Recent oddities with FileVault Recovery Keys, and a new exploit GoFetch, raise concerns over how secure FileVault protection is.
password
Killed by Jupiter’s thunderbolts when she insisted he proved his identity, this myth is a reminder that making something more secure isn’t always a good answer.
Malware tries to trick you into providing it your password. How to recognise genuine requests from those fakes.
What do you do when your Mac refuses to log you in because it thinks your password is incorrect? Don’t rush or panic, but follow these steps.
How to change the password for an encrypted sparse bundle, and how to use an ISO keyboard in a macOS VM on Apple silicon.
Avoid using encrypted sparse bundles for the moment, as you can’t change their password. Apple Encrypted Archives aren’t ready for normal use either.
How is an attacker most likely to get their hands on the secrets stored in your Mac’s keychains, and what can you do to protect them?
We’re swimming upstream in a raging torrent of alerts and notifications. Rather than clicking through everything, macOS should lead by example and do what we did with traffic signs.
Multiple requests for a keychain password, login password mismatch, broken keychains, expired certificates, and using the Data Protection keychain.
How can you tell whether a request for a keychain password is genuine? What about a regular request for password authentication?