"Chicken and egg" problem [Resolved]
I have started using a password manager a few months ago, and switched completely to 1Password last week. All my passwords are generated long-ass strings of characters and this is awesome: I do not have to know any of them. Except one: my primary iCloud account. There are a couple of places I think I still have to fill it in from memory.
When I create a new user on a Mac I have to log into iCloud. I can skip this during OS setup and login later, so this probably is not a problem. However I purchased 1Password from MAS and sync via iCloud. In order to download the purchased app I have to log into MAS. If my iCloud password is a random string of 40 chars I will have to either write it down in advance or open 1Password on another device. In both cases I will have to type these 40 chars manually. Not very convenient. To avoid this situation I have to keep the old-fashioned password for now, something I created myself and which is not too secure compared to the 40 char string.
Same problem with setting up a new iOS device. Probably can be worked around by having an iTunes backup to restore from, but what if I am away from the computer? Or if I need to start fresh?
This all sucks because the primary iCloud account is kind of the most important one: credit card, purchases, email, etc. I'd like to not have to know this password.
Am I exaggerating? Is this problem easily avoidable and I am just not seeing it?
Comments
-
Diceware is the often suggested solution. Check various forum threads about it.
By the way, I don't know if the iCloud password restrictions are different from those for an AppleID, but the latter is restricted to 32 characters.
0 -
@danco I think you are right here. 32 is fine though, I was talking in general.
So you suggest I should make my iCloud password complex and memorable, basically similar to my master password for the safe? I guess it is one way, but I still want to hear somebody disprove me on the chicken-egg here.
0 -
Hi @voimala,
I'm glad @danco was here to give you advice - that's precisely what I was going to say. :) I use Diceware for both my iCloud and my iTunes AppleID (because Apple seems keen on making me enter each of these pretty constantly), and for my Dropbox password so that I can always access my 1Password data stored there. Have a read-through our security guru's blog post: Towards Better Master Passwords, which discusses how passwords made with Diceware can be really secure. (The easy to remember/type bit is the reason that I love them so much for those few passwords that I do need to keep in my brain.)
0 -
Hi @voimala,
I'm so glad to hear that the Master Password post helped - I've found it extremely useful too. :)
Since this issue is nicely sorted out now, I'll close this thread, but if you have any further questions or concerns, please don't hesitate to open a new thread, or email us directly at support@agilebits.com - we're here for you. :)
0
