me mad !
  I've run first aid for keychain but no luck. Any help would be really welcome.
  Thank you, Teresa

  Teresa,
  If you are using Apple's mail application try going into Mail Preferences click the accounts pane/ advanced tab/ and see if your enable this account is checked. Also see if your authentication is on password. Try a reboot as well.
  On a bizarre note when my wife and I set up her Mini we still had a Gateway pc on the network. It had the same email address. Every couple of minutes Mail would ask for a password, drove us crazy...Just andFYI. Disconnected the Gateway and no more password requests.
  This is set up asan Administrator account. Not sure if that makes a difference in password protection.
  Take care,
  Lee

• Session time-out and password security

  Hi,
  I have a webservice utility, deployed on several platforms (as an EAR on weblogic and webspere, as a WAR on tomcat), they all exhibit the same feature: on first connection, a username/password box pops up, but after the session times out (after 20 minutes or so of inactivity) and the it receives a new page request, instead of re-asking for the username/password, the app just jumps back to its own start page, and then continues without asking.
  How can I make it to pop-up the username/password box again?
  The security is implemented through the web.xml file:
  <security-constraint>
      <web-resource-collection>
        <web-resource-name>Success</web-resource-name>
        <url-pattern>/Logparser</url-pattern>
        <http-method>GET</http-method>
        <http-method>POST</http-method>
      </web-resource-collection>
      <auth-constraint>
        <role-name>webuser</role-name>
      </auth-constraint>
    </security-constraint>
    <login-config>
      <auth-method>BASIC</auth-method>
      <realm-name>default</realm-name>
    </login-config>
    <security-role>
      <role-name>webuser</role-name>
    </security-role>I found that this in itself was not good enough security as you would be able to go directly to one of the sub-pages (if you know the url), and to prevent that I pass (and check) the session-id with each page request.
  (all java servlets).
  Obviously something is missing, but I don't know what
  thanks
  Michael

  Hi Michael,
  Your web application is currently configured to use BASIC authentication.
  Instead if you use FORM-based authentication, then any new request (after your web application session times out) will be redirected to the login page. The Servlet specification has more information about FORM-based login.
  If you have a Sun ONE Web Server 6.1 or a Sun Java System Web Server 7.0 installation you can find a sample that uses form-login in the following directory
  6.1: <install-directory>/plugins/java/samples/webapps/security/form-auth
  7.0: <install-directory>/samples/java/webapps/security/form-auth

• Within reason it would be better and more secure for user to have more latitude in Id and password security. We can make a tool so difficult that it loses its usefulness. the need to write down scores of passwords to make a control freak happy stinks

  The balance between security and ease of use is way out of control with Apple. Where does Security end and Controlfreak begin I have a very secure password that I use on many really high security programs and applications where peoples lives, safety and finances are at risk. There has never ever been a problem because I have chosen the usernames and passords  carefully, I use them all the time so I don't forget them. If I wrote different ones down so that I could access them from different locations that would be a huge violation of security.
  This policy is so extreme that it makes the tools that Apple makes available. I have used Apple as my music management system for years. This has become so impossible that I am going to have to convert to another system. This will cause me time and work. This is quite un-necessary. Control freaks are hard to deal with.I give up, I'm going to go away.

  I have no idea what your issue is, but if you want to comment to Apple, use their feedback page:
  http://www.apple.com/feedback/itunesapp.html
  Posting complaints here, and in particular threats to go to other products, where only we your fellow users will be likely to see them do no one any good. None of us here will really care if you decide that iTunes doesn't work for you and you have chosen to shift to some other product. That's you perogative as a consumer.
  Regards.

• Keychain and password problems

  I have an older macbook using OS X 10.8.4.  I am having two different issues that might be related but probably not.  The first issue is that my keychain is not prompting to save or saving the majority of my login/password information.  I have gone to the Safari >preferences> auto login unchecked then rechecked the box to auto login but it has not solved the problem. Is there another step to take?
  The other issue is that I was using lastpass to save information, I reset Safari and when I did my password to lastpass disappeared. Now I can't remember the password and it is not on my keychain.  Is there another place the password could be? Is there a way to make the keychain remember all of your password/log in information?
  Thanks for help with this problem.

