 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
Mac Forum / Applications / Mac Applications / July 2008Keychain question
I needed to get a password that my wife has, and she couldn't remember it. I found the name of the Safari URL that asks for it, and then opened Keychain and searched for a word in the URL. It didn't find any matches. What did I do wrong. > I needed to get a password that my wife has, and she couldn't remember > it. I found the name of the Safari URL that asks for it, and then [quoted text clipped - 3 lines] > > What did I do wrong. If your wife couldn't remember the password and Safari didn't fill it in automatically, then it isn't in the keychain. She'll either have to remember it or find a site-specific mechansm to reset or recover the password. Safari isn't able to store passwords for some web sites. I don't know exactly why. Some sites use cookies, and the cookie might expire. One solution is to buy 1Password. It has a more robust mechanism for capturing web passwords, but I'm not all that happy with it - it adds an extra level of user interface, and it is implemented via an Input Manager, which makes me nervous. Firefox might do a better job at capturing web passwords for some of the affected sites.  SignatureDavid Empson dempson@actrix.gen.nz > One solution is to buy 1Password. It has a more robust mechanism for > capturing web passwords, but I'm not all that happy with it - it adds an > extra level of user interface, and it is implemented via an Input > Manager, which makes me nervous. I love the damn thing. At first I found it tough to get use to, but now I've got the drill down. SignatureThank you and have a nice day. > > I needed to get a password that my wife has, and she couldn't remember > > it. I found the name of the Safari URL that asks for it, and then [quoted text clipped - 19 lines] > Firefox might do a better job at capturing web passwords for some of the > affected sites. I have a .dmg that is password protected (don't forget this one), when opened it has a text file with all my passwords and stuff. It is referred to when all else fails. Hardest habit is keeping it up to date. Signaturedorayme In article <doraymeRidThis-E88C32.16584427072008@news-vip.optusnet.com.au>, > I have a .dmg that is password protected (don't forget this one), when > opened it has a text file with all my passwords and stuff. It is > referred to when all else fails. Hardest habit is keeping it up to date. My wife and I keep a few different files in a secure disk image with a long, secure password that isn't stored in the keychain of any of our computers. One is a text file with a list of the information (account number, bank phone number, expiration date, security code, pin, and so on) about our various bank accounts, credit cards, insurance accounts, and other personal information. Another is a text file with list of the various account names and passwords I use at work for various intranet sites and so on. Another is an Excel spreadsheet with one sheet with list of the login names and passwords for the 100+ web sites we frequent, and another sheet with a list of the security questions associated with some of the web sites. We also store high-resolution scans of our social security cards and birth certificates in the disk image. And there are a couple other files for miscellaneous things. We are able to access this disk image from any computer in the house through file sharing. It's very handy not to have to hunt your wallet down wherever it is in another room, and instead just mount a secure disk image to get the information you need while making a web or phone purchase / transaction. SignatureSend responses to the relevant news group rather than to me, as E-mail sent to this address may be devoured by my very hungry SPAM filter. Due to Google's refusal to prevent spammers from posting messages through their servers, I often ignore posts from Google Groups. Use a real news client if you want me to see your posts. JR > In article > <doraymeRidThis-E88C32.16584427072008@news-vip.optusnet.com.au>, [quoted text clipped - 24 lines] > disk image to get the information you need while making a web or phone > purchase / transaction. Yes, well, JR, you have really gone into it! I used to do this password protected file thing on my 7600 before moving to OS X by having it all on a zip and password protecting the zip file via the Iomega tools. Not sure how safe that was? Now I just have the .dmg on G4 HDs and USB sticks. I think I never quite found out how to make a password protected USB stick; but as I have it, I am more than happy. The only passwords I don't allow keychain to store is bank accounts and the