Tip: 'Hide' sensitive data in Address Book

First off- if you already use an encrypted password vault and have a 20+ character unique random password- good for you- you are level 5, and this article does not apply to you. for the other 90% of computer users at level 1, this is better than nothing.

I've seen company presidents with their Credit Card numbers and passwords on sticky notes and rolodex cards. Credit Card liability for fraud is generally 50$. 1Password or Keychain are both great options, except when the user uses the same password on a compromised site.

As long as the cipher is unique, conforms to the fields, and not shared, it is easy to store small strings of data securely against data mining and opportunists. It's not gonna stop a determined 3-letter agency, but lets be realistic, unless you are using 63 character random strings, neither will keychain, 1Password, or any other app that relies on passwords.

Also, for additional security (beyond splitting data in multiple contacts) one could memorize a 4 digit string from the middle somewhere and leaving that out of your address book entirely- homemade 2 factor authentication.

Next week .. Great Tip: Hide keys under the doormat.

This is the oldest trick in the world and about every sensible person/cop/bank is going to warn you about doing it. If the bank finds out you actually stored your creditcard credentials in such a stupid way, you will not be protected in case of an unauthorized purchase.

T.

I think address book is a great place to store a lot of information. But I do wish that APL would have an option to encrypt it.

When it syncs out to iDisc and iPhone and other computers, the risk is high it can be stolen....

I store my credit card in my wallet. nowhere else. why on earth would I want to store the number in my phone's address book?!?!!?

silly rabbit!

Why are you reposting this stupidity??? Or you just blindly repost everything without reading?

FAIL

It's far easier and far more secure to store information such as credit card numbers and passwords in your Keychain.

That way, when you need your credit card number, you open the keychain, type your account password, and then just copy the credit card number into Safari.

This is a great idea!

Sure, on the desktop you could use Keychain to store this, but not on the iPhone, and other iPhone solutions cost money.

Obscuring data in "plain sight" like this (assuming you do it well) is actually quite secure.

Haters gonna hate, I guess. I, for one, think this is a good tip.

You can also use address book's note feature for your passwords, just have about five or six that you use regularly that each start witha different letter and blank out most of them. For example, if your password is "elephant661" just write e—6— in the note field for that website. No need for other apps like 1password.

Or, you could just use the Note feature of Keychain Access. If you don't like the keychain being "open" when you login (you'd still need your password to open each note) then you could create a second, third, or more keychains to store whatever data you want with the same encryption that the Mac OS X uses for your keychains.

Security through obscurity is only effective against non-problem solvers.

This is a dumb idea.

Btw, Do you get a commission every time you mention 1Password? Sure seems like it. You know there are other products out there that do this just as well or better?