  Thanks for that, I deleted all references to keychains in /Library and logged back in, added a keychain for my username and all is now well.
  However, I've just started using MS Entourage (as the Mail program was also freaking out like Safari) and it seems that when I tell this application to save my mail password to the Keychain, it throws a spanner in the works...
  Might start a new thread on this one...
  cheers

• User_Name and Password Security on the web

  Hi there,
  I have developed an application in Oracle 8i and Developer 6i, and deployed it on the web.
  While calling a logon form from the index.html, it shows all the parameters username, password, and dbstring in the URL displayed in the browser. Is there any way to secure it, just like in the Post Method while submitting a form request.
  Can any one help me please !
  Regards,
  Hafeez

  Write a ON-LOGON trigger in the form and use the function
  LOGON('UserName', 'Pw@connection sid');
  if the connection is succesful the FORM_SUCCESS will return true.. otherwise false..
  I hope this will help u

• Keychain and passwords for FTP messed up

  I cannot get my passwords to work properly anymore.
  when I try to publish any changes I get a message Pop Up
  Incorrect password for my "User Name " and server adress.
  when I go to the site name on the left for Site Publishing Settings a password is there. I test Connection it works fine and says I can now publish.
  I try publish site changes again it does not work. I get the same pop up as before, even when I enter the correct password in the box and  uncheck save in keychain it still does not work.
  Not only till I click off the save in Keychain box it works and publishes? I make another change Publish and it all works fine. Till I close down Iweb
  Upon relaunch all the same issues???
  Please help

  Open Keychain Access (in the utilities folder) and look for the entry under Login/Passwords.
  You can try selecting the entry and then choose Keychain First Aid from the Keychain Access dropdown menu.
  Either that or delete the entry (or entries) and then reset it in iWeb Publishing Settings.

• Keychain and password

  Hi,
  I changed the password because a family member passed away, now the key chains are all messed up and so now I would like to change the administrator to.
  What do I do next?
  Garrett

  The family member passed away. I'd changed the main password using the original cd but now there are passwords associated with all kinds of things, like removing the old administrator so my boy doesn't have to see his mom's name come up all the time now that I've messed things up. The key chain passwords with the old admin aren't even necessary but some of them are locked and I can't change admin or the name of the computer, etc.
  As near as I can tell, I couldn't go back to zeros and ones at this point, nor can I update software. It wasn't so bad until I changed the password using the original cd.
  Garrett

• I can't understand apple teminology - what is the difference between a keychain and a password - why does my mac keep asking me to type in the keychain - I don't know what it is or when it was created!!!

  I can;t understand the apple terminology - what is a keychain and how is it different to password?  When I set a new password it keeps asking me for the login keychain.  None of my passwords work for it and I don't know when it would have been created.

  A "keychain" is a secure database in which passwords are stored in an encrypted format to prevent unauthorized discovery of your passwords. Think of it like a bank safe deposit box in which you can safely store your passwords.
  If you have a problem with your keychain then perhaps you have not changed the passwords correctly or need to repair your keychain. You might try:
  Assuming that you are using a recent build of OS X, go to /Applications/Utilities and launch the app called Keychain Access. Go to the Window pulldown menu and select "Keychain First Aid". Enter your password, set the radio button to "Repair", and click "Start".

• New Imac. I get rid off login password from security and account and restart. Now it asks for username and password and it's not acepting anything. Any ideas?

  New Imac. I get rid off login password from security and accounts and restart. Now it asks for username and password and it's not acepting anything. Any ideas?