like. Actually, you remind me to organise my text file better, it is a simple list in alphabetical order! I should create categories. Signaturedorayme In article <doraymeRidThis-EF0CCD.20124827072008@news-vip.optusnet.com.au>, > > In article > > <doraymeRidThis-E88C32.16584427072008@news-vip.optusnet.com.au>, [quoted text clipped - 26 lines] > > Yes, well, JR, you have really gone into it! Well, it started out os a single text file and evolved over the years to what it is now! ; ) > I used to do this password protected file thing on my 7600 before moving > to OS X by having it all on a zip and password protecting the zip file > via the Iomega tools. Not sure how safe that was? Not *nearly* as safe as an encrypted disk image with a secure password! > Now I just have the .dmg on G4 HDs and USB sticks. I think I never quite > found out how to make a password protected USB stick; but as I have it, > I am more than happy. The only passwords I don't allow keychain to store > is bank accounts and the like. Well one easy way to make a USB stick secure is to simply store an encrypted disk image on the USB stick. : ) > Actually, you remind me to organise my text file better, it is a simple > list in alphabetical order! I should create categories. What I like about storing some data in a spreadsheet is it's more compact than a text file (one line per entry), and easily sortable as you add records over time - especially when the number of records gets very large and hard-to-manage. We'll probably end up moving other things into spreadsheets as time goes on. SignatureSend responses to the relevant news group rather than to me, as E-mail sent to this address may be devoured by my very hungry SPAM filter. Due to Google's refusal to prevent spammers from posting messages through their servers, I often ignore posts from Google Groups. Use a real news client if you want me to see your posts. JR >I have a .dmg that is password protected (don't forget this one), when >opened it has a text file with all my passwords and stuff. It is >referred to when all else fails. Hardest habit is keeping it up to date. On my computer, I use Firefox. It has an advantage in that I can put clues in the bookmark to help me remember my password. I also put my user name in the description, as different sites have different requirements on what my user name can be. (I also like using Foxmarks, keeping my bookmarks in my Mac synchronized with the bookmarks I have at work). In <doraymeRidThis-E88C32.16584427072008@news-vip.optusnet.com.au>, dorayme...: > I have a .dmg that is password protected (don't forget this one), when > opened it has a text file with all my passwords and stuff. It is > referred to when all else fails. Hardest habit is keeping it up to date. That is what I used to do. (Well, I just had a text file that was encrypted with gpg). Then I switched to pwsafe, a command-line tool with a sucky Tcl/tk GUI called Password Gorilla. Finally, I moved to 1password. And I love it. It uses the keychain, and this keychain data can be sync'd between Macs using .mac (which wasn't always that reliable for me for keychain syncing, or 1password's own system still in testing.) Because there are plug-ins for many browsers, I am not locked into any particular browser. Also it makes getting and storing passwords from browsers so easy, I really can have a different and strong password for each site. -j SignatureJeffrey Goldberg http://www.goldmark.org/jeff/ I rarely read top-posted, over-quoting or HTML postings. http://improve-usenet.org/ In article <alpine.OSX.1.10.0807292056090.2860@hagrid.ewd.goldmark.org>, > > I have a .dmg that is password protected (don't forget this one), when > > opened it has a text file with all my passwords and stuff. It is [quoted text clipped - 13 lines] > browsers so easy, I really can have a different and strong password for > each site. Jeffrey, be careful. Consider weak passwords for everything and mostly the same. It is morally wrong to do otherwise, it is taking an attitude that one is important and has valuable secrets... An overzealous history of obsession with security will not go down well when one gets to the Gates of St Peter's. Just remember that He has root access to your file system and keychain and will notice if you have many different and long and secretive psswds. Signaturedorayme >If your wife couldn't remember the password and Safari didn't fill it in >automatically, then it isn't in the keychain. She'll either have to >remember it or find a site-specific mechansm to reset or recover the >password. It fills it in automatically on her Safari, but not so that she can read it and tell me what the password is so I can use it to access