Lock Down Your Root User

Mac OS X may sport a friendly user interface, but it is harboring a Unix core underneath. That means the security steps Unix pros take can apply to regular Mac users as well including making sure that root, the ultimate power user on your computer, is under your control and no one elseis.

By default, the root user on your Mac is disabled, but it doesnit have a password set, which is a potential security weak point. Setting a password makes it that much more difficult for bad guys to try to hack into your Mac.

I added a password to my root user account, and I also keep that user disabled. Hereis how:

  • Launch NetInfo Manager. Itis in Applications/Utilities.

  • NetInfo Manager
  • Click the padlock in the NetInfo Manager window and enter your administrator user name and password.
  • Choose Security > Enable Root User.

  • Enable your root user.
  • You should see an alert dialog telling you that your root user password is blank. Click OK.

  • Your Mac lets you know if you havenit set a root password yet.
  • Enter a password for your root user. Make sure it isnit a password that you are already using for another account on your Mac. Now click OK.

  • Enter a unique password for your root user.
  • Choose Security > Disable Root User.

  • Disable your root user.
  • Enter your administrator user name and password and click OK.
  • Click the padlock in the NetInfo Manager window to prevent any other changes.

Locking down your root user is important because anyone that gains root access to your Mac can do anything they want including deleting files or user accounts, installing applications without your knowledge, and siphoning off any information they want from your hard drive. That isnit likely to happen, but taking steps to help insure that it wonit happen is a pretty good idea.

<!--#include virtual="/includes/newsite/series/quicktip.shtml"-->