Bitcoin Forum
December 06, 2016, 04:07:02 PM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Would you save your Mt.Gox password in Safari v5.1?  (Read 766 times)
toffoo
Sr. Member
****
Offline Offline

Activity: 392



View Profile
August 06, 2011, 03:32:58 AM
 #1


I'm looking for someone who knows what they're talking about when it comes to Internet security in general and Mac OS X Lion in particular to help me out with some advice here:

Since Mt.Gox's re-opening, I have started using a complex, un-memorizable, and barely typable new password.  Since their security issues, it seems like they have also shortened the idle time after which they log you out to some unbearably short few minutes and it is driving me absolutely crazy trying to re-login with this password what seems like 50 times a day.

I recently upgraded my Mac to Lion and Safari v5.1 and I noticed a new feature where it offers to save your passwords to secured websites.  (Yes, I realize other browsers have offered this for ages, in fact I think older Safari did as well, but it looks like this has been reimplemented in v5.1 to actually store the password in Keychain.)

I have a fairly rudimentary understanding of Mac OS and Safari internals, but I believe that Keychain is considered quite secure.  However, with all the shenanigans around with Mt.Gox accounts getting hacked and Bitcoins getting stolen, I'm a bit nervous about storing this password right in my browser.

Would you?

1481040422
Hero Member
*
Offline Offline

Posts: 1481040422

View Profile Personal Message (Offline)

Ignore
1481040422
Reply with quote  #2

1481040422
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1481040422
Hero Member
*
Offline Offline

Posts: 1481040422

View Profile Personal Message (Offline)

Ignore
1481040422
Reply with quote  #2

1481040422
Report to moderator
1481040422
Hero Member
*
Offline Offline

Posts: 1481040422

View Profile Personal Message (Offline)

Ignore
1481040422
Reply with quote  #2

1481040422
Report to moderator
1481040422
Hero Member
*
Offline Offline

Posts: 1481040422

View Profile Personal Message (Offline)

Ignore
1481040422
Reply with quote  #2

1481040422
Report to moderator
Blackout
Full Member
***
Offline Offline

Activity: 196



View Profile WWW
August 06, 2011, 03:37:17 AM
 #2

If at all possible don't do the auto save password thing on anything but the most non important sites...... and don't use the same password or same style of passwords.

Yeah it gets annoying remembering all your passwords... but I certainly wouldn't save a bank or bitcoin or any important password in the 'browser remember password' thing. That's asking for a 3rd party virus thingy to come along and take it.




http://blackout.com
Insane writings for an Outsane world: http://blackoutsblog.com

Blackout Radio on android or iphone DL TuneIn APP & search for Blackout Radio http://tunein.com/tuner/?StationId=136506

https://secure.btcontilt.com/register.php?referred=Blackout (BTC Poker)
ctoon6
Sr. Member
****
Offline Offline

Activity: 350



View Profile
August 06, 2011, 03:01:00 PM
 #3

i personally would not take anything made by apple, or Microsoft for that matter as secure. safari is one of the least secure browsers you can get, and lately a lot of exploits have been found on simple things like laptop batteries lawl.

thinkingBTC
Newbie
*
Offline Offline

Activity: 16


View Profile
August 06, 2011, 05:10:30 PM
 #4

I use a lastpass/yubikey(yubico.com) for master password to log in LastPass, and use the lastpass plugin for your browser (plus a yubikey from mtgox) to log into your Mt.Gox account.
toffoo
Sr. Member
****
Offline Offline

Activity: 392



View Profile
August 09, 2011, 07:03:11 PM
 #5

FYI: He put a new option on the settings page last night where you can now set the amount of idle time after which you get logged out, up to 2hrs:

https://mtgox.com/users/settings?page=settings

So now figuring out how to save my password in a secure way isn't such an urgent issue anymore.

nmat
Hero Member
*****
Offline Offline

Activity: 602


View Profile
August 09, 2011, 08:34:28 PM
 #6

This forum is getting filled with crap. None of the answers was related to your question.

I don't know about the recent Safari improvements (haven't tried Lion yet) so I can't confirm that it uses Keychain. If Safari does store the password on Keychain, it is as secure as your Keychain password is. The MtGox password won't be stored in plaintext (like it happens with other browsers) and the only attack possible is to brute force your Keychain file, which is a painfully slow task if you choose a good pass.

So the answer is yes, I would save MtGox's password on my personal Mac with a good Keychain password. It is encrypted and I don't think someone could easily access my Keychain file anyway.
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!