I'm going through and changing my passwords that Apple has deemed not secure. I'm letting Apple choose these passwords but some websites don't want them. They don't like the extra characters or whatever other reason. How do y'all normally get around this?
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
How would I have iPhone create a not-so-strong Password?
- Thread starter davidg4781
- Start date
- Sort by reaction score
I edit the suggested password. Or I use 1Password, which allows me to easily set the rules for the particular site (and which seems to know the rules for many sites).
Maybe I'll look in to 1Password. I was letting Apple do all of it just for simplicity sake. I think I've used 1Password before, many many years ago.
Will echo @cmaier. Generally use mSecure to generate a password, as it too allows setting of rules to fit what a site wants. And then possibly edit what it generates to add special character(s) if needed (for non-critical accounts, I'll generally use 15 character mixed-case & numbers passwords; critical, longer and let generator to make with special characters).
And if on Mac, can also use Keychain to do similar: Keychain > File > New Password Item, and will just use the password generator function there (aka not generate a full entry, wait for Safari to ask if I want to save).
And if on Mac, can also use Keychain to do similar: Keychain > File > New Password Item, and will just use the password generator function there (aka not generate a full entry, wait for Safari to ask if I want to save).
Exactly this! I never used this method but it sounds maybe more secure than mine. I just type some random numbers and letters in Notepad that meet the requirements then copy/ paste them. I know if I type it something it's not technically random but if my blind hands on keyboard password like gfY3w(^T6h gets cracked I have bigger problems. The Keychain will save that password. I really dislike websites that insist I use a weaker password than I want to
Make sure you don't allow keychain to make the password for you. Sometimes it doesn't get saved like it should and you could find yourself locked out. Use a password manager to create the password ahead fo time that way it will be saved should you need to make an edit.
I let it make my passwords but I've also had this happen. Most passwords are easy (too easy IMO) to reset so it's only an annoyance. I don't want to pay for a password manager (I don't cross platform much) and I'm not even sure I trust most of them. I remember not too long ago one was hacked. I know slim chance but imagine if your password manager account was hacked... They would have everything! Is there an app that will generate a secure password locally? That would be pretty great!
Two excellent free password managers are Bitwarden and Strongbox. Both make can make passwords locally and can be hosted locally as well etc. I use both regularly and feel comfortable recommending them to people here.
I've heard of Bitwarden. If it's locally then I wouldn't be too worried but what makes some so convenient is they store your password in the cloud so if you log onto a new device you only need to remember the one password... Yeah I've heard too many of their advertisements LOL. If all of my passwords are on their cloud I would have to know a whole lot about the company like who owns/ backs them (Country) and what security they have. I know of Apple but I don't know any other companies this well. Maybe if I ever have to do work and banking across platforms then I would be forced to research this. So far my method has been important stuff like banking or paying bills goes on the Mac and silly stuff like gaming on the Windows PC.
Storing in the cloud is optional. Like I say, you can host locally where everything stays on your computer. Bitwarden and Strongbox even work without having to be connected to the internet. Both companies are U.S. based and use top notch security. I have done my homework with both and if I had a question about security, I wouldn't be using them. Give them a solid read and see what you think.
Re: cloud storage: mSecure gives you the option to store on Dropbox or iCloud, which are at-rest encrypted. The database is encrypted on the device before sending it up. The encryption key is something like 40-50 random characters long, which in turn is encrypted on the password you select (Mine is 24? characters, thank a deity for TouchID/FaceID).
And something similar in the/cheap roll-your-own cloud solution area, KeePass.
And something similar in the/cheap roll-your-own cloud solution area, KeePass.