  First, reset your password as follows.
  Boot into Recovery by holding down the key combination command-R at startup. Release the keys when you see a gray screen with a spinning dial.
  When the OS X Utilities screen appears, select Utilities ▹ Terminal from the menu bar.
  In the Terminal window, type this:
  resetpassword
  That's one word with no spaces. Then press return. A Reset Password window opens.
  Select your boot volume if not already selected.
  Select your username from the menu labeled Select the user account if not already selected.
  Follow the prompts to reset the password. It's safest to choose a password that includes only the characters a-z, A-Z, and 0-9.
  Select  ▹ Restart from the menu bar.
  You should now be able to log in with the new password, but you won't be able to unlock the Keychain. If you've forgotten the Keychain password (which is ordinarily the same as your login password), there's no way to recover it. You’ll need to reset your keychain in the preferences of the Keychain Access application.
  If you're being prompted to authenticate when making changes to files inside your home folder, continue as follows.
  Back up all data now.
  This procedure will unlock all your user files (not system files) and reset their ownership and access-control lists to the default. If you've set special values for those attributes on any of your files, they will be reverted. In that case, either stop here, or be prepared to recreate the settings if necessary. If none of this is meaningful to you, you don't need to worry about it.
  Step 1
  Launch the Terminal application in any of the following ways:
  ☞ Enter the first few letters of its name into a Spotlight search. Select it in the results (it should be at the top.)
  ☞ In the Finder, select Go ▹ Utilities from the menu bar, or press the key combination shift-command-U. The application is in the folder that opens.
  ☞ Open LaunchPad. Click Utilities, then Terminal in the icon grid.
  Drag or copy — do not type — the following line into the Terminal window, then press return:
  sudo chflags -R nouchg,nouappnd ~ $TMPDIR.. ; sudo chown -R $UID:20 ~ $_ ; chmod -R -N ~ $_ 2> /dev/null
  Be sure to select the whole line by triple-clicking anywhere in it. You'll be prompted for your login password, which won't be displayed when you type it. You may get a one-time warning not to screw up. You don't need to post the warning. If you don’t have a login password, you’ll need to set one before you can run the command.
  The command will take a noticeable amount of time to run. Wait for a new line ending in a dollar sign (“$”) to appear, then quit Terminal.
  Step 2
  Boot into Recovery by holding down the key combination command-R at startup. Release the keys when you see a gray screen with a spinning dial.
  When the OS X Utilities screen appears, select Utilities ▹ Terminal from the menu bar. A text window opens.
  In the Terminal window, type this:
  resetpassword
  That's one word with no spaces. Then press return. A Reset Password window opens. You’re not going to reset a password.
  Select your boot volume if not already selected.
  Select your username from the menu labeled Select the user account if not already selected.
  Under Reset Home Directory Permissions and ACLs, click the Reset button.
  Select  ▹ Restart from the menu bar.

• Keychain Security Password vs. Keychain Login Password

  Hi,
  Does anyone happen to know anything about the keychain SECURITY password? I know what my keychain LOGIN password is and have been able to change it. I don't remember setting up a keychain security password and I haven't been able to find information on how to change it or access it or even find out more about it.
  Thanks,
  Securitied Out

  However under security, when I go in I can unlock it with my login password which is the same as my keychain login password.
  I'm a bit confused. I see no security menu item within Keychain Access. Exactly what are you referencing? Additionally, under the Security prefPane in System Preferences, there are only two items requiring a password under the General tab.
  But to access the network access information I have in it it won't allow me in when I use my login password.
  Where are you trying to access this information? There's nothing in Keychain Access, that I can see, that deals with network access.
  In the listing after date modified under the keychain heading what I see is System not login like Login file above. So I'm trying to find out what that is all about and just have no clue and am a bit frustrated.
  Once, again, I have no idea exactly what you're trying to do or where you're doing it. You need to be more explicit and provide the steps and utilities/applications you're using.

• Cannot access keychain. Passwords are all correct, "security code" sent to old cellphone number. Impossible to contact apple support.

