Posts

Use 1Password to Enter Your Mac Login Password

We think of 1Password as being helpful for entering passwords on websites and in iPhone and iPad apps. But its Universal Autofill feature has a hidden capability that lets 1Password enter your Mac login password when you have to provide it to change certain system settings, install apps, format drives in Disk Utility, and more. (But it won’t work to log in at startup before 1Password is running.) To turn this feature on, click the New Item button in 1Password, search for and select “Mac login” , give it a name that will sort alphabetically to the top, like “2020 27-inch iMac” , enter your password, and click Save . From then on, whenever you’re prompted for your Mac login password , press Command- (Backslash, located above the Return key), and then click the desired login or press Return to select the topmost item .

(Featured image based on an original by iStock.com/ipuwadol)


Social Media: 1Password is tremendously helpful for entering website passwords, but a little-known feature also enables it to enter your Mac login password for changing system settings, installing apps, and more.

After “Mother of All Breaches,” Update Passwords on Compromised Sites

January’s big security news was the Mother of All Breaches, the release of a massive database containing 26 billion records built from previous breaches across numerous websites, including Adobe, Dropbox, LinkedIn, and Twitter. It’s unclear how much of the leaked data is new, but it’s a good reminder to update your passwords for accounts on compromised sites, especially those you reused on another site. Cybernews has a leak checker that reports which breached sites include your data. More generally, password managers often have a feature that checks your passwords against the Have I Been Pwned database of breaches and helps you change compromised passwords—1Password’s is called Watchtower, shown below. You can also search Have I Been Pwned directly. Don’t panic if your email address appears in numerous breaches because some of the theoretically compromised accounts may be defunct sites, trivial sites you used once 10 years ago, or duplicate password manager entries for a site whose password you already updated.

(Featured image by iStock.com/Prae_Studio)


Social Media: Worried about the “Mother of All Breaches” that has been making the rounds in security news? We share a leak checker that can tell you if your email address was involved and recommend that you update any compromised passwords.

Stay Alert! Voice Phishing Used in Recent Ransomware Attacks

All it took for MGM Resorts International to be compromised with ransomware was a quick phone call, which some now call “voice phishing” or “vishing.” An attacker using LinkedIn information to pose as an employee asked MGM’s help desk for a password change, after which they were able to install ransomware. MGM is now up to $52 million in lost revenues and counting. Two takeaways. First, if you call support for a manual password reset, expect to be asked for a lot of verification, such as a video call where you show your driver’s license. Second, if you receive a call at work from an unknown person asking you to do anything involving money or account credentials, hang up, verify their identity and authorization, and proceed accordingly only if they check out.

(Images by iStock.com/1550539 and HT Ganzo)


Social Media: Phishing isn’t limited to email and texts anymore—“voice phishing” or “vishing” was used recently in a major ransomware attack on MGM Resorts. The rise in such attacks means that requests over the phone will need much more verification.

Is Your Wi-Fi Network a Security Risk?

With Wi-Fi security, it’s easy to fall into the “out of sight, out of mind” trap. Your Wi-Fi router probably lives in a corner or closet, and of course, Wi-Fi’s radio waves are invisible. But the ease of connecting your devices to your Wi-Fi network means it’s equally as easy for a hacker to connect to your network and eavesdrop on your traffic. Or rather, it’s easy unless you take advantage of the security options available in every Wi-Fi router.

Before looking at those options, let’s discuss the importance of securing your wireless network. The fact is, we all send sensitive data over Wi-Fi and onto the Internet. That data includes passwords, financial information, and personal details, all of which could be used for identity or outright theft. For those who work at home, it may also include important corporate credentials and information. In addition, if your Wi-Fi network is open for everyone and has a bandwidth cap, you could be throttled or incur additional charges due to extra usage from someone using your network without your knowledge. Worse, someone could engage in illegal activity from your network, potentially putting you at legal risk.

Here are six ways you should secure your Wi-Fi network, plus another that’s usually not worth the effort. Exactly how you go about these tasks varies depending on your Wi-Fi router, but they should all be easy to accomplish.

1. Change Your Wi-Fi Router’s Default Password

Every Wi-Fi router has an app- or Web-based administrative interface where you can adjust settings, including security options. The first thing you should do when setting up a new Wi-Fi router is change the password for accessing that admin interface. (And if you didn’t do that when you set up your current Wi-Fi router, go do it now. Immediately. We’ll wait.) The default passwords are well known to hackers, who can use them to take over routers and turn off all the other security settings.

2. Change the Default Network Name (SSID)

Every Wi-Fi network has a name—technically an SSID, or Service Set Identifier. There’s no security benefit in changing it to anything in particular, but you should change it from the default name. That’s because default names often identify the router’s manufacturer, such as “Netgear” or “Linksys,” and some routers have known vulnerabilities or password styles that make it easier to break in. Of course, the main advantage of changing the network name is that it makes it easier to pick out from any other nearby networks.

