1Password 2.6.5 released

Posted Jun 26th 2008 2:00PM by Cory Bohon
Filed under: Software

Agile Web Solutions has updated their 1Password product with support for 4 new browsers and better support for the newly released Firefox 3. 1Password now works on the following web-browsing applications: Safari 4 (Developer Preview), DEVONagent 2.3.1, latest OmniWeb, and Flock 2 beta.

In addition to updated browser support, 1Password also boasts a higher level of stability while running in Camino on PPC Macs. You can see the full list of updates (all 21 of them) by visiting the Agile Web Solutions' website. In addition, you can download the update by going to 1Password > Check for Updates in the 1Password application.

Mac OS X password recoverable from RAM?

Posted Mar 3rd 2008 11:00PM by Cory Bohon
Filed under: OS, Bad Apple

In a recent post over at Ars Technica, they say that Mac OS X users could have their login passwords recovered through physically accessing the RAM. This comes after FileVault was proven to be cracked. The article notes that Mac OS X and certain applications store the user's password in memory, leaving it there after you've logged in. While locally-running apps cannot readily retrieve the password, someone could get access to the contents of RAM after the computer has been rebooted or shut down.

This could be accomplished by physical means and might require the hacker to remove the RAM cover on your Mac and chill the RAM, as suggested by Edward Felten's research team at Princeton. This freezing allows the information to stay on the RAM for longer than the normal 2.5 to 35 seconds -- allowing someone to place it in another computer and read the contents.

In a separate approach to the password-in-RAM vulnerability, CNET witnessed an EFF demo of an attack using a custom NetBoot "EFI memory scraper" to record the RAM contents on reboot and save the data as a file on another machine over the network -- the attackers were able to clearly find the login password in the file. Again, this attack requires physical access to the machine (in order to force the NetBoot via holding down the N key on restart) within a minute or two of shutdown. However, an attacker could conceivably target a machine that was locked or sleeping (with RAM contents 'live'), power it off and back on, and use the NetBoot attack immediately.

While Apple has been made aware of the attack (notified on February 5), no fixes for these issues were reported in the 2/11 security update. According to CNET, an Apple spokesperson said they were aware of the issues and were "working to fix it in an upcoming software update." Until this update comes out, you may want to set a firmware password for your Mac, or wait longer to leave your unattended Mac after a shut down. Alternatively, we have lovely TUAW-branded tin foil hats available for purchase.

[via Ars Technica]

1Password brings form-filling to the iPhone

Posted Jan 30th 2008 7:00PM by Nik Fletcher

Back at Macworld we saw a sneak-peek from 1Password creater Dave Teare of the (then forthcoming) iPhone form-filling, username-storing 1Password bookmarklet for iPhone (pictured above at Moscone). Today sees a new build of 1Password pushed out for beta-loving users who want to take advantage of it.

Of course, one main qualm people may have with this is "just how secure is my data?" The 1Password data is saved in the bookmarklet itself using "448-bit blowfish encryption". Users set up password to use with the bookmarklet, and 1Password outputs all your data in an encrypted format to sync via iTunes' 'Sync Safari Bookmarks option'. Once on the iPhone, you navigate to the page such as Pownce, choose the bookmarklet, enter your previously-set password and choose the login you wish to use. All the form filling, and form submission, is handled by the Javascript.

I've been long-in-need of something like this for the iPhone -- the typical 'too many usernames, too many unique passwords' scenario -- and using it this evening, it's been mighty handy. If you're wanting to get your hands on it, simply set your copy of 1Password to check for beta releases (all the usual beta disclaimers apply) and download the most recent release!

1Passwd 2.5b adds iPhone export

Posted Oct 8th 2007 3:00PM by Mat Lu
Filed under: Software, Beta Beat, iPhone

The browser password manager 1Passwd has just been updated to version 2.5b and adds an interesting new feature: iPhone export. You're now able to export your secure passwords and notes to the iPhone from your Mac. The clever thing is that they accomplish this without hacking the iPhone in any way.

Basically what it does is create a special Safari secured bookmarket from your 1Passwrd data "using 448 bit Blowfish encryption." This special bookmarklet is then synced to the iPhone in the normal way through iTunes. When you access the bookmarklet in mobile Safari on the iPhone it prompts you for your password and then gives you access to your passwords, secure notes, etc. Since it's just a bookmarklet in mobile Safari this should not be affected by any future firmware changes, etc.

