Passwords

Security vs. convenience: How do you balance your passwords?

By Rene Ritchie, Saturday, Apr 6, 2013 a 11:10 am

Security is at constant war with convenience. The stronger the passwords we use to keep our data safe, the more steps we take to lock down what we own, the less accessible our data and our devices become -- even to us. Balancing it all can be tough, and a lot depends on what the platforms and services we use do to help us. And nowhere is this more evident than mobile.

Multitouch keyboards, in large part, rely on things like like character pair prediction and auto-correct to make entry acceptable. Neither of those things are possible with passwords, and strong passwords require far higher than normal frequencies of shifting between upper and lower case, and between letters and numbers and symbols. It's the worst possible experience.

Twitter hacked, 250,000 passwords compromised

By Rene Ritchie, Saturday, Feb 2, 2013 a 12:03 pm

Twitter has informed users that their service had been hacked and that 250,000 usernames, email addresses, session tokens, and encrypted/salted passwords had been compromised. According to Twitter's director of information security, Bob Lord, who posted on blog.twitter.com:

Smashed and grabbed

By Rene Ritchie, Thursday, Sep 22, 2011 a 11:01 pm

pwSafe - Password Safe for iOS now universal for iPhone and iPad

By Leanna Lofte, Thursday, Jun 23, 2011 a 7:49 pm

pwSafe - Password Safe for iOS is, as it's name implies, now available as a universal application for iPhone and iPad. pwSafe is a password management app that stores your passwords and allows you to sync them across devices and computers.

Dropbox sync, fully automatic and bi-directional (in-app purchase)
Password generation
Universal binary - iPad, iPhone and iPod Touch optimized
Search in all fields
Single tap password copy to clipboard
Multiple fields (title, username, password, URL, email and notes)
iTunes file sharing
Receives safes as e-mail attachments (please name your safes with a .psafe3 extension)
Opens safes from Dropbox (free without sync)
Multiple safes
Unlimited passwords
Unlimited password groups
Open source

If you pick this one up, let us know what you think! Check out the screenshots after the break.

[Free, with in-app purchase - iTunes link]

Have an app you'd love to see featured on TiPb? Email us at iosapps@tipb.com, tell us about your app (include an iTunes link), and we'll take a look.

Security researchers: iPhone Keychain circumvented, data stolen in 6 minutes

By Rene Ritchie, Thursday, Feb 10, 2011 a 1:37 pm

If someone manages to take physical possession of your iPhone and keep it long enough to Jailbreak it, enable SSH, and get access to the root, they can compromise Apple's Keychain password management system and get to your data in roughly 6 minutes.

The attack works because the cryptographic key on current iOS devices is based on material available within the device and is independent of the passcode, the researchers said. This means attackers with access to the phone can create the key from the phone in their possession without having to hack the encrypted and secret passcode.

1Password on Safari 5 extensions, designing for iPad, and iPhone 4 - TiPb at WWDC 2010

By Rene Ritchie, Saturday, Jun 12, 2010 a 10:39 am

During WWDC 2010 I had a chance to sit down with the team from Agile Web Solutions -- Roustem, Dave, Jamie, Dan, and Chad -- to talk not only about their newly launched 1Password for iPad, but about the big news of the show including official browser extension support from Apple in Safari 5, and of course iPhone 4 and iOS 4.

Apple called Agile about their new Safari 5 extensions before they debuted in hopes of having a demo ready for the show. Dave found the preview was polished and well documented and it took them only a few days to put something together. That sounds like good news not only for developers but for Safari users as well.

Agile also said making the iPad version was a chance to start from scratch and figure out how users were going to interact with the larger, wider display, and with the ability to do things like scrolling independently with each thumb.

While I used 1Password on Mac long before the iPhone debuted, Roustem pointed out they now have a whole new user base introduced to their product via the iPhone and iPad and with no Mac-based preconceptions. While the iPhone and iPad versions [iTunes link] are great for Mac or Windows users as an extension, Agile is also working to help iPhone and iPad-only users get more out of it as well.

As for iPhone 4 -- they want it. (Even if Dan has to re-render his artwork at higher resolution to support it). Chad's also looking forward to iOS 4 multitasking and like the way it runs select API rather than full apps in the background.

(Though I suspect they were just humoring me when I asked for Game Center integration so I could see where my 63 character pseudo-random passwords place on the leaderboard compared to Leanna's!)

You can find out more about 1Password for Mac, PC, iPhone, and iPad, and the newly acquired Knox, via Agile's web site, below. Video after the break.

[Agile Web Solutions]

iPhone 3.0: Paste Long Passwords into Wi-Fi Settings?

By Rene Ritchie, Monday, Apr 27, 2009 a 12:48 pm

Back before the iPhone, I was using one of GRC.com's long, pseudo-random passwords for my WPA-protected Wi-Fi network. Typing it into iPhone 1.x, even iPhone 2.x was a non-starter, however, so I shrank it down considerably.

Similar security-conscious folks have lamented not only the lack of copy and paste on the iPhone, but especially the lack of "paste-into-password field" to support just those kinds of super-secure strings.

Well, it looks like we might be getting them -- along with the previously discussed copy and paste features, in iPhone 3.0.