3. Update Your Wi-Fi Router’s Firmware

Wi-Fi router manufacturers frequently fix security vulnerabilities and release new firmware versions. Check to make sure your Wi-Fi router has the latest firmware available, and if there’s an option for it to update its firmware automatically, turn that on.

4. Disable WPS (Wi-Fi Protected Setup) If Possible

When you connect a new device to your Wi-Fi network, you need to enter your Wi-Fi password. That’s entirely reasonable, and Apple devices automatically offer to share that password with your other Apple devices and other people in your Contacts. More generally, a technology called Wi-Fi Protected Setup (WPS) was designed to enable connecting without typing the Wi-Fi password, either by entering an 8-digit PIN or pressing a button on the router. The button is fine—no one can connect without physical access to the router. But the PIN is horribly insecure and can be brute forced with readily available cracking software. If your router supports WPS—not all do, happily—turn it off entirely.

5. Create a Guest Network

You’ll probably want to give visitors access to your Wi-Fi network so they can get to the Internet. The best way to do that is to create a guest network—a feature in nearly all Wi-Fi routers—separate from your main Wi-Fi network. It has a different name and password, and its traffic is isolated from yours, ensuring that even if a hacker were to access it, they wouldn’t be able to eavesdrop on your communications. It can have a simpler password since all it’s protecting is your bandwidth. One additional tip—put “Internet of Things” devices like smart appliances, video game consoles, and the like on your guest network to ensure they don’t provide access to your main network’s traffic if they’re hacked. You probably won’t want to do that with HomeKit devices, which will work better on the same network as your Apple devices.

6. Use Strong WPA2 or WPA3 Encryption

After changing the default admin password, this is the second-most important piece of Wi-Fi security advice. All traffic on a Wi-Fi network can (and should) be encrypted so hackers can’t eavesdrop with impunity. The first wireless security protocol was WEP (Wired Equivalent Privacy), which was commonly used from the late 1990s through 2004. Unfortunately, WEP is so easily broken today that it’s no longer considered secure. If you still use WEP, immediately switch to WPA2 (Wi-Fi Protected Access). There’s also WPA3, which is even more secure but is available only in hardware sold in the last few years.

Don’t Bother Hiding Your SSID

Finally, you may see suggestions that you should hide your Wi-Fi SSID, which prevents nearby devices from displaying it when they list available networks. That might seem like it would improve security, but all it does is prevent the sort of people who aren’t a threat anyway from seeing it. Anyone with the necessary software and skills to break into an unprotected or weakly protected Wi-Fi network can still detect and access a hidden network. They might even be more interested in what’s there, given that the network owner took the trouble to hide it. As long as you follow all the other advice in this article, there’s no benefit in hiding the SSID as well.

Bonus Advice: Use a VPN When on Public Wi-Fi Networks

Ensuring the security of your Wi-Fi network is essential, but what about public Wi-Fi networks in coffee shops, hotels, and airports? Because they’re open to anyone within range, they’re insecure by definition, and anyone on the network could theoretically see any other user’s traffic. Don’t panic. Most Web connections now use HTTPS, which encrypts traffic between you and the destination site (look for https at the start of URLs or a lock icon in the address bar of your Web browser). To ensure that all traffic is protected from prying eyes, use a VPN (Virtual Private Network), which creates an encrypted pipe from your computer to a VPN server elsewhere. Many organizations provide or even require VPN use so that traveling or remote employees can’t inadvertently use unencrypted connections. If your organization doesn’t have a VPN now but would like to set one up, contact us.

(Featured image by iStock.com/CASEZY)


Social Media: As more personal and work information passes through Wi-Fi networks, it becomes increasingly important that you follow this advice to secure your network.

If Your Holiday Gift Was a Tech Device, It’s Time to Change the Password!

Whatever consumer electronics product you can name, there’s probably a “smart” version that you configure via an app or Internet-connected interface once you’ve connected it to your Wi-Fi network. For ease of setup and to keep costs down, many such devices come pre-configured with not just a default username and password, but the same default username and password as all other units. That’s bad enough, but worse, most people never change those defaults, which is just asking hackers and malicious bots to break in and take over. This risk is real—it has happened to security cameras, baby monitors, light bulbs, DVRs, toasters, refrigerators, and even fish tanks. So, if you received any so-called “Internet of Things” devices for the holidays—or have one or more already installed on your home network—immediately change the usernames (if possible) and passwords to something more secure. Store the new usernames and passwords in your password manager for future reference.

