I do tech support for an elderly relative who lives across the country. When I migrated her from an old to new iMac, I turned on keychain sync, so that a) it would transfer the login items, and b) back them up to iCloud.
But keychain sync requires FileVault. And that means no more auto login. And worse, it isn’t possible for me to remote control the iMac until she enters the login password – which she forgets.
I’m not sure that is correct, at least not in all cases. I have two Macs running Sequoia syncing their Keychains without using FileVault.
For an elderly person like this and for a home computer (not a portable phone), is password security so critical? Can’t you just use her name as the password? Hopefully she wouldn’t forget that.
She would forget that her password is now her name.
She got locked out of her computer earlier this year. We think she entered the wrong password too many times. That was a pain to fix; my brother had to do it with me helping, but it didn’t help that I mistyped the correct password in an IM to him, so he kept entering the wrong password! Oops.
She would forget that her password is now her name.
I’ve done this for non-tech people and I put a reminder in the “hint” (“your password is your first name”).
Not secure at all, of course, but for these users, that isn’t the main problem.
I’ve done this for non-tech people and I put a reminder in the “hint” (“your password is your first name”).
Not secure at all, of course, but for these users, that isn’t the main problem.
That’s an excellent suggestion.
And now, feeling expansive and with a little wine down the hatch I’m going to put up a 
and say a few things.
Given the audience here, enthusiasts, sys-admins, programmers, and other-like of long-standing what I’m going to say may sound like anathema but it’s not.
For the vast majority of users inside institutions or without these security “improvements” are a huge pain in the ass. They just don’t care about this stuff and when they encounter it they are confused, scared out of their wits, or pissed-off and then they make mistakes that make things worse.
For the average home user, there is absolutely no need for full disk encryption and no need for 32 character passwords with upper & lower case, punctuation, and odd unicode symbols. The likelihood of state actors visiting your grandmother’s house to discover her secret messages with a friend in Bulgaria is laughably tiny.
And in institutions, the requirement for monthly password changes and the like causes a tsunami of post-it notes on monitors. (By the way, NIST suggests not requiring monthly password changes.)
Now, if you’re working in a bank, or a deliberately secure environment, the more security the better and it’s part of your job to deal with it. If you’re a road warrior with trusty laptop you absolutely want FileVault because there’s a damn good chance you’ll leave that laptop under your seat in your haste to get out of the damn plane.
When I put on my old programmer pants I’m horrified at the energy expenditure to encrypt 60 500M Photoshop files, but our modern systems are so bloody fast, I guess I should let that go.
I’m an advocate of local encryption. In other words, use an encrypted .dmg for your most vital information with a password that you’ll remember even after a 6-hour bender. As for the rest, if the evil guy wants to look at my scans of 1887 daguerrotypes why go right ahead! (By the way, what evil guy? How many of you have had large bearded guys with Jolt cola in a holster at their belt come clambering in the window to invade your computer?)
Smartphones are different because you carry them with you all the time, they often have vital personal information, and they are stolen regularly. The better they lock those down the better we’ll be. But your home computer in your Fortress of Solitude? Please.
A while ago, my sisters came to visit and both needed to use my workstation to print boarding passes. They asked for the password. I gave it. They erupted in laughter because it was so simple and they both had been working in academic/medical environments for years where excruciating irritation with passwords was a given.
For most people, the real danger is phishing and other web subterfuges. No password will prevent you from being hoodwinked though I suppose if you used a 64-character password with suitable unicode oddities the likelihood that the scammers could note it down is low.
Dave
Awesomely entertaining turn of phrase.
Also, now I know what to look for.
The most common malware attacks with human agents I see at the senior community where I live, and at the university where supported humanities faculty and students most often involved a Trojan utility or browser add-on toolbar, or those scams that make loud buzzing sounds and produce multiple dialogs telling users they have been infected/hacked and should call [Apple or Microsoft, etc,) immediately with a toll free number.
There’s a phone call version of this, but ultimately the scam involves the user giving the bad actor remote access to the computer or their bank account or both.
Given the difficulty of remote logging in under Tahoe & FileVault, that might be a reason to leave it on. People here have lost thousands; one woman lost over 50K to a similar “IRS” scam.
Given the difficulty of remote logging in under Tahoe & FileVault, that might be a reason to leave it on. People here have lost thousands; one woman lost over 50K to a similar “IRS” scam.
That’s awful! 50K!?
I don’t think it’s all that difficult to do remote login under Tahoe. Most of the screen-takeover scammers that tell you to call them because a very important doohickey in your OS is melting down use remote viewing software like LogMeIn and the like and they persuade the user to install it for them.
Some of these scoundrels are very persuasive. I had an old friend, professor, computer user for 20+ years, who was caught by one. I got a call from his wife who was worried about what was happening. She had tried several times to get him to break-off but he brushed aside her concerns. As soon as I heard the description I knew he was in trouble because they were already remotely bouncing around his system. I told her to walk over, completely shut down his system no matter what he said, and exchange his phone for hers so I could explain what was happening. Phew. He just barely escaped being hit-up for a $300+ fee for their “repairs.” Took me an hour-plus to remove all the crap they dropped in his system. He was extremely embarrassed about this incident but the fact was the crooks were damn good at their job.
So, I’m afraid FileVault and secure passwords are truly no match for social engineering swindlers. I’ve had some success in inoculating people against this by personally showing them how these work, how to fix it, and how to ignore the patter. Just sending around a warning note doesn’t work very well.
Sigh.
Dave
My article triggered DriveSavers to post about how there are a number of edge cases where it might seem like recovery would be impossible due to the use of FileVault, but where they’ve been able to get data back in the past.
Of course, the only time drive recovery would be needed is when there are no backups.
There is a Take Control ebook on Digital Legacy which covers many aspects of this. I have used it as a basis for a talk I give to groups of mainly older people with low computer literacy. The purpose is to make them think about these issues before it is too late. And with default encryption of disks, unless you know the password to the Mac, it is past recovery.
It is not only old people. I have had clients who have been using their Mac for 20 years through various new Macs. They set up the password then, and have never needed it since. (It is amazing to see apps from 20 years ago still sitting in the Applications folder.)
Wow. I have a hard time believing that someone could go anywhere near 20 years, or even a year, without entering their login password. Even with auto-login set up and them rejecting every macOS update that was offered, I would expect something in macOS to ask for the login password at some point. Back in the day, I think it was possible to have no password at all in Mac OS X, so pressing Return just continued—I wonder if that might still be possible on migrated accounts.
But hey, maybe there’s a way to do this, however much of a bad idea it is.