Category Archives: Apple

Five Things You Should Never Do with Passwords (and Three You Should)

Passwords are the bane of our modern existence. Nearly anything you want to do, it seems, calls for a password. As the Internet’s reach extends beyond computers and into phones, TVs, appliances, and even toys, we have to enter passwords with increasing frequency and in ever more annoying ways.

To make dealing with passwords easier and more secure, everyone should use a password manager like 1Password or LastPass. Such apps generate random long passwords like kD*SSDcCl7^6FN*F, store those passwords securely, and automatically enter them for you when you need to log in to a Web site. They are essential in today’s world.

You’ll still need a few passwords you can remember and type manually—for instance, the master password for your password manager and your Apple ID password. Make sure those passwords are at least 12 characters, and we recommend going to at least 16 characters.

If you’re unsure of the best way to create a strong password, try taking the first letter of each word in a sentence you can remember, and also change a few words to digits. Then “Now is the time for all good men to come to the aid of the party!” becomes a password along the lines ofNitt4agm2c2ta0tp!. So that no eavesdroppers learn your password, avoid saying your sentence out loud whenever you enter it! Or, combine four or five unrelated dictionary words, likecorrect-horse-battery-staple, that add up to at least 28 characters. (Don’t use the examples in this paragraph!)

When possible, take advantage of two-factor authentication on sites like Apple, Google, Dropbox, Facebook, Twitter, and more. Accounts protected by two-factor authentication essentially require that you enter a second, time-expiring password as part of the login process. You’ll get that second password via text message, authenticator app, or other notification method when you log in.

But what we really want to talk about today is what you should not do with passwords. Follow these tips to avoid making mistakes that can undermine even the security provided by a password manager.

  1. Don’t use the same password twice. This is key, because if the bad guys get your password—no matter how strong—for one site, they’ll try it on other sites.
  2. Don’t share passwords with anyone you don’t trust completely. That’s especially true of passwords to accounts that contain sensitive information or that can be used to impersonate you, like email and social media. However, sometimes you have to share a password, such as to a club blog with multiple authors. In that case…
  3. Don’t send passwords to shared sites via email or text message. If someone hacks into your recipient’s email or steals their phone, the password could be compromised. Instead, use a site like One-Time Secret to share a link that shows the password only once, after which the recipient should put the password into their password manager.
  4. Don’t write your passwords on sticky notes. Yeah, it’s a cliché, but people still do it. Similarly, don’t put all your passwords in a text file on your computer. That’s what password managers are for—if someone steals your computer, they can’t break into your password manager, whereas they could open that text file easily.
  5. Don’t change passwords regularly if you don’t have to. As long as every site has a strong, unique password, changing a password is a waste of time, especially if doing so makes you write down the password or communicate it insecurely. If you do have to update a password regularly, a password manager makes the task much easier.

We realize that it’s tempting to take the easy road and share a password with a friend via email or write a particularly gnarly one on a sticky note. But today’s easy road leads directly to identity theft and is paved with insecure password habits. You might think no one would pay attention to little old you, but times have changed, and organized crime is interested in any Internet account that can be cracked.

Looking for More Image Editing Power than Photos Can Provide?

In macOS 10.13 High Sierra, Apple significantly enhanced the editing capabilities of Photos, adding tools for adjusting specific colors, fine-tuning color and contrast via curves, and even focusing an image with vignetting. But it still lacks many features found in other image editors, including applying a filter to an arbitrary portion of an image and adding text to an image. Happily, the latest version of Photos brings back a feature from iPhoto that lets you edit any image with any editor on your Mac. Just Control- or right-click a photo and choose Edit With > YourFavoriteImageEditor, and the photo opens in that app. Make your changes, and when you save, those changes are reflected in the version in Photos.

Learn How You Can Adjust Web Site Behavior with Safari’s Site-Specific Settings

Although macOS 10.13 High Sierra was light on new features, it did bring one welcome addition to Safari—site-specific settings. Imagine that you regularly visit a blog that you prefer to read using Safari’s Reader view. Rather than invoke it each time you visit, you can now set Safari to use Reader automatically on that site. Similarly, if there’s a site whose text is too small, Safari can remember your page zoom setting for that site. Neat, eh?

Here’s how to make the most of Safari’s site-specific settings. First, load a site whose settings you’d like to customize. Then, choose Safari > Preferences and click Websites in the toolbar. You see a list of general settings in the sidebar at the left, followed by any plug-ins you’ve installed. For each setting or plug-in, you can set what happens when you visit the site you just loaded—or, if you have a bunch of sites open in different tabs, you can customize the behavior for any open site. Here are your options.

Reader

Reader view displays an article as a single page that’s formatted for easy reading, without ads, navigation, or other distractions. It’s such a significant change that it’s off by default—you enable it by clicking the Reader button to the left of the URL in the address bar. To turn it on for all of a site’s articles, in Safari’s Websites preferences, select Reader and choose On from the pop-up menu next to the site name.

