Test passwords with Apple's Password Assistant

If you have frustrating experiencing with generating secure passwords, the Password Assistant tool in OS X is a great option to try.

Security is required everywhere, be it for logging in to your computer, accessing e-mail, or accessing Web services such as banking or social media. At the root of the security is, of course, your password to access these services.

While being able to remember a password is hard enough, warranting tools like 1Password and Apple's Keychain to help store them, another area of frustration is attempting to come up with a good and secure password, or at least being able to check those you already have. In general, the more complex and long a password is, the better; however, many times people resort to using patterns that are easy to remember, such as combinations of names or words, many of which are dictionary terms that make them much easier to figure out than a random password.

Password Assistant button
If an application or system service is built with the Security framework, then it may allow you access to the password assistant by clicking this button (you do not need to change your password to use this tool). Screenshot by Topher Kessler

Unfortunately, once you have created a password or password scheme that seems secure and perfect for your uses, many times it will not work for specific services that have restrictions such as using only letters and numbers with no punctuation or special symbols, or have a specific length range for the password. In these instances you now have to either change your password scheme to accommodate the service, or create a new scheme altogether.

If you find yourself constantly coming up with new passwords for your services and have ever wondered about how secure they actually are, Apple has a tool built into OS X that might help in this process, as it not only will check your passwords for security but will also help you generate one if needed.

Apple's Password Assistant is not a standalone application that you can open; however, as part of its Security framework (a centralized application programming library) it can be accessed from any program that was built with this framework and includes a button that allows you to invoke it. Many programs include this framework, but a couple of easy and readily available options are Apple's Keychain Access utility and the Users & Groups (or Accounts) system preferences.

Password Assistant
Sometimes simply adding a single character is enough to greatly enhance the security of a password. In this case simply adding a punctuation character results in an acceptably secure password. Screenshot by Topher Kessler

In Keychain Access, just select New Password Item from the File menu and then click the little key button to the right of the password field. In the Users & Groups system preferences, click the Change Password button for your account and then likewise click the key button to the right of the password field. In both cases the password assistant window will appear, with a number of options for checking or generating passwords.

Password checking

If you plan on checking your password, click the Suggestion field and then type your password. As you type, the tool will display a few suggestions in the tips field about your password, such as whether it includes dictionary words, or whether it is too short or needs alternative characters like numbers or punctuation. In addition to the tips, the tool will display the password strength with the Quality indicator, which will show a progressively green bar as the password gets more secure.

Sometimes simple alterations to a password are enough to change it from an insecure one to a secure one. For instance, the password "mypassword" is horrible and is indicated as being so by a short red bar in the password checker. However, if you add a single number or punctuation mark between the two words, such as "my>password," then despite the words being in the dictionary, the checker tells you this is a far more desirable password to use.

Password generation
In addition to checking your existing passwords you can have the Password Assistant generate new ones for you based on a number of different criteria. To generate a password, first select a password scheme from the Type menu, which includes the following options:

  • Memorable
    This is perhaps the best option to use, since it uses wordlike phrases intermixed with punctuation and symbols, such as "oaf7)songsmith." These options are far easier to commit to memory than others.

  • Letters and Numbers
    This will create passwords that only include alphanumeric characters. Unfortunately there is no option to create a Memorable password with this option, but one approach to doing this is to first create a Memorable password type and then replace its symbol and punctuation characters with a number of your choice.

  • Numbers Only
    This is essentially a random number generator.

  • Random
    Similar to the Numbers Only option, this is a random character generator. This is perhaps the most secure option, but the passwords come with the drawback that they are not as easy to remember as the Memorable option.

  • Password Assistant
    You can select from a number of generated passwords, or select More Suggestions to create new suggestions. Screenshot by Topher Kessler
  • FIPS-181 compliant
  • This generator creates passwords that comply with the FIPS-181 standard, but in my experience tends to come up with passwords that are less secure for the same number of characters as the Memorable or Random generators.

When you select one of these options, the passwords will automatically be generated and the first one will be displayed in the Suggestions field from where you can right-click it to copy it wherever you would like. To select another suggestion, click the down arrow to the right of the suggestions field and a menu will appear with a number of alternative suggestions. If you would like to generate more passwords, just choose the More Suggestions option at the bottom of the menu.

If the passwords being generated are not as secure as you would like, then you can adjust the length of the password to make it stronger. The length slider will allow you to set the generated password length to between 8 and 31 characters, and in most cases a small increase by only a couple of characters is enough to greatly enhance the password's security.



Questions? Comments? Have a fix? Post them below or e-mail us!
Be sure to check us out on Twitter and the CNET Mac forums.

Tags:
Computers
About the author

    Topher, an avid Mac user for the past 15 years, has been a contributing author to MacFixIt since the spring of 2008. One of his passions is troubleshooting Mac problems and making the best use of Macs and Apple hardware at home and in the workplace.

     

    Join the discussion

    Conversation powered by Livefyre

    Show Comments Hide Comments
    Latest Galleries from CNET
    The best and worst quotes of 2014 (pictures)
    A roomy range from LG (pictures)
    This plain GE range has all of the essentials (pictures)
    Sony's 'Interview' heard 'round the world (pictures)
    Google Lunar XPrize: Testing Astrobotic's rover on the rocks (pictures)
    CNET's 15 favorite How Tos of 2014