C-Command Software Forum

'Show Passphrase' a little to convenient for prying eyes

Hi, would it be possible to add an additional layer of protection to make the showing of passphrases for encrypted DMG configurations less easy or convenient? I realise that one could argue that my login to the mac is enough and that the passwords are secure in the Keychain but the Keychain at least asks me for my login password in order to see the passphrases.

When you first use a passphrase in DropDMG, it will ask you for access to the keychain, and you can click Always Allow or Allow. If you click Allow you will be asked to unlock the keychain for each access, which I think will address your concern.

If you have already clicked Always Allow, you can go to the Keychain Access app, find the various DropDMG items that you want to protect, and go to the Access Control tab to remove DropDMG from the Always allow access by these applications list.

1 Like