Content Blockers

Another way of seeing fewer Web ads is to install a Safari content blocker. Choose Safari > Safari Extensions to open Safari’s Extension Gallery, and then scroll down slightly to find the page’s Search field, where you can search for blocker. There are lots—look for one like Adguard AdBlocker that supports Safari’s content blocking API. Once you’ve installed one, select Content Blockers in the Websites preferences. By default, Safari blocks ads on all sites, so choose Off from the pop-up menus for sites whose ad content you want to see.

Auto-Play

Little is more annoying than sites that play a video when a page loads, distracting you from the text you want to read. Even worse are those sites—Macworld, we’re looking at you—that auto-play videos that aren’t even related to the page. Safari squelches auto-playing videos by default, but for sites like YouTube, you might want to allow videos to play. You can also choose to stop only videos that have sound.

Page Zoom

It’s easy to hit Command-Plus to zoom in on a page, increasing the text and graphics proportionally, but who wants to do that every time you visit a page sporting barely readable words? With the Page Zoom setting, Safari will use your preferred zoom every time you visit a particular site. In fact, you don’t have to do anything other than set a zoom level with Command-Plus when you’re viewing a site because Safari remembers it automatically, as you can see in the Configured Websites section for Page Zoom. To tweak it manually, choose a zoom level from the site’s pop-up menu.

Camera & Microphone

Apart from Web conferencing services, you’re unlikely to run across many sites that want to access your Mac’s camera and microphone. That’s why the Camera and Microphone settings default to asking you whenever a site wants permission to record you. If you find it irritating to be asked constantly by a site you use often, choose Allow from the pop-up menu for that site. And if a site asks repeatedly but you never want to allow it, choose Deny to stop the prompts.

Location

Most Web sites that ask for your location want to determine how close you are to particular stores. If that’s information you’re interested in sharing, let them see where you are, by all means. And if you’re using a mapping service that wants your location, it’s entirely reasonable to set its pop-up menu to Allow. But if a site keeps asking and it feels creepy, set it to Deny.

Notifications

Are there sites whose new posts you’d like to know about right away? If they support Web notifications and you give them permission, they can post push notifications that appear on-screen and in Notification Center, just your other notifications.

The Notifications preferences look different from the others because they show only sites that have asked for permission in the past. Safari remembers your choice, and if the site gets annoying later, you can always take back permission by changing the Allow pop-up menu to Deny. And if you never want to be prompted for push notifications—they can be distracting—uncheck the “Allow websites to ask for permission to send push notifications” checkbox at the bottom of the pane.

Plug-ins

It’s impossible to know what plug-ins you’ve installed, but Safari is configured to make sites ask for permission to use a plug-in each time you visit. That’s the safest setting, but for any given site and plug-in, you can use the pop-up menu to give the site access (choose On) or not (choose Off). And if you can’t even remember what a plug-in does, you can deselect its checkbox to disable it.

That’s it! Some of Safari’s site-specific settings work without any interaction from you, such as your page zoom and notification preferences. Others require a tiny bit of configuration, but that’s a small price to pay for the Web working more the way you want.

Apple Lowers Battery-Replacement Pricing for iPhone 6 and Later

Did you hear about the battery-related controversy swirling around Apple at the end of 2017? There has been much hue and cry about how, starting with iOS 10.2.1, iOS has been slowing down iPhones with old, weak batteries to avoid unexpected shutdowns. In response, Apple posted A Message to Our Customers about iPhone Batteries and Performance to explain what was going on. Apple announced that it would reduce the price of out-of-warranty battery replacements for the iPhone 6 and later from $79 to $29 through December 2018. The company also said that an upcoming iOS update would give users more visibility into the health of their iPhone battery. The practical upshot of this is that if you have an iPhone 6 or later that suffers from short battery life or unexpected shutdowns, make sure to take advantage of the $29 replacement price this year.

Did You Know that Apple Pay Updates Your Credit Card Details Automatically?

File this as reason number 17 why Apple Pay is better than plastic. Let’s say your credit card expires and your bank sends you a new card with a revised expiration date. Or perhaps your bank replaces your card with one that has a new number. Either way, most credit card issuers automatically update the credit card expiration date and number in Apple Pay so you don’t have to make those changes yourself. (If your bank doesn’t do this, you’ll have to remove the old card and add the new one.) However, if you move or change your billing address, you’ll need to update that info yourself: in iOS, go to Settings > Wallet & Apple Pay; in macOS on a MacBook Pro with Touch ID, go to System Preferences > Wallet & Apple Pay.

Follow This Quick Tip to Put Calendar Events in the Right Place

Apple’s Calendar apps in both macOS and iOS let you manage multiple calendars, some of which may be private and others may be shared with family or colleagues. That’s great, but if you create a new event on the wrong calendar, you may end up oversharing with colleagues (who don’t need to know about your colonoscopy) or undersharing with your spouse (who does need to know about the soccer carpool). To reduce the chances of this happening, set the most appropriate calendar as your default. In macOS, you do this in the Calendar app, in Calendar > Preferences > General > Default Calendar. In iOS, set it in Settings > Calendar > Default Calendar.

