You make good points, and I’m probably going to change my mind.
My previous view (which I think I got from MacSparky), 2FA is something you know (password) and something you have (device).
But in thinking through compromised website passwords, and 2FA being the solution, as you said, my 1PW password is secure, and I doubt my Touch ID will be compromised.
1 Like
That is immensely helpful, thank you–I didn’t think about only portions of the site/session being https encrypted. That makes sense. Thanks!
Also, you can use 2FA with 1Password. As in, you can use 2FA to open 1Password to get your 2FA code for your email account.
Hackers often set up fake networks with the same name as common WiFi hotspots then they capture what you’re doing when you try and log in to anywhere.
It’s not just WiFi, even mobile networks can be insecure. I travel a lot and I’ve seen lots of reports of unsecured mobile networks, particularly in Asia, India South America and Africa.
Hotel WiFi and coffee shops are notoriously bad, malware (such as keyloggers) can even be loaded onto your machine. I learned the hard way when I tried to log in to WiFi in a coffee shop. The WiFi connected, but didn’t work. Then, a few hours later I had my PayPal compromised (money was taken from my account). When I did some digging there was a keylogger installed and logs showed it was installed at the same time as when I tried to log into the network.
If you are always in the EU and USA and don’t use public WiFi, you’ll be safe.
I also like to use VPNs to bypass speed and website restrictions.
1 Like
A big reason not to use keychain is sharing password vaults. My wife and I have separate 1Password vaults but can access each other’s vaults. Allows us to handle things for each other without having to clutter up our own vaults with unrelated entries.
As for credit cards, I have all the contact information entered for each card and tagged with a wallet tag. If my wallet gets lost or stolen, I can see exactly which cards were in my wallet and who to call to cancel.
1 Like
Backups. Can we stop talking about backups?
I feel like this is one of those areas that is truly non-negotiable. If you don’t have a back-up plan, then you have a plan for loss. iCloud is only as good as the physical servers that power them (or even BackBlaze, for that matter). The newest MPU will give you the lowdown on why this is so important!
1 Like
I get it’s important and I do it but it seems like every fifth MPU episode is about backups. 
1 Like
MPU can stop talking about backups as soon as nobody loses data because they lack a working backup procedure.
4 Likes
I recently upgraded to a new iMac and used my SuperDuper backup to migrate my setup. Super quick. Then a couple weeks later something freaky happened to iCloud—it wasn’t syncing. Apple support engineers were able to resolve the issue, but I lost the work I had done the previous couple of days. Backblaze to the rescue—I had the files in about 10 minutes.
No way I would be without a solid, tested backup routine.
5 Likes
But is there really enough new in the world of backups to devote another episode to it? Once you have a system it should be very low maintenance except for occasional testing.
1 Like
I was appropriately reprimanded by the recent episode that iCloud Drive is not a backup solution. Time to purchase Backblaze!
1 Like