Between September 2005 and July 2011 I was a regular contributor to MacFormat in the UK.
Whereas I’m posting the published articles for my MacWarehouse writing with the MacFormat ones I’ve decided to post the text as submitted, including any comments that I included for design. I am, however, allowing myself a few small edits for clarity.
The particular one is my sixth column, written in February 2006. This is presented purely as a historical record as much, if not all, of the information contained in it may well have changed in the meantime.
Securing your Mac, pt 2
In the last part of this article I discussed the risks that might occur with an isolated Mac. This month I’ll cover simple steps that you can take to secure that Mac from prying eyes. They won’t defeat a determined attacker but will help to stop the casual interest of the wrong person. You may not choose to take all of these steps but the more you do the more secure your Mac will be. The balance between convenience and security is ultimately your choice.
Have, and use, a firewall. Most Macs are connected to the internet for at least part of the day, some have a permanent connection via broadband. Statistics show that if an unprotected PC is connected to the internet it will probably be compromised in just a few minutes. Whilst Macs are more secure than PCs we cannot be blasé about our security. This article is too short to go into a great deal of depth about firewalls, I’ll save that for another time, but ensure that you turn on the one that is built into OS X and if you do have broadband make sure that either your router has a firewall built-in or you use a separate one. The OS X Firewall can be found by opening System Preferences, selecting Sharing and then selecting the Firewall tab. Turn the Firewall on and make sure that in the section labelled Allow you only have a check box against the services that you actually need.
Use a good password, and remember it. A password is of no use at all if all someone has to do is to look at a Post-It™ note stuck on your screen to find it. Use different passwords for different things. Don’t use names of pets or family, in fact don’t use real words at all. Mnemonics are useful, as it will be easier for you to remember a phrase than the individual characters and use a mix of upper and lower case and replace some of the letters with numbers or other symbols. Hidden away in OS X is the Password Assistant which will give you a good indication of the strength of your password. Open System Preferences and select the Security preference. Then click the button labelled “Set Master Password” and next to the Master Password box click on the question mark. The Password Assistant will now pop up and you can see how strong your own passwords are or try having OS X suggest some more secure ones for you.
Don’t have the Mac save passwords for you anywhere. It is very convenient to have your Mac start-up without having to enter a password, to connect to any servers automatically and to have usernames and passwords entered into websites for you. Life is much easier when you don’t have to remember all those passwords but what is a convenience when the rightful owner is sat in front of the Mac becomes a very real security risk when the wrong person is there. The more steps that someone has to go through to get to your information the more likely they are to give up before they get there. The first place to start is back in the Security preference pane. Select “Disable automatic login” and “Log out after… minutes of inactivity”. These two items will ensure that all users of the Mac will need to log in using their password and if they stop using the Mac for a period of time they will be logged out and will have to log back in again. Also select “Require password to wake…” which, in conjunction with setting your screen saver to come on after a period of inactivity, will give you two levels of security if you walk away from your Mac whereby, for example, the screensaver will come on after 5 minutes and require your password to unlock your Mac and after 30 minutes you will be logged out completely. The screensaver can be configured in the Desktop & Screen Saver preference pane and by selecting the “Hot Corners…” button you can set a corner of the screen as being somewhere to start the screensaver immediately. By doing this all you have to do is to move your mouse to that corner of the screen for a few moments and the screen will be locked with your password.
As an aside all users of the Mac have a password but there are a surprising number that don’t know that they have one. You will have had to enter it when you started your Mac up for the first time in the account creation part of the Setup Assistant and you will need it every time you install software on your Mac. If you can’t remember it for whatever reason now is a good time to change it to a more secure one. Go to the Accounts system preference and select your user name, which should be listed under My Account and click on the “Change Password” button. You can access the Password Assistant to help with setting a secure password from here as well, but this time the icon for it is a key. It is also good practice to ensure that all users of the Mac have a separate account. You can always share pictures, music etc. by keeping them in the /Users/Shared/ folder but by having a separate account for each user you enable them to not only keep private information private but everybody can have their account setup the way that they like it with different desktop clutter, dock icons and Finder preferences.