You Can Now Scan QR Codes with the Camera in iOS 11

You’ve undoubtedly seen those odd-looking square QR codes on product packaging, a business card, or a flyer. In the past, you needed a special app to scan a QR code to see what Web URL, contact card, Wi-Fi network, or other piece of information it held. In iOS 11, though, you can just point your iPhone or iPad camera at a QR code—no need to take a picture! Then tap the notification that appears at the top of the screen to display whatever data was encoded by the QR code.

Don’t Use These Products to Clean Your iPhone (Or You’ll Wish You Hadn’t)

All iPhones pick up fingerprints, and it’s all too easy to get your iPhone dirty with ink, lotion, makeup, dirt, food, and oil. If you’re faced with an iPhone that needs cleaning, resist the urge to spray it with window cleaner, rubbing alcohol, or ammonia, or, even worse, to scrub it with baking soda or Borax. That’s because all iPhones have oleophobic—oil repellent—coatings on their glass surfaces that make it easy to wipe off fingerprints. You don’t want to remove that coating any faster than it will wear off normally, and cleaning products will strip it quickly. Instead, Apple recommends a soft, lint-free cloth such as you would use for glasses or camera lenses. By the way, even though the iPhone 7 and later have some level of dust and water resistance, it’s important to avoid getting moisture in the openings—most of the time, a lens cloth should be all you need.

What You Need to Know about Face ID on the iPhone X

Apple’s new iPhone X does away with the Home button, which has been a fixture since the original iPhone and has long served as the Touch ID sensor. To replace Touch ID, Apple developed a new facial recognition technology called Face ID. With Face ID, the iPhone X scans your face to authenticate you instead of using your fingerprint. It is truly amazing technology, but we’ve been getting questions that we’d like to answer here. If you have others, get in touch!

How does Face ID work?

Magic. Well, close. As science fiction author Arthur C. Clarke said, “Any sufficiently advanced technology is indistinguishable from magic.” Face ID is cutting-edge technology that uses Apple’s TrueDepth camera system to project over 30,000 invisible dots onto your face. Then it illuminates your face with infrared light and takes an infrared image. Finally, it translates that image into facial recognition data that’s encrypted and stored within the iPhone’s Secure Enclave (the data never leaves your iPhone).

Face ID updates its mathematical representation of your face over time to keep up with how your appearance changes.

How secure is Face ID?

Extremely. Apple claims that Touch ID’s false positive rate—the number of people who would have to try logging in to your iPhone before someone would succeed randomly—is 1 in 50,000. In contrast, Apple says that Face ID’s false positive rate is 1 in 1,000,000. It can’t be fooled by a picture or a simple mask, although a high-enough quality 3D reproduction of your face might get past it, just as a sufficiently good cast of your fingerprint could fool Touch ID.

However, Face ID has trouble distinguishing between identical twins and siblings who have nearly identical features. So if you have an evil twin, stick to a Touch ID-based iPhone or your passcode! The probability of an incorrect match is also higher with children under 13, since their facial features haven’t become sufficiently distinct yet.

By default, Face ID works only when you look at the iPhone X—it can’t be unlocked by your face when you’re sleeping.

How fast is Face ID?

Not quite as fast as Touch ID in current iPhones, but fast enough that you likely won’t notice. When you pick up your iPhone X so you can look at it, Face ID will, in most cases, have already recognized you.

This quick recognition is possible in part because the iPhone X can start scanning early, thanks to iOS’s Raise to Wake feature and a new Tap to Wake feature that automatically wakes the iPhone X when you touch the screen.

What if Face ID doesn’t work?

First off, things like wearing a hat, scarf, or glasses won’t confuse Face ID, nor will growing or shaving a beard. Thanks to that infrared camera, it even works in complete darkness. However, Face ID does fail occasionally. One reason for a Face ID failure is holding the iPhone X too close to your face—this is easy to do accidently if you’re nearsighted and not wearing your glasses. (Some sunglasses prevent Face ID from seeing your eyes, but you can work around that problem by disabling Require Attention for Face ID in Settings > Face ID & Passcode.)

To make Face ID retry a facial scan, hold the iPhone X at a normal viewing distance, tilt it away from you, and then tilt it back to your normal viewing position. If that doesn’t work, or if you want to let someone else use your iPhone, enter the passcode. Entering the passcode is always an option.

Alas, unlike Touch ID, which let you enroll up to five fingers (so family members could unlock your iPhone without using the passcode), Face ID lets you have only a single face.

Can I use Face ID for anything besides unlocking?

Yes, Face ID completely replaces Touch ID, so you can use it to authenticate when you’re using Apple Pay, or the App Store or iTunes Store. Plus, apps that previously relied on Touch ID, such as the 1Password or LastPass password managers, will automatically use Face ID instead.

We hope Apple can make the hardware necessary for Face ID cheaply enough to bring it to other devices as well. Wouldn’t it be nice if you could walk up to your Mac and have it automatically unlock because it had recognized your face?