Two password managers for redundancy? How safe is Mac Keychain? Fingerprint?

Questions on how we spend our money and our time - consumer goods and services, home and vehicle, leisure and recreational activities
Post Reply
User avatar
Sandtrap
Posts: 2734
Joined: Sat Nov 26, 2016 6:32 pm
Location: Hawaii😀 Northern AZ.😳

Two password managers for redundancy? How safe is Mac Keychain? Fingerprint?

Post by Sandtrap » Fri Oct 27, 2017 4:12 pm

I have OneSafe and am considering adding 1Password for redundancy in case one does not work.
Is this too complex or a good safety?

OneSafe vs 1 Password?
Which is better?


I have a new MacBook Pro with fingerprint ID and intend to use it as my "go to" for financial work.
How safe is Mac Keychain?
Does anyone set it to autofill on financial sites like Vanguard?

I am old low tech so go easy on me. :shock:
Thanks everyone for your help and advice.
j :D
Last edited by Sandtrap on Fri Oct 27, 2017 7:20 pm, edited 4 times in total.

runner3081
Posts: 825
Joined: Mon Aug 22, 2016 3:22 pm

Re: Two password managers for redundancy? How safe is Mac Keychain?

Post by runner3081 » Fri Oct 27, 2017 4:47 pm

I would not store my passwords in more than one place. More chances to have them hacked.

lotusflower
Posts: 101
Joined: Thu Oct 24, 2013 12:32 am

Re: Two password managers for redundancy? How safe is Mac Keychain?

Post by lotusflower » Fri Oct 27, 2017 4:55 pm

runner3081 wrote:
Fri Oct 27, 2017 4:47 pm
I would not store my passwords in more than one place. More chances to have them hacked.
I would not be as worried about them hacked (possible but not your most important threat). However I would never do this because it will be hard to keep them in sync. If you double the work required to store a password, no good can come of that.

briansmt4
Posts: 3
Joined: Fri Oct 27, 2017 4:57 pm

Re: Two password managers for redundancy? How safe is Mac Keychain?

Post by briansmt4 » Fri Oct 27, 2017 5:02 pm

I wouldn't recommend allowing the Mac to save passwords for use on financial sites. If you lose your computer you don't want the bad guys to have autofill working for them. Double authentication should take care of that but who knows, maybe they got your phone too?

MP123
Posts: 205
Joined: Thu Feb 16, 2017 3:32 pm

Re: Two password managers for redundancy? How safe is Mac Keychain?

Post by MP123 » Fri Oct 27, 2017 5:07 pm

Many if not most sites allow you to create a new password if you forget the old. So you probably don't need redundant password managers.

DCardell
Posts: 6
Joined: Tue Oct 24, 2017 12:07 pm

Re: Two password managers for redundancy? How safe is Mac Keychain?

Post by DCardell » Fri Oct 27, 2017 5:39 pm

I would not use two password managers. It doubles your chances of one of them being hacked, and I don't even know how you would easily keep them in sync (multiple pop-ups all the time?). I use Dashlane and am very happy with it. I feel like there is some redundancy since it stores them locally (Mac and mobile), plus they store it in the cloud.

I never use the autofill on my financial sites. I always require the master password for those.

TravelGeek
Posts: 1232
Joined: Sat Oct 25, 2014 3:23 pm

Re: Two password managers for redundancy? How safe is Mac Keychain?

Post by TravelGeek » Fri Oct 27, 2017 5:48 pm

I use 1Password. I own another password manager that shall remain unnamed that I used previously and migrated away from due to security and business practice concerns.

I would not want to maintain my password collection in two places (apps). I do have backups, both in the cloud and on various devices that are automatically synchronized by 1Password. In other words, if my Mac dies, I still have my passwords accessible on my iPad and my Android phone. My previous (still functioning) Nexus 5 phone also still has it installed and I refresh that on occasion (but it remains mostly turned off).

I don’t store passwords anywhere else. Not in browsers, not in the Mac keychain. Single source of truth (but hopefully not failure :shock: )

A lot of people here like Keepass, if you want to look at something that is free and open source. It would be what I would likely switch to if the 1Password folks were to give me a reason to switch.

oxothuk
Posts: 297
Joined: Thu Nov 10, 2011 8:35 pm

Re: Two password managers for redundancy? How safe is Mac Keychain?

