How to Lock Your MacBook Down

If security is a potential problem and you still need to share a MacBook between multiple users, lock things down. To protect Mac OS X from unauthorized use, take care of these potential security holes immediately:

  • Disable the Sleep, Restart, and Shut Down buttons. Any computer can be hacked when it’s restarted or turned on, so disable the Restart and Shut Down buttons on the login screen. (After a user has successfully logged in, Mac OS X can be shut down normally.)

    Open the Users & Groups pane in System Preferences, click the Login Options button, and deselect the Show the Sleep, Restart, and Shut Down Buttons check box. Press Command+Q to quit and save your changes.

  • Disable list logins. With a list login, any potential hacker already knows half the information necessary to gain entry to your system — and often the password is easy to guess. Therefore, set Mac OS X to ask for the username and password on the Login screen. This way, someone has to guess both the username and the password, which is a much harder proposition.

  • Disable Automatic Login. A true no-brainer. Automatic Login is indeed very convenient. However, all someone has to do is reboot your MacBook, and the machine automatically logs in one lucky user! To disable Automatic Login, display the Users & Groups pane in System Preferences and click the Login Options button; then click the Automatic Login pop-up menu and click the Off entry.

  • Disable the password hint. By default, Mac OS X obligingly displays the password hint for an account after three unsuccessful attempts at entering a password. Where security is an issue, this is like serving a hacker a piece of apple pie.

    Therefore, head to System Preferences, display the Users & Groups settings, click the Login Options button, and make sure that the Show Password Hints check box is deselected.

  • Select passwords intelligently. Although using your mother’s maiden name for a password might seem like a great idea, the best method of selecting a password is to use a completely random group of mixed letters and numbers.

    If you find a random password too hard to remember, at least add a number after your password, like dietcoke1. You also can use a favorite location spelled backwards, with a number mixed in — easier to remember than a completely random sequence of characters!

    For even greater security, make at least one password character uppercase, and use a number at the beginning and ending of the password. Or, do the “c001” thing and replace characters with numbers, like the zero that you insert in dietc0ke.

blog comments powered by Disqus
Advertisement

Inside Dummies.com