Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Are your passwords safe?

Joe Kissell | May 3, 2013
How to keep your accounts as secure as possible

Now launch Keychain Access and select the login item that appears in the Keychains pane. It appears as an empty box, indicating that it's missing from the Keychains folder. Choose File > Delete Keychain 'login'. In the resulting sheet, click Delete References.

Now choose File > New Keychain. In the resulting Save dialogue box, name the new keychain 'login' and save it to the default location (your account's Keychains folder). You'll be prompted to create and verify a password for this keychain. The passwords that you add will now appear in this keychain. And, yes, you'll have to re-enter passwords stored in the old keychain when prompted.

Share your login keychain

If you have multiple Macs, you may find it convenient for each computer to have access to the same keychain. Here's how to do it: first, make a copy of the login.keychain file inside the Keychains folder on the Mac that has the most complete set of passwords, and copy it to your other Macs.

Remove the login.keychain file from each Mac's Keychains folder and put it in a safe place in case something goes wrong. Place the copied login keychain file in the user's Keychains folder. Log out and then log back in. If the login password on the Mac you're currently using is different from the one on this master Mac, you'll receive a prompt asking you to provide the login keychain's password. Once you enter it, you should have access to the same passwords as that master Mac.


When you create a password, you may choose to store it in a password manager, write it down or commit it to memory. Sometimes, however, things go wrong: you find yourself without access to your password manager, you lose the paper on which you recorded your passwords, you forget a password you thought you had memorised or you remember it incorrectly too many times and get locked out of the account.

In such cases, online services need a secondary way of granting you access to your account or your data. Sometimes, the provider lets you click a link to have your existing password, a new password or password-reset instructions sent to the email address you have on file. But if those mechanisms seem too insecure, the site may ask you to respond to some verification questions for which you've previously provided the answers.

Unfortunately, password-reset messages and verification questions come with their own problems and risks. You can reduce your chances of being hacked - or of being unable to respond correctly to one of these questions - by following a few simple tips.

Prevent password-reset mischief


Previous Page  1  2  3  4  5  6  7  8  9  Next Page 

Sign up for CIO Asia eNewsletters.