our account. > It fills it in automatically on her Safari, but not so that she can > read it and tell me what the password is so I can use it to access our > account. So what you're telling us is that there's no problem at all logging into the account, yet for some reason you're unable to access the account? SignatureI kill Google Groups posts. See http://improve-usenet.org for details. <http://designsbymike.net/shop/mac.cgi> Mac and geek T-shirts & gifts <http://designsbymike.net/shop/prius.cgi> Prius shirts/bumper stickers <http://designsbymike.net/shop/greet.cgi> Holiday cards with attitude >> It fills it in automatically on her Safari, but not so that she can >> read it and tell me what the password is so I can use it to access our >> account. > >So what you're telling us is that there's no problem at all logging into >the account, yet for some reason you're unable to access the account? I'm sorry I wasn't clear. My wife has no problem logging into the account using her computer and her Safari. What we're trying to get is the password so that I can log into the account using my computer. We don't remember the password, and wanted to find it in keychain. > I'm sorry I wasn't clear. My wife has no problem logging into the > account using her computer and her Safari. What we're trying to get > is the password so that I can log into the account using my computer. Okay, I didn't understand that you're not allowed to use her computer to access that account. ;-) > We don't remember the password, and wanted to find it in keychain. Are you sure you used the correct URL, from the log in page itself when you searched in the Keychain Utility? In any case, it would be odd if the site didn't have a procedure for retrieving or resetting a forgotten password. SignatureI kill Google Groups posts. See http://improve-usenet.org for details. <http://designsbymike.net/shop/mac.cgi> Mac and geek T-shirts & gifts <http://designsbymike.net/shop/prius.cgi> Prius shirts/bumper stickers <http://designsbymike.net/shop/greet.cgi> Holiday cards with attitude >> I'm sorry I wasn't clear. My wife has no problem logging into the >> account using her computer and her Safari. What we're trying to get >> is the password so that I can log into the account using my computer. > >Okay, I didn't understand that you're not allowed to use her computer to >access that account. ;-) It's inconvenient when I'm at work. >> We don't remember the password, and wanted to find it in keychain. > >Are you sure you used the correct URL, from the log in page itself when >you searched in the Keychain Utility? I typed in one word that was in the URL. >In any case, it would be odd if the site didn't have a procedure for >retrieving or resetting a forgotten password. She did it once, and was a hassle. She asked me if I could use Keychain to do it, and I wanted to learn how, so I asked here. Learning how might come in useful in the future. > >> I'm sorry I wasn't clear. My wife has no problem logging into the > >> account using her computer and her Safari. What we're trying to get [quoted text clipped - 4 lines] > > It's inconvenient when I'm at work. You may want to consider providing salient details in your initial post when you start a thread. Saves on all the subsequent back and forth. > >In any case, it would be odd if the site didn't have a procedure for > >retrieving or resetting a forgotten password. > > She did it once, and was a hassle. She asked me if I could use > Keychain to do it, and I wanted to learn how, so I asked here. > Learning how might come in useful in the future. The point that Dave Empson made in another post that not all Safari's passwords are stored in the keychain is very important. I don't know what the rhyme or reason is for when it's stored there, but a lot of passwords are stored in Safari's settings directly, and those cannot be looked up, as David pointed out. _IF_ you're trying to look up a password that's in the keychain, it's a simple matter of finding it, clicking, and entering your keychain password when prompted. SignatureI kill Google Groups posts. See http://improve-usenet.org for details. <http://designsbymike.net/shop/mac.cgi> Mac and geek T-shirts & gifts <http://designsbymike.net/shop/prius.cgi> Prius shirts/bumper stickers <http://designsbymike.net/shop/greet.cgi> Holiday cards with attitude > You may want to consider providing salient details in your initial post > when you start a thread. Saves on all the subsequent back and forth. Like the exact numbers of your wife's bank account, I have a tax bill pending... <g> Signaturedorayme > Like the exact numbers of your wife's bank account, I have a tax bill > pending... <g> Aren't my PayPal