Post by oxothuk » Fri Oct 27, 2017 6:01 pm

Sandtrap wrote:
Fri Oct 27, 2017 4:12 pm
I have a new MacBook Pro with fingerprint ID and intend to use it as my "go to" for financial work.
How safe is Mac Keychain?
From what I've read it's pretty safe. I keep low-medium value passwords in my iCloud keychain, so they are available on my phone/iPad as well

I store the most sensitive passwords in a separate (not iCloud) keychain on the Mac; the Mac hard drive is encrypted, and is backed up to an encrypted TimeMachine disk. I also create memos in the private Mac keychain with answers to my security questions.
Last edited by oxothuk on Fri Oct 27, 2017 6:03 pm, edited 1 time in total.

runner3081
Posts: 825
Joined: Mon Aug 22, 2016 3:22 pm

Re: Two password managers for redundancy? How safe is Mac Keychain?

Post by runner3081 » Fri Oct 27, 2017 6:01 pm

lotusflower wrote:
Fri Oct 27, 2017 4:55 pm
runner3081 wrote:
Fri Oct 27, 2017 4:47 pm
I would not store my passwords in more than one place. More chances to have them hacked.
I would not be as worried about them hacked (possible but not your most important threat). However I would never do this because it will be hard to keep them in sync. If you double the work required to store a password, no good can come of that.
From a high level, haven't you just doubled your chance of having them hacked?

lotusflower
Posts: 101
Joined: Thu Oct 24, 2013 12:32 am

Re: Two password managers for redundancy? How safe is Mac Keychain?

Post by lotusflower » Fri Oct 27, 2017 7:00 pm

runner3081 wrote:
Fri Oct 27, 2017 6:01 pm
lotusflower wrote:
Fri Oct 27, 2017 4:55 pm
runner3081 wrote:
Fri Oct 27, 2017 4:47 pm
I would not store my passwords in more than one place. More chances to have them hacked.
I would not be as worried about them hacked (possible but not your most important threat). However I would never do this because it will be hard to keep them in sync. If you double the work required to store a password, no good can come of that.
From a high level, haven't you just doubled your chance of having them hacked?
Right, but double of a fairly small risk is still probably a small risk. I don't think it's the most important reason that this is a bad idea.

DCardell
Posts: 6
Joined: Tue Oct 24, 2017 12:07 pm

Re: Two password managers for redundancy? How safe is Mac Keychain?

Post by DCardell » Fri Oct 27, 2017 7:13 pm

lotusflower wrote:
Fri Oct 27, 2017 7:00 pm
runner3081 wrote:
Fri Oct 27, 2017 6:01 pm
lotusflower wrote:
Fri Oct 27, 2017 4:55 pm
runner3081 wrote:
Fri Oct 27, 2017 4:47 pm
I would not store my passwords in more than one place. More chances to have them hacked.
I would not be as worried about them hacked (possible but not your most important threat). However I would never do this because it will be hard to keep them in sync. If you double the work required to store a password, no good can come of that.
From a high level, haven't you just doubled your chance of having them hacked?
Right, but double of a fairly small risk is still probably a small risk. I don't think it's the most important reason that this is a bad idea.
OneLogin was hacked earlier this year. Why do you feel this is a low risk?

User avatar
pondering
Posts: 858
Joined: Fri Jan 30, 2015 11:04 pm
Location: 412-977-3526, originally 718-273-2422

Re: Two password managers for redundancy? How safe is Mac Keychain?

Post by pondering » Fri Oct 27, 2017 7:16 pm

I’d appreciate if somebody can post some links to some well-maintained data about password hacking, it’s frequency and the consequences. Thanks.
--Robert Sterbal | 412-977-3526 call/text

User avatar
Sandtrap
Posts: 2734
Joined: Sat Nov 26, 2016 6:32 pm
Location: Hawaii😀 Northern AZ.😳

Re: Two password managers for redundancy? How safe is Mac Keychain?