(Featured image by iStock.com/EvgeniyShkolenko)

View and Copy Saved Wi-Fi Passwords in iOS 16

The iPhone and iPad have long allowed you to share Wi-Fi passwords with other nearby devices and people as long as they were in your Contacts list. But you couldn’t see those passwords, which is handy for sharing with non-Apple users and devices. In iOS 16 and iPadOS 16, you can now view and copy the stored Wi-Fi password for either the current network or any remembered network. In Settings > Wi-Fi, next to a network’s name (tap Edit at the top right to view stored networks), tap the blue information icon, tap Password, and authenticate to reveal the password. If desired, tap Copy to copy to the clipboard for pasting in another app, such as Mail or Messages.

(Featured image by iStock.com/denizbayram)

11 Features to Look Forward to in Apple’s 2022 Operating Systems

It’s that time of year again. Apple CEO Tim Cook and numerous Apple employees took the virtual stage again at the company’s Worldwide Developer Conference keynote on June 6th to share what we can expect to see later this year in macOS 13 Ventura, iOS 16, iPadOS 16, and watchOS 9. (Almost no mention was made of tvOS or the HomePod, but Apple will undoubtedly move them forward in small ways as well.)

The announcements came thick and fast, and like last year, many of the technologies cut across several of Apple’s operating systems. Before we dive in, however, remember that some older devices won’t be able to upgrade. Here are the basic system requirements, though certain features won’t be available on all devices:

  • macOS 13 Ventura: iMac, iMac Pro, MacBook, and MacBook Pro from 2017 and later. MacBook Air and Mac mini from 2018 and later. Mac Pro from 2019 and later. Mac Studio from 2022.
  • iOS 16: Second-generation iPhone SE, iPhone 8, and later
  • iPadOS 16: Fifth-generation iPad and later, fifth-generation iPad mini and later, third-generation iPad Air and later, and all iPad Pro models
  • watchOS 9: Apple Watch Series 4 and newer, including the Apple Watch SE

Here are the promised new features we think will have the most impact on your Apple experience. Assume that these features are available on the Mac, iPhone, and iPad unless otherwise specified.

Customizable iPhone Lock Screen

We’ve been able to put a photo on the iPhone’s Lock screen for years, but that’s it. With iOS 16, Apple is opening up lots of customization options along the lines of what you can do to Apple Watch faces. To start, you can customize the font, color, and placement of various options, just like a watch face. Photos dynamically display in front of the time, and you can have a set of photos shuffle throughout the day. Widgets from Apple and third-party developers provide at-a-glance information so you can check the weather, say, without even unlocking your iPhone. Notifications now scroll up from the bottom, and Live Activities help you stay up on the music that’s currently playing or the latest score in the big game.

Messages Gains Editing, Undo Send, and Mark as Unread

At long last, Messages will let us edit messages after sending, undo sending to call a message back, and mark messages as unread. The first two features are essential for clear communication, especially when you’re fixing auto-correct failures, and being able to mark messages as unread ensures that you won’t forget to respond to something that you read when you’re not in a position to reply.

Mail Adds Undo Send, Scheduled Send, Follow-up, and Remind Me

It’s surprising that Apple hasn’t spent more time on Mail in recent years, but that’s changing in 2022, when it will gain some welcome features that are commonplace in other email apps. You’ll be able to undo sending, which is helpful when you remember something to add to a message within 10 seconds after clicking the Send button. For more specific timing, scheduled send lets you specify when a message should go out. This is helpful when you are working on the weekend or late at night but don’t want your co-workers to feel that they need to reply right away.  Mail will also move sent messages that haven’t received replies to the top of your inbox so you can follow up, and you can set a reminder to come back to messages that you’ve opened but not dealt with (many of us just mark those as unread).

Multi-Stop Routing in Maps

No longer are you limited to a single destination when creating a route in Maps. You’ll be able to specify up to 15 stops on a route, making it easy to build a trip that includes a swing by your favorite diner, a quick visit with an old friend, and a pilgrimage to the World’s Largest Bull in Iowa.

iCloud Shared Photo Library Improves Family Photo Sharing

Apple’s latest attempt to help families share photos looks like the best yet—certainly better than the shared Family album that’s created for Family Sharing groups now. It will be a completely separate iCloud photo library shared with up to five other people. You’ll be able to populate it with all your existing photos or a subset based on start date or who’s in them. Everyone will have equal permission to add, edit, favorite, caption, and delete photos, so maintaining and improving it becomes a group activity. Sharing new photos will be easy with a switch in the Camera app, automatic sharing based on proximity to family members, and sharing suggestions in Photos.

Passkeys Aims to Replace Passwords… Eventually

Apple’s new Passkeys technology, which is associated with the work of an industry consortium called the FIDO Alliance to ensure cross-platform support, aims to replace passwords for websites and apps with private passkeys that are stored only on your device and accessed by Touch ID or Face ID. Passkeys are easier to use than passwords and significantly safer because they can’t be stolen from websites and each one is specific to the site for which you create it. They’ll be available on all your Apple devices, syncing end-to-end encrypted through iCloud Keychain.

