Comments on: How do a password secure an app in OS X?

Question: How do a password secure an app in OS X?

photoslob — Wed, 24 May 2006 09:49:13 -0800

How do I password protect a specific app in OS X?

I'm looking to password protect my address book in OS X so I can use it to store info like web site passwords and other sensitive stuff. I'd like to set address book to prompt me with a password when I open it. I might want to do the same thing with mail.app as well. Any ideas?

By: unixrat

unixrat — Wed, 24 May 2006 09:57:22 -0800

It's not a good idea - you don't really want to store your passwords like that.

OSX comes with Keychain built right in. This is exactly what it is designed for. More secure than anything you could jerry-rig with AddressBook.

By: Taken Outtacontext

Taken Outtacontext — Wed, 24 May 2006 09:58:05 -0800

Try this.

By: trevyn

trevyn — Wed, 24 May 2006 10:02:36 -0800

Another correct approach would be to make sure the data files are readable by your user account only (this should be true by default, but I haven't checked), then keep your user account (and the root/administrator account) secure—don't share your password, no auto-login, require password when waking from sleep, etc.

By: revgeorge

revgeorge — Wed, 24 May 2006 10:29:45 -0800

You could put it in FileVault, which uses AES-128 super-secure encryption would stop someone from running the app.

Of course that does nothing to help you, since someone could just open the data file and read out your passwords.

A much better plan would be to listen to unixrat and use Keychain.

By: danb

danb — Wed, 24 May 2006 10:33:15 -0800

Wallet looks like it might do what you want.

I've never used it before, so I can't vouch for its quality -- I just saw it linked the other day.

By: jack_mo

jack_mo — Wed, 24 May 2006 10:49:23 -0800

If you've got something against Keychain, I'd recommend CiphSafe for this, which has proved reliable for me over the last three years, is very simple to use and, from what I've read by folk who know more about this stuff than me, encrypts your passwords securely.

By: mcwetboy

mcwetboy — Wed, 24 May 2006 11:00:42 -0800

You already have password security: it's called your user account. Simply don't allow anyone else access to that account; create other accounts as needed.

By: cactus

cactus — Wed, 24 May 2006 11:05:02 -0800

trevyn, I disagree. If his computer is compromised, his passwords and other information are easily accessible. The same goes if someone breaks into his domicile and steals the computer or if he sends his computer in for repairs - his data would be easily accessible by anyone with physical access to the machine.

Encrypt the data if it's not something you would share with a stranger.

By: freq

freq — Wed, 24 May 2006 11:07:22 -0800

I've been using Pastor for a while, which works rather well for my needs. it can store all sorts of other useful info aside from just your logins and passwords, and does it in an encrypted file.

It appears to be a free app too (though i think you can register it for some additional functionality) I don't know, I've never needed it.

By: pmbuko

pmbuko — Wed, 24 May 2006 11:54:33 -0800

If you don't mind paying $40, Yojimbo is a fantastic information organizing tool that supports individual item encryption. I've just started using the demo and it's fantastic.

By: dmd

dmd — Wed, 24 May 2006 14:17:06 -0800

Er, what's wrong with using Keychain? That's what it's for.

By: dmd

dmd — Wed, 24 May 2006 14:17:26 -0800

Ack. Sorry, didn't read and notice everyone else already having said that.