In a world where security is becoming increasingly important, we’ll show you what to do to keep your Mac safe.
Apple already has a lot of security features baked into the Mac. From its strong, well tested Unix foundation to the built-in privacy features of OS X, it’s one of the most secure operating systems available to consumers. A lot of users, however, make mistakes in their daily usage that can severely compromise the security of their Mac. We’ll show you these pitfalls and help you lock down your Mac to make your privacy, digital information, and even your hardware less likely to be compromised.
Here we’ll cover security for user accounts of your computing workflow.
It has been said that a computer is only as secure as the user. That’s why we begin ou journey of making your Mac more secure here: if the user level of your Mac is left unsecured, then you are vulnerable to unwanted access to your machine. Let’s look at how we can make this part of your computing workflow safer.
The first line of defense in any computer system is to secure your user account with a strong password. When someone has access to all of your files, your browsing history, your applications, and sometimes even your online accounts and passwords (if they are not stored securely). This is why it is very important to create good passwords and rotate them frequently.
Rotating (or changing) your passwords ensure that if someone were to get your password, it will not work once it has been changed. For system account passwords, we recommend changing them anywhere between every six months to a year.
If you have never set a user account password in OS X, then your system can be easily accessed by just specifying your username. This can be fixed by setting up your password for the system. To do this, open System Preferences by going to the Apple menu selecting “System Preferences.” Next, navigate to Users & Groups > Your User Account > Password. Once there, click on the “Change/Set Password” button.
In the dialogue that appears, enter your old password (if there is no old password, then leave this field blank), then type in your new password and verify it. You can optionally set a password hint only jogs your memory about the password you’ve set and does not include any information about the content of your password.
When you’re ready to secure your account, click on the “Change Password” button. Remember this password, as you’ll need it log into your computer and to make changes to your system.
Setting a password is essential, but there’s another oft-forgotten piece of the puzzle: your hard drive. Even though you’ve got a password set on your account, it controls only your login and access to your account. Files in your account are still written to the hard drive in plain sight. If someone is able to get physical access to your Mac, then they can easily read the files from the internal drive connecting it to another machine while your Mac is in Target Disk Mode, or by removing the drive and placing it in another computer.
To solve this, Apple introduced FileVault. This feature of OS X encrypts your entire device, files and all. This means that if someone were to gain access to your hard drive, they would not be able to read your files. The only way that the drive can be unencrypted is if someone had access to your OS X user password or had access to the recovery key.
Setting up FileVault to encrypt your Mac is an easy process. To enable it visit System Preferences > Security & Privacy > Filevault. Once here, click the “Turn on FileVault…” button. After doing this, you will be presented with a “safety net” passcode. Write down and keep this passcode in a safe place. If you forget your user user account password, this passcode can be used to decrypt your Mac’s hard drive.
On the next screen, you have the option to store your recovery key with Apple. If you choose to store your password with Apple, then you will be able to contact Apple to retrieve the passcode should you forget it in the future. This added level of safety means that you can still access your files, even in the worst case scenario. After selecting your options and filling in the security information, you will be prompted to restrat your Mac. This will begin this encryption process.
Upon restarting, your Mac will begin the lengthy process of encrypting your hard drive and all of its files. This process can take quite a while, so you may want to start this in the morning and let it run all day. Depending on the size of your device, it can take upward of 12 hours or more. The wait is worth it: your Mac will be better protected once the encryption process has completed.
One difference with your Mac that you will notice is the startup: on the Apple boot screen, you will now be prompted to sign into your Mac’s user account. This is due to the fact that your Mac must now decrypt the hard drive before booting into OS X.
3 System Preferences to Promote security:
With a little help from System Preferences, you can further lock down your Mac to prevent unauthorized access to your computer.
1. Turn off auto login:
Having your Mac automatically log into your user account poses a huge security risk. You can reduce this security risk by visiting System Preferences > Users & Groups > Login Options. Once there, ensure that the drop-down menu option for “Automatic Login” is set to “Off.” Note that if you’ve turned on FileVault, then Auto Login will be turned off by default.
2. Turn on password requirements:
When you leave your Mac unattended without any password requirements, then anyone can easily walk upto your machine and access the entire computer, files and all. To curb this issue, OS X features password requirements that can be set in System Preferences > Security & Privacy > General. Ensure that the checkbox for “Require password immediately after sleep or screen saver begins” is checked so that you’ll be required to enter your password in order to strat using your Mac again.
3. Turn on Firewall:
While the router on your network provides a firewall to the outside world via the internet, whenever you’re on a public network, your Mac is vulnerable to network trickery. To enable the firewall, visit System Preferences > Security & Privacy > Firewall. Once there, click on “Turn On Firewall.” from this point on, any unauthorized incoming network connections will be blocked. We especially recommend turning this on when using a portal Mac over an open, shared Wi-Fi network connection.