Mac OS X: resolving keychain issues

Screen Shot 2015-12-10 at 3.35.16 PMMy current work environment consists of mostly Macs authenticating against a MS Active Directory server (see my earlier post all about Joining Mac systems to Active Directory). One of the disadvantages of this setup – one that has prevented me from rolling out an agency-wide password expiration policy – is the fact that, when a user updates their AD-based password, Mac OS X, by default, doesn’t know how to automatically update the passwords that protect the users keychain.

Read more

All about two-factor authentication

2Factors_authorization_icon(Quite) a while back, I wrote about getting serious about password management – with that under control, I wanted to write about the next step in personal data security – two-factor authentication (2FA).

What is 2FA?

Two-factor authentication is a process whereby, whenever you sign in to a site or service, you are not only required to input your password but to subsequently enter a numeric code provided to you on the fly, either via SMS or via a code generator app on your mobile device. This additional step helps to ensure that you are, in fact, you and not someone else who has gotten their hands on your password. Unless the culprit also has your mobile device, then 2FA serves as an extra layer of protection.

Read more