The latest 1passwd beta can be downloaded from the Agile Web Solutions Forum.

Secure your Mac: Eikon biometric security

Posted Sep 25th 2007 5:00PM by Mat Lu
Filed under: Peripherals, Security

TUAW has lately been trying to help you Secure Your Mac, and while a few options have been available, biometric security is one area in which the Mac has seemed to lag behind the Windows side. Now UPEK has released a preview of the Mac version of their Eikon Digital Privacy Manager. The software allows you to use the Eikon scanner to login to your account, control your Keychain, switch users, or lock down your Mac.

The Eikon scanner is a USB device which costs about $40 and only comes with Windows software. Once you have the scanner however, you can download the Mac Protector Suite Preview for free from UPEK. If security is a serious concern and passwords are getting tedious then a biometric solution like this one looks increasingly cost effective.

[via OhGizmo]

TUAW Podcast #22: 1Passwd

Posted Mar 15th 2007 2:00PM by David Chartier
Filed under: Software, Internet Tools, Podcasts

This week's podcast covers 1Passwd, the password manager and autofill tool that brings some really unique features and multi-browser support for the Keychain to the table. For just under 8 minutes I demonstrate some of the killer features of this app that go above and beyond the norm, and the whole thing weighs in at a mere 28MB. Snag it from our iTunes Store Podcast directory, this direct link or our own podcast rss feed. Enjoy!

1Passwd 2.3 brings new UI, folders, 1Click Login Bookmarks and more to browser keychain tool

Posted Feb 4th 2007 10:00AM by David Chartier
Filed under: Software, Internet Tools, Security

1Passwd from Agile Web Solutions is one of those browser addons that just makes me feel all warm and fuzzy, as if its developers had an epiphany while laying in a field of not-too-prickly grass on a perfectly warm, sunny day, asking themselves: "how can we make the world a better place?"

Which browser does 1Passwd work with, you ask? Why, just about all of them. This password and identity manager integrates with nearly every major Mac OS X browser, including Safari, Firefox, Camino and OmniWeb, as well as DEVONagent and even NetNewsWire, to bring Keychain nirvana and multiple identity autofill to website forms (that's right: Firefox can use the Keychain, thanks to 1Passwd). In other words: it's an über-Keychain for your browsers, allowing you to stop caring about which one you're using, where you saved that forum's password or how you're going to fill out the umpteenth store registration. And as you might have guessed from my introduction: I kind of like 1Passwd, and a recent upgrade to v2.3 offers even more to rave about.

Most noticeably, the new version ushers in a fresh new UI, shedding the old 'n busted brushed metal for the unified look that's all the craze with 3rd party developers and lovers of good-looking software. Don't be fooled though; the new features are far more than skin deep. Folders and smart folders are now in full effect, allowing for more flexible organization of your unruly collection of logins. Another really slick new feature is 1Click Login Bookmarks, which allow you to save a bookmark with specific login credentials - perfect for sites at which you have multiple credentials. Goodbye, tedious logging in/out all day!

Plenty of other new and updated features are detailed in this blog post, and many of 1Passwd's major features, such as Firefox integration and Palm/Treo syncing, have screenshots or video demonstrations on its product page (scroll down for all the goods). A demo is available, while a single license costs a mere $30, with a 3-license family pack for $40.

How do I reset my Keychain password?

Posted Jul 20th 2006 10:00AM by Scott McNulty
Filed under: OS

Yesterday I was singing the praises of Keychain, and I still stand by my assessment. Keychain is a key feature of OS X that makes it stand apart from Windows. But what happens if you forget your Keychain password? You know, the password that lets you access all your other, heavily encrypted data?

That is exactly what happened to one poor soul who put the question to the MetaFilter community. It isn't as bad as forgetting your FileVault password, however, the sad truth of the matter is that you're going to have to generate yourself a new Keychain folder and starting from scratch. I know it sucks, but that is the price we pay for security. If you are in the same situation check out the MetaFilter discussion for the steps you need to take.