Post by Sandtrap » Fri Oct 27, 2017 7:18 pm

oxothuk wrote:
Fri Oct 27, 2017 6:01 pm
Sandtrap wrote:
Fri Oct 27, 2017 4:12 pm
I have a new MacBook Pro with fingerprint ID and intend to use it as my "go to" for financial work.
How safe is Mac Keychain?
From what I've read it's pretty safe. I keep low-medium value passwords in my iCloud keychain, so they are available on my phone/iPad as well

I store the most sensitive passwords in a separate (not iCloud) keychain on the Mac; the Mac hard drive is encrypted, and is backed up to an encrypted TimeMachine disk. I also create memos in the private Mac keychain with answers to my security questions.
what is "low medium value" passwords?
You mean as for websites like amazon.com password and automatic login'?
But not for financial places like bank account, vanguard, schwab, etc, right. . . ?

I'm old low tech so thanks everyone for your help.
I'm learning.

lotusflower
Posts: 101
Joined: Thu Oct 24, 2013 12:32 am

Re: Two password managers for redundancy? How safe is Mac Keychain?

Post by lotusflower » Fri Oct 27, 2017 8:26 pm

pondering wrote:
Fri Oct 27, 2017 7:16 pm
I’d appreciate if somebody can post some links to some well-maintained data about password hacking, it’s frequency and the consequences. Thanks.
I don't think that exists. You can google a lot of articles about data breaches but it's much harder to connect the dots between access to those files of user information and actual consequences to those users. Cases where it may have happened are likely to be subject to pending litigation so the companies and law enforcement won't discuss them, and any security consultants with firsthand knowledge will surely be bound by non-disclosure agreements.

lotusflower
Posts: 101
Joined: Thu Oct 24, 2013 12:32 am

Re: Two password managers for redundancy? How safe is Mac Keychain?

Post by lotusflower » Fri Oct 27, 2017 8:41 pm

DCardell wrote:
Fri Oct 27, 2017 7:13 pm
lotusflower wrote:
Fri Oct 27, 2017 7:00 pm
runner3081 wrote:
Fri Oct 27, 2017 6:01 pm
lotusflower wrote:
Fri Oct 27, 2017 4:55 pm
runner3081 wrote:
Fri Oct 27, 2017 4:47 pm
I would not store my passwords in more than one place. More chances to have them hacked.
I would not be as worried about them hacked (possible but not your most important threat). However I would never do this because it will be hard to keep them in sync. If you double the work required to store a password, no good can come of that.
From a high level, haven't you just doubled your chance of having them hacked?
Right, but double of a fairly small risk is still probably a small risk. I don't think it's the most important reason that this is a bad idea.
OneLogin was hacked earlier this year. Why do you feel this is a low risk?
I wrote about this on the other recent password thread: viewtopic.php?f=11&t=229187#p3563975
As far as LastPass, I personally use KeePass (stored on Dropbox), but I wouldn't hesitate to choose or recommend LastPass. The difference between them and Equifax or a bank is that protecting your data is their #1 and only core competence. Remember, you aren't even Equifax's customer, you and your data is their product. Securing that data is not something they are incentivized to do since it's for sale to the highest bidder (a letter to your congressperson is wholly appropriate, but probably a waste of time). In contrast LastPass is totally incentized to protect you. They will probably go out of business if they have a big breach, and they spend all day, every day thinking about how to protect you from that.
The chances of other risks, like getting fooled by a fake web page (that looks just like the real thing) or, mistakenly deleting your password file, or keeping it on a computer that gets stolen, keeping passwords on a usb key that you then lose, or someone tricking the customer service rep at your bank; those chances are all so much higher than that LastPass, Keepass, 1Password or the Mac Keychain will have an enormous breach that results in someone actually stealing your money. This is purely my opinion though.

oxothuk
Posts: 297
Joined: Thu Nov 10, 2011 8:35 pm

Re: Two password managers for redundancy? How safe is Mac Keychain?

