How to Protect Your Shared Mac from Unauthorized Access
If security is a potential problem and you need to share a Mac between multiple users, lock things down. To protect Mac OS X Snow Leopard from unauthorized use, take care of these potential security holes immediately:
Disable the Sleep, Restart, and Shut Down buttons: Any computer can be hacked when it’s restarted or turned on, so disable the Restart and Shut Down buttons on the login screen. (After a user has successfully logged in, Mac OS X can be shut down normally by using the menu item or the keyboard shortcuts.) Open the Accounts pane in System Preferences, click the Login Options button, and deselect the Show the Sleep, Restart, and Shut Down Buttons check box. Press Command+Q to quit and save your changes.Disable some login options to protect your Mac.
Disable list logins: With a list login, any potential hacker already knows half the information necessary to gain entry to your system and often the password is easy to guess. Therefore, set Mac OS X to ask for the username and password on the Login screen. This way, someone has to guess both the username and the password, which is a much harder proposition.
Disable Automatic Login: A true no-brainer. Automatic Login is indeed very convenient. However, all someone has to do is reboot your Mac, and the machine automatically logs in one lucky user! To disable Automatic Login, display the Accounts panel in System Preferences and click the Login Options button; then click the Automatic Login pop-up menu and click the Off entry.
Disable the password hint. By default, Mac OS X obligingly displays the password hint for an account after three unsuccessful attempts at entering a password. Where security is an issue, this is like serving a hacker a piece of apple pie. Therefore, head to System Preferences, display the Accounts settings, click the Login Options button, and make sure that the Show Password Hints check box is empty.
Select passwords intelligently. Although using your mother’s maiden name for a password might seem like a great idea, the best method of selecting a password is to use a completely random group of mixed letters and numbers. If you find a random password too hard to remember, at least add a number after your password, like dietcoke9.
For even greater security, make at least one password character uppercase, and use a number at the beginning and ending of the password. Or, do the c001 thing and replace characters with numbers, like a zero that you insert in dietc0ke9. If you take an extra step and replace the i with a 1, thus making your password d1etc0ke9, you've got yourself a pretty strong password.