If you’ve been wondering why anyone would use 1Password over iCloud Keychain, I lay down a few very important things to consider, which make 1Password the best option to handle passwords and other data types that might be just as important.
A cross application resource attack (XARA) that researchers at Indiana University, Georgia Tech and China’s Peking University publicized last week seems to have been partially addressed as Apple issued a server-side fix on the Mac App Store to block malicious apps and secure app data.
Additional fixes are in the works for the XARA exploits on both iOS and OS X, a company spokesperson told iMore. XARA exploits allow malicious apps to steal iCloud credentials of a user, access private data in apps like 1Password and Evernote, hijack their iCloud Keychain passwords and more.
Your confidential information ranging from web passwords in Chrome and other browsers to app passwords to banking credentials stored and synced between devices though Apple’s iCloud Keychain service—even data you thought was stored safely in password managers like 1Password and LastPass—can be easily compromised due to a trio of major vulnerabilities discovered in Apple’s desktop and mobile operating systems.
As discovered by a team of researchers at Indiana University, Georgia Tech and China’s Peking University and reported by The Register, Keychain’s access control lists, URL schemes and OS X’s app containers contain flaws creating serious attack vectors.
I was recently setting up my iPad mini, but could not remember the password for my home Wi-Fi network. After spending a few minutes trying to find it in Network Preferences on my MacBook Pro, I realized that I was looking in the wrong spot.
Dating back several OS X versions, passwords have been stored in an application called Keychain Access. So if you’re looking for a password that you simply can’t remember, you’re in luck. Read ahead on how to find a Wi-Fi password on Mac…
iCloud Keychain is a nice new addition to iOS 7, because it allows you to save username and password combinations to the cloud. This means that it’s possible to save login information for sites you frequent and auto login to those sites using the saved username and password info.
iCloud Keychain has been criticized by the tech press for being half baked. While that is certainly true—it has many opportunities for improvement and refinement—it’s better than nothing if you ask me.
Some have lamented about the fact that certain sites force passwords to go unsaved. Web sites have the option of requesting passwords not to be saved, and many sites—especially financial services like banks—have opted in to this. This feature, among other issues, is a thorn in the side of many iCloud Keychain users. Fortunately, it’s an issue that can solved with relative ease.