Post by oxothuk » Fri Oct 27, 2017 9:30 pm

Sandtrap wrote:
Fri Oct 27, 2017 7:18 pm
oxothuk wrote:
Fri Oct 27, 2017 6:01 pm
Sandtrap wrote:
Fri Oct 27, 2017 4:12 pm
I have a new MacBook Pro with fingerprint ID and intend to use it as my "go to" for financial work.
How safe is Mac Keychain?
From what I've read it's pretty safe. I keep low-medium value passwords in my iCloud keychain, so they are available on my phone/iPad as well

I store the most sensitive passwords in a separate (not iCloud) keychain on the Mac; the Mac hard drive is encrypted, and is backed up to an encrypted TimeMachine disk. I also create memos in the private Mac keychain with answers to my security questions.
what is "low medium value" passwords?
low value passwords - online forums (e.g., bogleheads.org)
medium value passwords - online merchants (e.g., Amazon)
high value passwords - banks, credit cards
very high value passwords - investment accounts (e.g., Vanguard) and email passwords (e.g., Gmail)

User avatar
Sandtrap
Posts: 2734
Joined: Sat Nov 26, 2016 6:32 pm
Location: Hawaii😀 Northern AZ.😳

Re: Two password managers for redundancy? How safe is Mac Keychain?

Post by Sandtrap » Fri Oct 27, 2017 11:40 pm

oxothuk wrote:
Fri Oct 27, 2017 9:30 pm
Sandtrap wrote:
Fri Oct 27, 2017 7:18 pm
oxothuk wrote:
Fri Oct 27, 2017 6:01 pm
Sandtrap wrote:
Fri Oct 27, 2017 4:12 pm
I have a new MacBook Pro with fingerprint ID and intend to use it as my "go to" for financial work.
How safe is Mac Keychain?
From what I've read it's pretty safe. I keep low-medium value passwords in my iCloud keychain, so they are available on my phone/iPad as well

I store the most sensitive passwords in a separate (not iCloud) keychain on the Mac; the Mac hard drive is encrypted, and is backed up to an encrypted TimeMachine disk. I also create memos in the private Mac keychain with answers to my security questions.
what is "low medium value" passwords?
low value passwords - online forums (e.g., bogleheads.org)
medium value passwords - online merchants (e.g., Amazon)
high value passwords - banks, credit cards
very high value passwords - investment accounts (e.g., Vanguard) and email passwords (e.g., Gmail)
So high value passwords should not be "synced" on the cloud or the website such as 1 password? But should be only on the device?
And certainly not autofill?

lotusflower
Posts: 101
Joined: Thu Oct 24, 2013 12:32 am

Re: Two password managers for redundancy? How safe is Mac Keychain?

Post by lotusflower » Sat Oct 28, 2017 1:01 am

Sandtrap wrote:
Fri Oct 27, 2017 11:40 pm
oxothuk wrote:
Fri Oct 27, 2017 9:30 pm
Sandtrap wrote:
Fri Oct 27, 2017 7:18 pm
oxothuk wrote:
Fri Oct 27, 2017 6:01 pm
Sandtrap wrote:
Fri Oct 27, 2017 4:12 pm
I have a new MacBook Pro with fingerprint ID and intend to use it as my "go to" for financial work.
How safe is Mac Keychain?
From what I've read it's pretty safe. I keep low-medium value passwords in my iCloud keychain, so they are available on my phone/iPad as well

I store the most sensitive passwords in a separate (not iCloud) keychain on the Mac; the Mac hard drive is encrypted, and is backed up to an encrypted TimeMachine disk. I also create memos in the private Mac keychain with answers to my security questions.
what is "low medium value" passwords?
low value passwords - online forums (e.g., bogleheads.org)
medium value passwords - online merchants (e.g., Amazon)
high value passwords - banks, credit cards
very high value passwords - investment accounts (e.g., Vanguard) and email passwords (e.g., Gmail)
So high value passwords should not be "synced" on the cloud or the website such as 1 password? But should be only on the device?
And certainly not autofill?
Well I would keep them in a cloud-based service like 1Password, as long as you are satisfied with the encryption. Again, I am satisfied with what the major single-purpose vendors are doing, but it's not about me, it's about YOU trusting them. Just like your asset allocation, you need to be able to sleep peacefully at night once you are following the system.

