On Mon, Sep 12, 2011 at 11:49 AM, Macs R We <macs...@macsrwe.com> wrote: > > On Sep 12, 2011, at 5:02 AM, Jean-Christophe Helary wrote: > >> Thanks everybody for the suggestions. >> >> Let me go back to my original problem. >> >> My problem is that physical access to the work machines means basically >> access to all the passwords, whether I use Keychain of 1Password etc. > > Not so.
You can take steps to guard against casual snooping, but if you have something of value, professionals won't be put off by simple measures. > Both these tools have a facility where the keychain re-locks itself after a > user-set interval of non-use. > > Use a keychain password that is NOT your login password, and have it re-lock > after five minutes and any time the machine sleeps or the screen saver turns > on. Memorize the hotkey for making your screen saver come on > (http://hints.macworld.com/article.php?story=20050706194219822) and use it > any time you step away from your machine. > > Finally, set yourself a "firmware password," and your machine is as secure as > you can reasonably get it. If you use a computer in a public area bad guys can just observe you typing your password. I less public areas they use hidden cameras. <http://computer-forensics.sans.org/blog/2011/01/28/mac-os-forensics-howto-simple-ram-acquisition-analysis-mac-memory-reader-part-1> found clear-text passwords in memory -- the bad guy just has to pop a smoke grenade, yell fire, wait for everyone to run out the door and get to your machine before the screen saver kicks in, so the key is whether you have trained yourself well enough to follow the above advice while running for your life. Unless you suspect something you might not know your password had been stolen. -- George N. White III <aa...@chebucto.ns.ca> Head of St. Margarets Bay, Nova Scotia _______________________________________________ MacOSX-talk mailing list MacOSX-talk@omnigroup.com http://www.omnigroup.com/mailman/listinfo/macosx-talk
