Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!

Use a secure disk image to store account data Desktop
Under Mac OS 9, I used a program called VSE My Privacy to store my usernames and passwords for various types of online accounts, as well as credit card, bank account, insurance, and all kinds of other information. I liked it very much because it was a very easy to use program, very customizable, and secure because it used the blowfish algorithm to encrypt the stored data. I have searched for an equivalent OS X program to take its place, but have been unsatisfied with what I have found.

Then it occurred to me that I could use a much simpler method to store my information. I created a small encrypted disk image with Disk Copy, named it "Password List" and created category folders on the image. Within each category, I created a folder for the particular online service or account I wanted to store information about. Within each account folder, I dropped a link from Omniweb that points to the log-in page for that account, and text clippings of my username and password.

Now instead of having to use Classic to run VSE My Privacy, I can just mount the encrypted disk image and browse through it in panes mode to find the information. I just double-click the link to go to the web page, and drop the username and password clippings on the entry fields, and I'm good to go!

To store new passwords when I sign up for an online service, I just create another folder, and drop in the link to the login page and clippings of the username and password. This is also much easier now that we have spring loaded folders back!
    •    
  • Currently 0.00 / 5
  • 1
  • 2
  • 3
  • 4
  • 5
  (0 votes cast)
 
[5,437 views]  

Use a secure disk image to store account data | 12 comments | Create New Account
Click here to return to the 'Use a secure disk image to store account data' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
For all your password storage needs ...
Authored by: Anonymous on Sep 07, '02 01:00:38PM
If you're looking for a very secure, Blowfish-capable program to manage passwords and such data, try PasswordMaster v1.5.4. However, keep in mind that Maury has v1.6.0 coming out (hopefully in the near future) which is going to have some neat features he's talked about on his site, RAILhead Design.

[ Reply to This | # ]
Blowfish notepad
Authored by: markds on Sep 07, '02 05:56:10PM

I'm using LittleSecrets and I'm very happy with it:

http://www.littlesecrets.de/

direct link to English page:

http://www.mani.de/LittleSecrets/en/index.html

mark.



[ Reply to This | # ]
Blowfish notepad
Authored by: wyvern on Sep 08, '02 04:42:40PM

I use Passwordwallet. AFAIK, it was the first, and I don't feel like re-typing my password list so I still use it :) Works fine on jaguar.



[ Reply to This | # ]
Keychain Access
Authored by: Titanium Man on Sep 07, '02 04:52:13PM

Also, for short snippets, I like the Secure Note feature of Keychain Access in OS 10.2. The secure disk image is definitely a good idea for larger files and folders, though.



[ Reply to This | # ]
Keychain Access
Authored by: scaryfish on Sep 07, '02 06:44:14PM

I like it too, but there are several problems: You can't type return in the text field, it just presses the default button. Instead you have to use option-return or something.

And you can't paste text into it. You can select paste from the edit menu, but nothing happens.



[ Reply to This | # ]
Saving Passwords Securely
Authored by: sshears on Sep 07, '02 04:59:55PM
I keep a text file with all my passwords and logins. I keep the file encrypted with PGP. PGP ver 7.03 runs fine in Classic; I have it work from the clipboard. www.pgpi.org and soon www.pgp.com

[ Reply to This | # ]
Also....
Authored by: spnyc on Sep 08, '02 10:42:24AM
there are a couple more apps that are carbonized, use blowfish to encrypt the data files and support synching with a palm.

Web Confidential
SplashID

cheers

[ Reply to This | # ]

WebConfidential rocks
Authored by: jules on Sep 08, '02 12:42:53PM

Mainly because it sync's with the Palm Pilot.



[ Reply to This | # ]
MacJournal
Authored by: aranor on Sep 08, '02 11:27:23PM

I use MacJournal. It's nifty, and works fine.



[ Reply to This | # ]
for the paranoid...
Authored by: nemesis on Sep 09, '02 04:05:19AM

The blowfish algorithm used is 448bit..I stick with PGP Desktop Security 7 in classic and use its far higher encryption setting of 4096 bit ..this is higher than military strength. Lets face it if they say something is military strength then the military must have better encryption than that. I'm still waiting for a good gui to Gnu pgp... .I also think there may be issues with secure Disk Images and temporary finder database files -could be a security issue to think about with that option..



[ Reply to This | # ]
Comparing ciphers (was: for the paranoid...)
Authored by: amacaulay on Jul 17, '03 02:16:27AM

4096 bit PGP isn't necessarily better (or worse) than 448 bit Blowfish. The 4096 bits of key in PGP are for the asymmetric algorithm (== public key) used and you would expect a key length of about 4000 for reasonable security. Symmetric algorithms like Blowfish ought to provide 128 bits of effective key to be safe from an exhaustive key search. With some modern algorithms that means use a real key length of 256 bits, so Blowfish with 448 bits of key is playing fairly safe.



[ Reply to This | # ]
A bug with Apple's secure disk images...
Authored by: tiktok on Sep 11, '02 08:25:42PM

I tried the above hint and found a bug with Apple's secure disk image.

Mount the disk image and put the computer to sleep. When the system wakes, the computer will ask for the password of the disk image. If you get it wrong 3(?) times, the disk image will unmount, but not cleanly. An alert message will pop up and remind you to eject (or is it put away??) properly and that data might have been lost.

I haven't done any testing so I have no idea how serious this bug is.



[ Reply to This | # ]