1Passwd - password/form manager lets Firefox use the Keychain

Posted Jun 6th 2006 8:35PM by David Chartier
Filed under: Software, Internet Tools

*Oh snap!* Agile Web Solutions has created a password and form manager extension for both Safari and Firefox that fixes one of my biggest gripes about Mozilla's flagship browser: it can store website passwords in Mac OS X's Keychain Access application. For those who haven't stumbled upon the wonders of the Keychain: it's a system-wide secure password manager that most other Mac OS X apps can use to store logins for things like websites and FTP access. 1Passwd is an extension that, amongst other features, lets Firefox join the Keychain party party so you can have one secure, centralized area for managing (and backing up) your logins. This also means that if you have a .Mac account, any passwords you enter into Firefox will sync between your Macs. But 1Passwd doesn't stop at handle just your login information. Check out the full feature list to see everything else it can do for both Safari and Firefox.

If beer could be sent virtually through PayPal, I'd send Agile Web Solutions a twelve pack; this brings Firefox one step closer to being a true Mac OS X browser. 1Passwd is currently in a third beta release, and those who opt to test the beta and offer their email addresses will receive a discount off its (somewhat steep) $29.95 price.

Automator action for encrypting/decrypting files

Posted Mar 23rd 2006 2:00PM by David Chartier
Filed under: Software, Cool tools, Productivity

Interested in beefing up security on some of your files or folders, but wary of the consequences if FileVault takes on a mind of its own? This Encrypt and Decrypt Files Automator action might be right up your alley, as it allows you to perform these actions with an algorithm and password. Perfect for fitting into the workflows of even the most security-conscious Mac OS X Tiger users.

The action is free and can be had over at Automator World.

Mac News

WWDC (250)

.Mac (57)

Accessories (635)

Airport (74)

Analysis / Opinion (1329)

Apple (1638)

Apple Corporate (556)

Apple Financial (187)

Apple History (45)

Apple Professional (54)

Apple TV (160)

Audio (446)

Bad Apple (118)

Beta Beat (150)

Blogging (84)

Bluetooth (16)

Bugs/Recalls (56)

Cult of Mac (870)

Deals (214)

Desktops (115)

Developer (252)

Education (98)

eMac (10)

Enterprise (138)

Features (399)

Freeware (382)

Gaming (361)

Graphic Design (31)

Hardware (1281)

Holidays (37)

Humor (576)

iBook (65)

iLife (234)

iMac (184)

Internet (325)

Internet Tools (1309)

iTS (967)

iTunes (796)

iWork (21)

Leopard (367)

Mac mini (112)

Mac Pro (53)

MacBook (202)

MacBook Air (79)

Macbook Pro (220)

MobileMe (16)

Multimedia (439)

Odds and ends (1437)

Open Source (278)

OS (912)

Peripherals (208)

Podcasting (182)

Podcasts (90)

Portables (197)

PowerBook (135)

PowerMac G5 (50)

Retail (579)

Retro Mac (48)

Rig of the Week (42)

Rumors (629)

Software (4305)

Software Update (406)

Steve Jobs (252)

Stocking Stuffers (50)

Surveys and Polls (97)

Switchers (112)

The Woz (34)

TUAW Business (237)

Universal Binary (281)

UNIX / BSD (61)

Video (902)

Weekend Review (82)

WIN Business (47)

Wireless (83)

Xserve (39)

iPhone/iPod News

iPhone (1490)

iPod Family (2024)

App Store (17)

SDK (14)

Mac Events

One More Thing (27)

Liveblog (1)

Other Events (226)

Macworld (489)

Mac Learning

AppleScript (3)

Ask TUAW (102)

Blogs (85)

Books (26)

Books and Blogs (62)

Cool tools (443)

Hacks (460)

How-tos (484)

Interviews (43)

Mods (186)

Productivity (586)

Reviews (107)

Security (154)

Terminal Tips (58)

Tips and tricks (564)

Troubleshooting (167)

TUAW Features

iPhone 101 (26)

TUAW Labs (3)

Blast From the Past (17)

TUAW Tips (141)

Flickr Find (35)

Found Footage (81)

Mac 101 (89)

TUAW Interview (31)

Widget Watch (198)

The Daily Best (1)

TUAW Faceoff (4)

RESOURCES

• Send us news tips
• Contact Us
• Advertise
• Corrections?
• Problems?