payments sufficient? SignatureI kill Google Groups posts. See http://improve-usenet.org for details. <http://designsbymike.net/shop/mac.cgi> Mac and geek T-shirts & gifts <http://designsbymike.net/shop/prius.cgi> Prius shirts/bumper stickers <http://designsbymike.net/shop/greet.cgi> Holiday cards with attitude > > Like the exact numbers of your wife's bank account, I have a tax bill > > pending... <g> > > Aren't my PayPal payments sufficient? No, my fellow citizens have big needs and they want a big chunk of my hard earned and (this really annoys me) they want it in advance so they have made a scheme where some of us have to deposit with no interest back. Honestly, I cannot think of a greater disincentive to work than income tax. I believe in consumption taxes (unkind folk might say because I am a bit mean and don't spend much). Plus, you know very well Mike that the balance sheet between us is your way. I saw the other day how you spend it btw. I cannot disapprove though, on dancing activities! I just did a website for a group of dance teachers. Very pleasant business, dancing. I am big fan of it all and will continue to support you. I saw Easter Parade the other night, Fred Astaire was getting on but still brilliant.) Signaturedorayme >> It's inconvenient when I'm at work. > >You may want to consider providing salient details in your initial post >when you start a thread. Saves on all the subsequent back and forth. It wasn't obvious at all to me that the reason I wanted to find my saved password made any difference to the technique needed to retrieve it. It can take more back and forths to discover the salient details than to find my answer. That said, I get criticized much more often for including too many details than including not enough details. > That said, I get criticized much more often for including too many > details than including not enough details. Really? Where? I've only seen you get criticized for omitting details. Anyway, mentioning what you ate for breakfast would be an example of including too many details, but saying you need to look up a password to use on a different computer seems relatively straightforward to me. SignatureI kill Google Groups posts. See http://improve-usenet.org for details. <http://designsbymike.net/shop/mac.cgi> Mac and geek T-shirts & gifts <http://designsbymike.net/shop/prius.cgi> Prius shirts/bumper stickers <http://designsbymike.net/shop/greet.cgi> Holiday cards with attitude > > That said, I get criticized much more often for including too many > > details than including not enough details. [quoted text clipped - 3 lines] > including too many details, but saying you need to look up a password to > use on a different computer seems relatively straightforward to me. He wrote > It fills it in automatically on her Safari, but not so that she can > read it and tell me what the password is so I can use it to access our > account. At that point it seemed pretty damned obvious to me. > >Are you sure you used the correct URL, from the log in page itself when > >you searched in the Keychain Utility? > > I typed in one word that was in the URL. Very often web pages will use a server with a slightly- or significantly-different name for authentication. You'll need to figure out the name of the server this particular web site uses for authentication, and look for a key with that name in the keychain. If you need help with this, post the URL to the web site in question here and some of us will take a look and help you figure out what you should look for in the keychain. SignatureSend responses to the relevant news group rather than to me, as E-mail sent to this address may be devoured by my very hungry SPAM filter. Due to Google's refusal to prevent spammers from posting messages through their servers, I often ignore posts from Google Groups. Use a real news client if you want me to see your posts. JR >> I typed in one word that was in the URL. > [quoted text clipped - 5 lines] >and some of us will take a look and help you figure out what you should >look for in the keychain. http://www.krogerpersonalfinance.com/my_account.htm If this gets the solution (and the password isn't in Safari), please share how you found the URL. I'm wanting to learn the process as much as the result. Thanks. > http://www.krogerpersonalfinance.com/my_account.htm Ah, well, that's the page where you click on Sign In, which takes you to: http://www.krogerpersonalfinance.com/Max/KPFaccessaccount.htm That's the page where you then click on Access Account, which takes you to: https://www.accessmycardonline.com/RBS_Consumer/SecuredLogin.do?promoCod e=KPF THIS is the page where the user name and password are entered, so you