I don't allow my Browser to remember passwords that can access my money, though I am softer on places like Amazon since credit cards have antifraud protections. It's better to keep the system as simple as possible to remove the possibility of other problems like losing your device or not having the habit of adding every password to the vault. So trust the password vault, and use it for ALL of your passwords, and sure, for bulletin board passwords, you can let the Browser remember them. But I think it's pointless to use any system if you don't think it's secure enough for your high-value passwords.

It's so important to use unique passwords for all your financial sites, and they need to be complex enough that it's very difficult or impossible to remember them all. Since devices get stolen, lost, or broken all the time, you need to have mitigate that risk too, and cloud-based storage is just perfect for that.

User avatar
Sandtrap
Posts: 2734
Joined: Sat Nov 26, 2016 6:32 pm
Location: Hawaii😀 Northern AZ.😳

Re: Two password managers for redundancy? How safe is Mac Keychain?

Post by Sandtrap » Sat Oct 28, 2017 1:33 am

lotusflower wrote:
Sat Oct 28, 2017 1:01 am
Sandtrap wrote:
Fri Oct 27, 2017 11:40 pm
oxothuk wrote:
Fri Oct 27, 2017 9:30 pm
Sandtrap wrote:
Fri Oct 27, 2017 7:18 pm
oxothuk wrote:
Fri Oct 27, 2017 6:01 pm

From what I've read it's pretty safe. I keep low-medium value passwords in my iCloud keychain, so they are available on my phone/iPad as well

I store the most sensitive passwords in a separate (not iCloud) keychain on the Mac; the Mac hard drive is encrypted, and is backed up to an encrypted TimeMachine disk. I also create memos in the private Mac keychain with answers to my security questions.
what is "low medium value" passwords?
low value passwords - online forums (e.g., bogleheads.org)
medium value passwords - online merchants (e.g., Amazon)
high value passwords - banks, credit cards
very high value passwords - investment accounts (e.g., Vanguard) and email passwords (e.g., Gmail)
So high value passwords should not be "synced" on the cloud or the website such as 1 password? But should be only on the device?
And certainly not autofill?
Well I would keep them in a cloud-based service like 1Password, as long as you are satisfied with the encryption. Again, I am satisfied with what the major single-purpose vendors are doing, but it's not about me, it's about YOU trusting them. Just like your asset allocation, you need to be able to sleep peacefully at night once you are following the system.

I don't allow my Browser to remember passwords that can access my money, though I am softer on places like Amazon since credit cards have antifraud protections. It's better to keep the system as simple as possible to remove the possibility of other problems like losing your device or not having the habit of adding every password to the vault. So trust the password vault, and use it for ALL of your passwords, and sure, for bulletin board passwords, you can let the Browser remember them. But I think it's pointless to use any system if you don't think it's secure enough for your high-value passwords.

It's so important to use unique passwords for all your financial sites, and they need to be complex enough that it's very difficult or impossible to remember them all. Since devices get stolen, lost, or broken all the time, you need to have mitigate that risk too, and cloud-based storage is just perfect for that.
Thanks for your help.
I notice that "1Password" has an option for "standalone" vault or "sync" via iCloud. Is standalone safer? or does it matter?
Should "high value" passwords "Not" be synced between devices via iCloud?

jebmke
Posts: 7005
Joined: Thu Apr 05, 2007 2:44 pm

Re: Two password managers for redundancy? How safe is Mac Keychain? Fingerprint?

Post by jebmke » Sat Oct 28, 2017 11:38 am

I use KeePass but for redundancy I print a PDF file and store the PDF in an encrypted Veracrypt file with a couple other small documents. If we ever go back to having a safe deposit box I will probably print a paper copy and store it there periodically.
When you discover that you are riding a dead horse, the best strategy is to dismount.

Doom&Gloom
Posts: 1515
Joined: Thu May 08, 2014 3:36 pm

Re: Two password managers for redundancy? How safe is Mac Keychain? Fingerprint?

Post by Doom&Gloom » Sat Oct 28, 2017 11:45 am

jebmke wrote:
Sat Oct 28, 2017 11:38 am
I use KeePass but for redundancy I print a PDF file and store the PDF in an encrypted Veracrypt file with a couple other small documents. If we ever go back to having a safe deposit box I will probably print a paper copy and store it there periodically.
Why the need to print it and store a copy of the PDF for redundancy?

