Keychain – Page 2 – WindowsTechs.com

How secure are passwords, usernames and tokens stored in KeyChain (iOS 15)

Posted on October 15, 2021 by pssios

As of iOS 15, users can pair their stored passwords with tokens. These are automatically populated by the OS via Safari on websites, when the user tries to login. That means, although the information is encrypted on the device, it has all … Continue reading How secure are passwords, usernames and tokens stored in KeyChain (iOS 15)→

Determine path of app prompting for access to macOS keychain item

Posted on May 25, 2021 by jsejcksn

Context
On macOS, when an app requests permission to access a keychain item, a prompt like this is presented:

git-credential-osxkeychain wants to use your confidential information stored in "github.com" in your keychain. The au… Continue reading Determine path of app prompting for access to macOS keychain item→

Export IOS Certificates and Configuration Profiles

Posted on December 30, 2019 by AppleTechy

Is there anyway to export a configuration profile from an IOS device that you have root on? So I have a device with an MDM profile with login credentials for a wifi network, VPN, and email authentication certificates. Is ther… Continue reading Export IOS Certificates and Configuration Profiles→

iOS secure enclave and jailbreak

Posted on September 29, 2019 by Ranjit Murali

If an iOS device is jailbroken, I understand an attacker cannot extricate key material from the secure enclave. But would they be able to use keys using CryptoKit within the enclave to encrypt a password stored within keycha… Continue reading iOS secure enclave and jailbreak→

Securing user secrets in KeyChain vs Keychain+Biometrics

Posted on September 24, 2019 by ke3pup

The common approach to secure user secrets in native applications seems to be storing the secret in keychain and adding an additional layer of protection by way of biometrics/touchId/FaceID.

My questions:

Does adding the ad… Continue reading Securing user secrets in KeyChain vs Keychain+Biometrics→

Storing the master password in a keychain

Posted on August 31, 2019 by xdhmoore

I tend to avoid putting my master keychain password in the keychain itself (in OSX, for example), but sometimes with federation of accounts and things, it would be convenient to do so.

Am I right to avoid this? I can’t real… Continue reading Storing the master password in a keychain→

KeySteal could allow someone to steal your Apple Keychain passwords

Posted on February 7, 2019 by Lisa Vaas

The researcher says it works without root or administrator privileges and without password prompts. But he’s not revealing how it works to Apple because there’s no money for him in its invite-only/iOS-only bounties. Continue reading KeySteal could allow someone to steal your Apple Keychain passwords→

Why is GPG-agent still caching my passphrase?

Posted on February 3, 2019 by Chris

I can not get gpg to prompt me for my passphrase when I want to decrypt a file. I tried including:

default-cache-ttl 0
max-cache-ttl 0

(also flipped the bit to 1)

within ~/.gnupg/gpg-agent.conf and then running either:
… Continue reading Why is GPG-agent still caching my passphrase?→

Mac OS X Security Keychain

Posted on November 7, 2018 by Kellep Charles

The keychain is a secure database store for passwords and certificates and is created for each user account on Mac OS X. The system software itself uses keychains for secure storage. […]
The post Mac OS X Security Keychain appeared first on Security… Continue reading Mac OS X Security Keychain→

Common Security Mistakes when Developing Swift Applications – Part I

Posted on October 21, 2018 by Paulo Silva

Overview: Data Storage and Communication Security Swift was first introduced in 2014 at Apple’s Worldwide Developers Conference (WWDC) as the iOS, macOS, watchOS and tvOS de facto programming language. Designed by Chris Lattner and many othe… Continue reading Common Security Mistakes when Developing Swift Applications – Part I→