Domain: agilewebsolutions.com
Stories and comments across the archive that link to agilewebsolutions.com.
Comments · 12
-
Bolt-ons and built-ins
The point is, the phone is a terrible choice for security related matters, because it wasn't specifically designed to be an e-wallet from the ground up.
If you actually look at the design of iOS4 you might find that security has been built in very deeply with a hardware key among other things the OS. If you have access to Apple's WWDC 2010 sessions, take a look at session 209.
You can never, ever just bolt-on security.
As a shameless plug, I believe that we have 1Password for iOS (a password management system) well designed to use both our own security layer on top of what is built into iOS.
-
Re:WRONG
If only there was some government sponsored secure key system for passwords, enabling the average user to have a secure key with one strong password to access all their others
Yeah, because I want to government to be in control of my keys to
...OR AM I HIDING SOMETHING DAMN PEDOPHILE TERRORIST?!
-
Re:Security Questions Are The Weakest Link
Agreed - a password manager like Password Safe, or my personal favorite 1Password is the answer to the password problem. Knowing only how to get a password, rather than the password itself, is also less vulnerable to a certain class of social engineering attacks (noticing that your password manager is suddenly unable to autofill the password on a site that looks just like your bank's site might clue in even the dullest people on the internet).
-
Re:Truecrypt
1Password blows them all away for functionality. It not only remembers passwords, but can generate them as well. It keeps "identities" too, for those of us with multiple personalities. see==> http://agilewebsolutions.com/products/1Password operates in all OSX browsers. (simultaneously)
-
What platform are you on?
If you're on a Mac, there are a couple of good options.
The first is the built-in Keychain. It can save application and website passwords, certificates, secure notes and it's all AES encrypted. As it's built-in, the support for it is pretty good with most apps and most websites. You have a normal login keychain that's automatically unlocked when you log in and remains unlocked (by default). You can have additional keychains with various levels of security over and above the login one - have them lock after a period of inactivity, have them lock when the screensaver is activated, have a different password to access them from your login keychain etc. The keychain can also be synchronised between different computers that you use, so if you create a login to a website on one, you can access the password you used on another one. As this works really well, I now use different randomly generated strong passwords for every site I need a login for - eg Bapdageshem9, negTuthsuc5 or EyHepGoyft8 ( apg -n 1 -m 10 -x 12 -M NCL -d )
If you find that the Keychain isn't up to the task there's 1Password. which does pretty much everything the built-in keychain does, and more...
-
1Password
If you are on a Mac 1Password is a wonderful app. It provides very similar functionality to the already mentioned Keepass but was much more stable and has an iPhone app. I also found it very frustrating that the various incarnations of Keepass kept changing formats and the like. 1Password, while not free, is well worth the money although you may want to wait for the new version to come out which has some interesting features.
Their site -
1Password
I use 1Password on the Mac and iPhone which works very well for me. The desktop program comes with plug-ins for several web browsers and your password data can be wirelessly sync'd to your iPhone in case you need access to your data on the go.
-
Re: password managers
"Who here really lets any password manager save any password they care about?
..."All my passwords are stored in my password manager. I use 1Password. Windows users have RoboForm. The on-disk store is encrypted. My account is protected by a strong password, stored only in my cranium, and by FileVault. That's two levels of strong encryption on the disk. I only need to remember two passwords - my login and the 1Password master password. That's why my passwords look like SKzdaZhW6cUiMqj3-AVyCG (just generated), and why they're all different. Before someone jumps all over this, I'll mention that good password security is only one facet of secure computing.
-
Re:I Use A Mac...
If you want to encrypt or hide or transport all your passwords it's easy in safari but hard in firefox since how it's done changes.
A very nifty solution for this is 1Password which has a plugin to handle the Firefox integration. That way I can have a very secure password on every web site all stored in secure place.
I'm sure I'm not going to remember something like negeuvnipakwok off the top of my head, but it sure makes for a more secure password.
IIRC, I couldn't use this to the full power because slashdot had an upper limit to the password size. Too bad, I kind of like voahedvujkovramcagpywrojrynantyatyagyewpyeacbugfak
-
Re:Do people really only list apps by lowest price
I use 1Password for a password keychain, the Mac sync is pretty slick. I don't think the camera on the iPhone could manage a receipt.
-
Re:What is the point?
As a web developer, Mac hardware gives me the ability to test code in pretty much any environment I wish. Any web developer that's worth their salt has to, at a minimum, test his or her work in Firefox (Gecko), Safari (Khtml), IE 6, IE 7 and soon IE 8. If they're good developers they would test in Opera and screen readers as well.
I cannot test on the OS X side of things on a Lenovo but I can test the OS X/Windows/Linux side of things on a MacBook.
Are there major redeeming qualities of OS X? For me, yes. One of the main reasons I like OS X is (and it's rarely listed as a Mac virtue) 3rd party software is, in my opinion, superior to 3rd party software for Windows or Linux. Mac developers apply the same polish and attention to detail that Apple does.
I tried web development an a SuSe box and I found that while yes, I could do it the software was missing the polish of software I was used to on the Mac. Take Transmit, an FTP program. FTP? What the heck is so much better about FTP on the Mac? Until you work on a system that doesn't support it, you don't know how nice it is to be able to click on a remote document have it automatically open it up in TextMate and upload it to the server whenever I save the document within TextMate. And it's not hardwired to work that way with TextMate, it does that for whatever text editor I wish to use. Programs like Things for GTD/task lists or Yojimbo for storing random but useful clutter in a single location are unique in functionality, simplicity and quality to OS X. 1Password to manage all my hundreds of passwords and only require me to remember one. Most of these apps have an iPhone equivalent so if I ever get an iPhone, my desktop software will sync seamlessly with my phone. I have yet to find a text editor as powerful yet simple to learn as TextMate. On top of that, I have native access to the lion's share of open source/Linux/Unix software. I don't expect you to accept my argument until you actually experience this "higher" level of software quality. You only notice it when it's missing. Ask anyone that's used Quicksilver. Mac software has Linux and Windows equivalents but not equals.
Would I multi-boot? No. Virtualization is just fine for my line of work and much more convenient. But virtualization for the article submitter may not be viable. My point is, my needs/preferences are different from your needs/preferences which may different from the submitters needs/preferences.
-
Re:Been browsing and it's severely lacking...
I can bet the Agile 1 Password is in the works. They already provide function with javascript and prepare an actual application.
Watch http://www.1password.com/ or their blog http://agilewebsolutions.com/blog/