I use KeePass as well, but I simply keep copies of my databases on an external drive in a SD Box as well as on an external hard drive at home. I also keep a copy of my "less valuable" database in the cloud.

Are you afraid that KeePass will one day be unable to open your KeePass databases?

User avatar
LadyGeek
Site Admin
Posts: 41556
Joined: Sat Dec 20, 2008 5:34 pm
Location: Philadelphia
Contact:

Re: Two password managers for redundancy? How safe is Mac Keychain? Fingerprint?

Post by LadyGeek » Sat Oct 28, 2017 11:53 am

This thread is now in the Personal Consumer Issues forum (security).

I use KeePass, as it works with multiple operating systems (Win 7, Linux).

I also use the KeeFox :: Add-ons for Firefox.
To some, the glass is half full. To others, the glass is half empty. To an engineer, it's twice the size it needs to be.

lotusflower
Posts: 101
Joined: Thu Oct 24, 2013 12:32 am

Re: Two password managers for redundancy? How safe is Mac Keychain?

Post by lotusflower » Sat Oct 28, 2017 11:53 am

Sandtrap wrote:
Sat Oct 28, 2017 1:33 am
lotusflower wrote:
Sat Oct 28, 2017 1:01 am
It's so important to use unique passwords for all your financial sites, and they need to be complex enough that it's very difficult or impossible to remember them all. Since devices get stolen, lost, or broken all the time, you need to have mitigate that risk too, and cloud-based storage is just perfect for that.
Thanks for your help.
I notice that "1Password" has an option for "standalone" vault or "sync" via iCloud. Is standalone safer? or does it matter?
Should "high value" passwords "Not" be synced between devices via iCloud?
I don't know 1Password very well, but assuming the encryption is good, I would recommend the cloud. I use Keepass, and store the vault on Dropbox, and I trust Keepass's encryption. With encryption, you only count on the secrecy of the key, you don't worry about keeping the file hidden or hard to reach. So on that theoretical basis there's no harm in keeping your encrypted vault in the cloud or printing the encrypted version as handbills and passing them out in Times Square.

If you don't use the cloud you have to manage your own backup and sync issues and you don't gain anything in return.

User avatar
Sandtrap
Posts: 2734
Joined: Sat Nov 26, 2016 6:32 pm
Location: Hawaii😀 Northern AZ.😳

Re: Two password managers for redundancy? How safe is Mac Keychain?

Post by Sandtrap » Sat Oct 28, 2017 12:14 pm

lotusflower wrote:
Sat Oct 28, 2017 11:53 am
Sandtrap wrote:
Sat Oct 28, 2017 1:33 am
lotusflower wrote:
Sat Oct 28, 2017 1:01 am
It's so important to use unique passwords for all your financial sites, and they need to be complex enough that it's very difficult or impossible to remember them all. Since devices get stolen, lost, or broken all the time, you need to have mitigate that risk too, and cloud-based storage is just perfect for that.
Thanks for your help.
I notice that "1Password" has an option for "standalone" vault or "sync" via iCloud. Is standalone safer? or does it matter?
Should "high value" passwords "Not" be synced between devices via iCloud?
I don't know 1Password very well, but assuming the encryption is good, I would recommend the cloud. I use Keepass, and store the vault on Dropbox, and I trust Keepass's encryption. With encryption, you only count on the secrecy of the key, you don't worry about keeping the file hidden or hard to reach. So on that theoretical basis there's no harm in keeping your encrypted vault in the cloud or printing the encrypted version as handbills and passing them out in Times Square.

If you don't use the cloud you have to manage your own backup and sync issues and you don't gain anything in return.
Okay. Thanks a lot.
Another low tech "newbie" question if you have time.
Do you set the password manager to "autofill" the passwords on all sites, from Amazon to Vanguard or the bank?
Or do you use the password manager as a secure password "book" sort of, to look up high value passwords and manually type them in?
thanks again,
j

User avatar
Sandtrap
Posts: 2734
Joined: Sat Nov 26, 2016 6:32 pm
Location: Hawaii😀 Northern AZ.😳

Re: Two password managers for redundancy? How safe is Mac Keychain? Fingerprint?