should be looking for www.accessmycardonline.com in her keychain, not www.krogerpersonalfinance.com. SignatureI kill Google Groups posts. See http://improve-usenet.org for details. <http://designsbymike.net/shop/mac.cgi> Mac and geek T-shirts & gifts <http://designsbymike.net/shop/prius.cgi> Prius shirts/bumper stickers <http://designsbymike.net/shop/greet.cgi> Holiday cards with attitude > > http://www.krogerpersonalfinance.com/my_account.htm > [quoted text clipped - 12 lines] > should be looking for www.accessmycardonline.com in her keychain, not > www.krogerpersonalfinance.com. Exactly. Thanks Mike. SignatureSend responses to the relevant news group rather than to me, as E-mail sent to this address may be devoured by my very hungry SPAM filter. Due to Google's refusal to prevent spammers from posting messages through their servers, I often ignore posts from Google Groups. Use a real news client if you want me to see your posts. JR >THIS is the page where the user name and password are entered, so you >should be looking for www.accessmycardonline.com in her keychain, not >www.krogerpersonalfinance.com. Thanks, I'll check that out. > >THIS is the page where the user name and password are entered, so you > >should be looking for www.accessmycardonline.com in her keychain, not > >www.krogerpersonalfinance.com. > > Thanks, I'll check that out. You are going to way more work than you have to. 1. Go to the login page of the site, in Safari, and let it fill in the user name and password. 2. Edit the user name in the form. It doesn't matter what you edit it to, just as long as you change it. 3. Submit the form, and when Safari asks, tell it to remember the name and password. 4. Go to Keychain Access, sort by date/time, and look at the newest entry. It will be the one you just created, with the edited user name, and it will have the password you are looking for. Signature--Tim Smith > >If your wife couldn't remember the password and Safari didn't fill it in > >automatically, then it isn't in the keychain. She'll either have to [quoted text clipped - 4 lines] > read it and tell me what the password is so I can use it to access our > account. I wonder if that means it is stored in the "Forms autofill" database rather than as an item in the keychain. Safari stores a single entry in the keychain which allows it to decrypt the Forms autofill file, but I haven't gone looking for that file and don't know how to access what is inside it. You can at least see a list of entries in Safari's preferences, but it doesn't show all the details. SignatureDavid Empson dempson@actrix.gen.nz > One solution is to buy 1Password. It has a more robust mechanism for > capturing web passwords, but I'm not all that happy with it - it adds an > extra level of user interface, and it is implemented via an Input > Manager, which makes me nervous. I use 1Password and I am a very big fan. There are many things I like about it :) One of them is that the password or any form information is put in by selecting from a little menu that becomes available when relevant. This means the information is not put in automatically by the browser. This, I like :) SignaturePatrick <http://www.patrickjames.me.uk> > I needed to get a password that my wife has, and she couldn't remember > it. I found the name of the Safari URL that asks for it, and then [quoted text clipped - 3 lines] > > What did I do wrong. Passwords are usually encrypted. Your wife will probably need to reset her password. > I needed to get a password that my wife has, and she couldn't remember > it. I found the name of the Safari URL that asks for it, and then [quoted text clipped - 3 lines] > > What did I do wrong. Well, one possibility is that you picked your search word from the URL poorly. As an experiment, I enabled remembering passwords in Safari, and then went and logged into slashdot. The name of the keychain item it stored the password in does NOT include the URL. Rather, the name was "slashdot.org (my_user_name)". The full URL is the info that shows up if I "get info" on the entry. However, I doubt searching includes that. You could either go to Keychain Access, sort by name, and scroll around trying to find it, or you can try this shortcut: 1. Go to the login page at the site, and let Safari auto-fill the user name and password. 2. Before hitting submit, change the name. 3. Hit submit. When Safari asks if it should save the name/password, let it. 4. Go to Keychain Access, and sort by date. You should find a new entry for the site, with the new user name. Open it, and check the box to view the password. Signature--Tim Smith |
Reply to this Message |
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.