Use Your iPhone as a Webcam for Your Mac

Mac webcams are nowhere near as good as the rear-facing cameras in your iPhone, so Apple is helping us improve our videoconferencing by using an iPhone as a webcam and microphone. The feature, called Continuity Camera, works wired or wirelessly and can automatically switch to using your iPhone as a webcam when you bring it close to your Mac. It provides Portrait mode to blur the background, Center Stage so you can move around, Studio Light to dim the background and illuminate your face, and even Desk View to show what’s on your desk in front of your Mac. Apple says Belkin will be making clips to attach your iPhone to your Mac.

Stage Manager Offers New Window Management Approach

We’re not yet sure what to make of Stage Manager, which is Apple’s new approach to window management on the iPad and Mac. It puts one app in the center of the screen while keeping other apps off to the side, making it easy to flip between apps or show multiple apps at once. It doesn’t replace traditional window management—you have to turn it on in Control Center—so you won’t be forced to change, but it might be welcome, especially on the iPad, where it also enables the use of an external display.

Simultaneous Dictation, Touch Selection, and Keyboard Editing

On the iPhone and iPad, you’ve been able to tap a microphone button to invoke Dictation, a huge boon when you want to send a message without typing. In iOS 16 and iPadOS 16, Apple has radically improved Dictation, so you can now simultaneously talk, type, edit on the keyboard, select text via touch, and use the Apple Pencil (on an iPad). Dictation will also automatically add commas, periods, and question marks as you dictate, and you can insert emojis with voice commands. Sadly, it seems that the Mac gets only the punctuation and emoji capabilities.

Medications App on the Apple Watch

Many of us have to take medications, vitamins, and supplements regularly. To help us better manage our health, Apple is adding the Medications app to watchOS 9. You’ll be able to enter your meds in the Health app on the iPhone, be alerted to any critical interactions between drugs, and have your Apple Watch notify you to take the right pills at the right times.

Weather App Appears on the iPad and Mac

Finally, because our list goes to 11, Apple says it’s bringing the Weather app to the iPad and the Mac. Since Weather has been on the iPhone since the beginning, it’s hard to fathom what took Apple so long. If you haven’t already jumped ship for one of the 17,000 other weather apps out there, you’ll be able to enjoy using Apple’s built-in app in iPadOS 16 and macOS 13 Ventura.

Apple’s upcoming operating system releases boast many other new features, and we plan to explore more of them once everything ships in a few months. We’ll let you know when it’s time to update!

(Featured image by Apple)


Social Media: At its Worldwide Developer Conference keynote, Apple announced oodles of new features that we’ll see in macOS 13 Ventura, iOS 16, iPadOS 16, and watchOS 9 later this year. Here are the ten—no, eleven!—features we think you’ll most like:

Easily Share Wi-Fi Passwords with Other People and Devices

You’re on vacation with your family, staying in an Airbnb, with multiple Apple devices to connect to the apartment’s Wi-Fi. Typing the password repeatedly would be a pain, but happily, Apple has added a password-sharing feature to all its operating systems. Once you enter the password on your iPhone, whenever someone else—or another of your devices—tries to connect to the Wi-Fi network, your iPhone will prompt you to share the password. Tap Share Password and then Done. It’s also a great way to share your home Wi-Fi password with a visitor. (For password sharing to work, both devices must have Wi-Fi and Bluetooth on and Personal Hotspot disabled, and you and the other person must have each other’s Apple ID email address saved in Contacts.)

(Featured image by Adam Engst)

Export Passwords from Safari to Ease the Move to a Password Manager

Although Apple has improved the built-in password management features in macOS and iOS (you can now add notes to password entries!), third-party password managers like 1Password and LastPass are still more capable. For those still getting started using a password manager, another new capability will ease the transition: Safari password export. To export a CSV file of your Safari passwords, choose Safari > Preferences > Passwords, and enter your password when prompted. From the bottom of the left-hand sidebar, click the ••• button, choose Export All Passwords, and save the Passwords.csv file to the Desktop. After you import the file into 1Password (instructions), LastPass (instructions), or another password manager, be sure to delete the exported file and empty the trash.

(Featured image by iStock.com/metamorworks)

Never Send Someone a Password in Mail or Messages: Do This Instead!

One of the big no-nos with passwords is sending them to other people as plain text in email or a text message conversation. You presumably trust your recipient with the password, but what if their email was hacked or phone stolen? Instead, always use a site like 1ty.me or One-Time Secret, which lets you turn a password into a Web link that can be opened only once. Send that link to the recipient, and when they get the password out, they can store it in a secure password manager like 1Password or LastPass.

(Featured image by Kristina Flour on Unsplash)