Post by Sandtrap » Sat Oct 28, 2017 12:16 pm

LadyGeek wrote:
Sat Oct 28, 2017 11:53 am
This thread is now in the Personal Consumer Issues forum (security).

I use KeePass, as it works with multiple operating systems (Win 7, Linux).

I also use the KeeFox :: Add-ons for Firefox.
Does KeePass work between Win 7 (my office) and Mac (my laptop) and the Iphone?
thanks for the help.
j :D

User avatar
LadyGeek
Site Admin
Posts: 41556
Joined: Sat Dec 20, 2008 5:34 pm
Location: Philadelphia
Contact:

Re: Two password managers for redundancy? How safe is Mac Keychain? Fingerprint?

Post by LadyGeek » Sat Oct 28, 2017 1:33 pm

Sorry, I can only vouch for Win 7 and Linux. The same database file can be used for both.

The Downloads page shows versions available for Iphone and Mac. Perhaps someone else can answer your question. It's worth a shot, though.
To some, the glass is half full. To others, the glass is half empty. To an engineer, it's twice the size it needs to be.

lotusflower
Posts: 101
Joined: Thu Oct 24, 2013 12:32 am

Re: Two password managers for redundancy? How safe is Mac Keychain?

Post by lotusflower » Sat Oct 28, 2017 2:43 pm

Sandtrap wrote:
Sat Oct 28, 2017 12:14 pm
Another low tech "newbie" question if you have time.
Do you set the password manager to "autofill" the passwords on all sites, from Amazon to Vanguard or the bank?
Or do you use the password manager as a secure password "book" sort of, to look up high value passwords and manually type them in?
I use copy and paste from the password manager; I'm just used to it, and with alt+tab to switch apps on Windows, it's pretty quick. But autofill should be okay too. Typing is way too hard if you have good passwords.

lotusflower
Posts: 101
Joined: Thu Oct 24, 2013 12:32 am

Re: Two password managers for redundancy? How safe is Mac Keychain? Fingerprint?

Post by lotusflower » Sat Oct 28, 2017 2:47 pm

Sandtrap wrote:
Sat Oct 28, 2017 12:16 pm
Does KeePass work between Win 7 (my office) and Mac (my laptop) and the Iphone?
It's supposed to work if you can get Mono installed. I wouldn't add that complexity unless there was a reason, and saving the LastPass subscription fee is not a good enough reason for me. I've used KeePass for about 10 years, but if I needed a Mac for work I would probably give it a try and then bail if the going got rough and switch to another solution.

jebmke
Posts: 7005
Joined: Thu Apr 05, 2007 2:44 pm

Re: Two password managers for redundancy? How safe is Mac Keychain? Fingerprint?

Post by jebmke » Sat Oct 28, 2017 3:11 pm

Doom&Gloom wrote:
Sat Oct 28, 2017 11:45 am
Why the need to print it and store a copy of the PDF for redundancy?
In case the db file gets corrupted. I have never met a database that is incapable of getting corrupted.

I think there is an option to output a CSV file - that would also be an acceptable alternative. These output files are so small it would not be unreasonable to have both a PDF and a CSV file as backup but they would need to be encrypted with something like Veracrypt to ensure security.
When you discover that you are riding a dead horse, the best strategy is to dismount.

jebmke
Posts: 7005
Joined: Thu Apr 05, 2007 2:44 pm

Re: Two password managers for redundancy? How safe is Mac Keychain? Fingerprint?

Post by jebmke » Sat Oct 28, 2017 3:13 pm

LadyGeek wrote:
Sat Oct 28, 2017 1:33 pm
Sorry, I can only vouch for Win 7 and Linux. The same database file can be used for both.

The Downloads page shows versions available for Iphone and Mac. Perhaps someone else can answer your question. It's worth a shot, though.
There are at least a couple Android apps that will read KP db files also. Don't know about iOS.
When you discover that you are riding a dead horse, the best strategy is to dismount.

Post Reply