  I've been trying to access my iCloud's keychain for weeks now. Updating Yosemite somehow made my 13'' Macbook pro "log off" from the keychain and when I try to reconnect to the keychain, I am asked my iCloud password and then my security code, which I both enter successfully.
  Then I am unexplainably asked to enter a "security code" sent to an old cellphone number of mine that is now deactivated. I click on "I don't have access to this number" and I am redirected to Apple's confusing silly-willy contact support website and find out that, since I am in China, there is NO POSSIBLE WAY for me to contact support.
  Bottom line is, even though I have FULL CREDENTIALS to access the entirety of my iCloud's features(my passwords are all correct!!), I am stuck trying to access my keychain because of an unreasonable unsolicited and unwanted "security" measure, combined with a NON-EXISTING costumer support for China.
  Apple is such a huge waste of time, I own an iPhone, a Macbook pro and a magic mouse, but one thing I'm sure of is, I will never ever buy anything else from this company again, because it just PRETENDS to sell the "perfect costumer experience".

  Hi 2 stroke,
  I apologize, I'm a bit unclear on the exact nature of the issue you are describing. If you are having issues setting up or using iCloud Keychain, you may find the information and troubleshooting steps outlined in the following article helpful:
  Get help using iCloud Keychain - Apple Support
  Regards,
  - Brenden

• Keychain and web site passwords

  Can someone explain how to use Keychain to store web site passwords? I've searched on the forums, read the help, and asked at the Apple Store. Or am I mistaken as to the purpose of Keychain? Is it only to store email access passwords? The Apple Store employee told me that when I login to a site and Safari asks me if I want it to save the password info, I just need to answer yes. But it seems to me that anyone can access the Safari passwords. Or am I confused? Do the Safari passwords automatically get encrypted into Keychain?
  When using Windows I use Roboform to securely store passwords. When I choose a login account, Roboform automatically navigates to the site and enters my password information. I would like the same ease of use on my Mac. I thought Keychain might be the way to do it.
  Can someone clarify things for me? Or perhaps suggest a Roboform equivalent? Thank you.

  Personally, I just have one keychain. Its contents are stored here:
  "/Users/francine/Library/Keychains/login.keychain"
  When I go to a web site that requires me to create an account, with a login and a password, I do so. When I log in Safari asks if I want to allow it remember the password. I say Yes. From then on when I go to the log in page of that web site Safari automatically fills in the log in information, so I just have to click the button to log in. Some sites have an option you can check that makes it completely automatic--you go there and you are logged. In Safari's Preferences you have to go the AutoFill section and check the box to have it autofill "User names and passwords" for it to fill the forms in, and for the fully automatic you have to have "Accept cookes" enabled in Security.
  If I open my login.keychain I can see all the items it is storing--there are a couple of dozen, including some ftp passwords, Airpost passwords, application passwords, iTunes, and the 20+ web site passwords.
  Even if you leave yourself logged in to your account no one can read your passwords--unless they know your admin password. They could, of course, go to your password protected sites and automatically login. But they wouldn't learn your passwords.
  Once in a blue moon Safari or the keychain has a memory failure and I'll be asked if the application can have access to the keychain. I click the button for "Always Allow" and I'm back in business.
  Francine
  Francine
  Schwieder

• Just upgraded to Yosemite 10.10.2 on my iMac 24 inch and now my Suddenlink POP email account won't accept messages. The message says unable to receive Mail and the warning says: Mail cannot send your password securely to the server. You can remove th

  Yesterday I uploaded Yosemite 10.10.2 thinking it was fixed by now. In Mail, my POP account gets this error message: Mail cannot send your password securely to the server. You can remove this restriction in the Accounts preferences by setting “Allow insecure authentication”, which could put your password at risk.
  My provider says it's an Apple issue. The gmail accounts are logging in fine. Any help? Something simple?
  Thanks anyone.

  Thanks Csound1. That did work and Mail was able to connect to the internet. Green light status. Is it because of my provider that I may never have had secure connections? Is that an Apple thing or do PCs have the same issues? Appreciate your help. I'll research insecure connections as I am ignorant of the consequences.