RSS NEWSFEEDS

• Main RSS Feed
• Feeds by category

Sponsored Links

Advertise on TUAW

Featured Galleries

 

Most Commented On (7 days)

• Canadian iPhone: Consumer Revolt against Rogers tariffs (123)
• iPhone 101: Eight 3G iPhone Plan Pricing Details You Need to Know (120)
• TUAW Poll: What are you doing with your original iPhone? (93)
• Doin' the wacky AT&T math (76)
• AT&T posts iPhone 3G information (74)
• International iPhone pricing guide (68)
• 10.5.4 is in Software Update Now! (56)
• Tevanian: Does Microsoft have the guts to slim down Windows? (42)
• iPhone 2.0 firmware release date hidden under our noses (39)
• Text from your iPhone for free (36)

Recent Comments

• ericdano on Ask TUAW: rEFIt with Open Firmware passwords, iCal problems, iPod without iTunes, and more
• Quadrant on Ask TUAW: rEFIt with Open Firmware passwords, iCal problems, iPod without iTunes, and more
• Tony Bowman on Flickr Find: Macintosh on Nintendo DS
• Francisco Mota on International iPhone pricing guide
• Dave on Tap Tap Revolution to be sold by Tapulous, called Tap Tap Revenge
• Camperton on Flickr Find: Macintosh on Nintendo DS
• John Bell on Ask TUAW: rEFIt with Open Firmware passwords, iCal problems, iPod without iTunes, and more
• Maldaen on Apple posts Japanese iPhone guided tour
• Nic on Mozilla Sunbird 0.8 for Mac OS X
• ESJ on Ask TUAW: rEFIt with Open Firmware passwords, iCal problems, iPod without iTunes, and more

More Apple Analysis

• AAPL on BloggingStocks The Apple category feed from BloggingStocks.com
• AAPL Quote, News & Summary The AAPL financials page from AOL Money and Finance
• iPhone analysis from BloggingStocks iPhone tag feed from BloggingStocks
• Macintosh news and reviews on Download Squad The Macintosh category feed from Download Squad

More from AOL Money and Finance

• Stock Screener
• Stock Quotes
• DJIA
• AMT
• Auto Loans
• Banking
• Car Insurance
• Checking Account
• Credit Cards
• Credit Reports
• Debt Management
• Dow Jones Industrial Average
• Earnings
• GOOG
• Health Insurance
• Home Insurance
• Identity Theft
• Income Tax Basics
• Insurance
• Life Insurance
• Loans
• Money
• Mortgages
• Personal Loans
• Recession
• Refinancing
• Retirement
• Savings Account
• Small Business
• Stock Charts
• Stock Ticker
• Taxes
• Tech News

Weblogs, Inc. Network

• Autos
  • Autoblog
  • AutoblogGreen
  • Autoblog Spanish
  • Autoblog Chinese
  • Autoblog Simplified Chinese
• Technology
  • Download Squad
  • Engadget
  • Engadget HD
  • Engadget Mobile
  • Engadget Chinese
  • Engadget Simplified Chinese
  • Engadget Japanese
  • Engadget Spanish
  • Engadget Polska
  • Switched
  • TUAW (Apple)
• Lifestyle
  • AisleDash
  • DIY Life
  • Gadling
  • Green Daily
  • Luxist
  • ParentDish
  • Slashfood
  • Styledash
  • That's Fit
• Gaming
  • Joystiq
  • DS Fanboy
  • Massively
  • Nintendo Wii Fanboy
  • PS3 Fanboy
  • PSP Fanboy
  • WoW Insider
  • Xbox 360 Fanboy
  • Big Download
• Entertainment
  • Cinematical
  • TV Squad
• Finance
  • BloggingBuyouts
  • BloggingStocks
  • WalletPop
• Sports
  • FanHouse Main
  • NFL
  • NBA
  • MLB
  • NCAA Football
  • NCAA Basketball
  • NASCAR
  • NHL
  • Golf
  • Fantasy Football
• Also on AOL
  • African-American Culture
  • Cars
  • Games
  • Maps
  • Money
  • Movies
  • Music
  • News
  • Radio
  • Sports
  • Television
  Travel

More on AOL: Money, Investing, Bonds, Broker Center, Currency, ETF Center, Futures, International Markets, Mutual Fund Center, Stock Charts, Stock Quotes, Stock Screener, Portfolios, Personal Finance, Personal Loans, Finance Calculators, Money Basics, Retirement, Taxes, Market News, Small Business

All contents copyright © 2003-2008, Weblogs, Inc. All rights reserved

The Unofficial Apple Weblog (TUAW) is a member of the Weblogs, Inc. Network. Privacy Policy, Terms of Service, Notify AOL