Tech Lockdown Part 1: Keeping your Mac, iPhone and Data Safe

| Analysis

Apple has done a pretty good job of making sure your Mac, iPhone, iPod touch and iPad are safe from remote hackers, and Mac OS X and iOS ships with built-in features to help keep prying eyes away from your personal files. Knowing how to use those tools, and what to do if your gear is lost or stolen, however, is up to you.

The best way to make sure your files and equipment are safe is to never let either slip out of your physical control. Anyone that can get to your computer or iOS device has a much higher likelihood of being able to look at or copy documents, or even walk away with expensive gear.

Leaving your computer, iPhone or iPad unattended even for a minute — like to run back up to the counter at your favorite coffee shop — is plenty of time for your expensive and potentially irreplaceable equipment to walk off never to be seen again.

MacBook Air: Pretty, but no Kensington lock port

If you have to leave your Mac unattended in public consider investing in a cable lock system. If you work where the public has easy access — or can see into — your office, cable locks are a great idea, too. Most Macs ship with a cable lock slot built-in, and securing your computer to a desk is often all it takes to keep honest people free from temptation and push thiefs on to easier targets.

The MacBook Air, both the original model and the new 13-inch and 11-inch ultra light models, are missing the security cable feature, so they can’t be locked to tables and other objects. The 11-inch MacBook Air is small enough that it can easily be pocketed and stolen from your coffee shop table with anyone noticing, too.

Passwords

Mac OS X supports multiple user accounts on the same computer, and each account can have its own unique password. While it may be easier to leave your password blank so you don’t have to enter it when installing new applications or updates, your Mac is much more secure — both locally and on the Internet — if you use account passwords because they act as a failsafe to keep unauthorized people from installing or removing applications without your approval. Requiring a password to log into your user account helps keep nosy people out of your files, too.

Make sure the passwords you use are difficult figure out because the harder they are to guess, the less likely someone will be to keep trying. “Password,” for example, is a really bad password to use. Words that can be found in the dictionary, family member and pet names, and birthdays are bad password choices, too, because they tend to be easy to guess.

The iPhone, iPod touch and iPad support passwords to keep people out of your data and apps, too. By default iOS device pass codes are disabled, but the feature is easy to turn on with a quick visit to Settings > General > Passcode Lock. With the release of iOS 4, Apple added the ability to use phrases instead of just four-digit codes. Phrases have the advantage of using letters, numbers and punctuation symbols, so they can be substantially more difficult to guess.

If you aren’t sure how to use four-digit pass codes or pass phrases, check out TMO’s Quick Tip and its easy to follow step-by-step instructions.

Bad news: Hackers made off with Gawker Media account passwords 

The number of passwords you use can snowball quickly if you spend any time online paying bills, handling banking tasks, buying products, chatting on Twitter or Facebook, or participating in Web forums. Using the same password for all of those online accounts may be easy, but it’s also dangerous because once someone guesses your password, they potentially have access to all of your online accounts.

Commenters on Gawker Media Web sites like Gawker, Gizmodo and Lifehacker recently found out the importance of using multiple passwords first hand when a group calling itself Gnosis made off with thousands of usernames and passwords. The group published the list on the Internet and commenters were left scrambling to change their Gawker Media account passwords, along with passwords for other online services that used the same passwords.

People that maintained different passwords for all of their online accounts, however, only had to change their Gawker account.

Agile Web Solution’s 1Password

Keeping track of multiple passwords can be such a pain, which makes applications like 1Password amazingly handy. 1Password stores all of your passwords, enters your login information on Web sites, and can auto-generate strong passwords for you. It’s available for Mac OS X and Windows, as well as the iPhone, iPod touch and iPad, and can auto-sync your password database between devices so your logins are available wherever you go.

Mac OS X includes its own password and account login manager called Keychain. The application keeps track of login information for wireless networks, email accounts, network servers, and more. Safari users can keep Web site login information in Keychain, too, and the application even sports a tool for showing how secure your passwords really are.

Keychain is a great tool, but isn’t as robust as 1Password at creating and maintaining passwords. 1Password also has the added benefit of running natively on Mac and iOS devices, so it’s easy to use your passwords wherever you go.

Disk Encryption

If someone manages to get their hands on your Mac without your permission, there’s a chance they could get into your personal files even if you rely on a password to keep people out of your user account. You can, however, keep all but the most sophisticated hackers out of your data thanks to Apple’s Disk Encryption feature in Mac OS X.

Disk Encryption locks down the contents in your Home directory so that your personal files stay private even if someone takes the hard drive out of your computer.

In the past, Disk Encryption took a pretty big hit on your Mac’s performance because the files you access are decrypted on the fly as they are used. More recent Mac models, however, can handle the decryption process much more efficiently, so most users won’t notice much of a change in how fast their computer runs. Despite the performance improvements in modern Macs, video and audio editors, along with hardcore Photoshop users, may want to consider staying away from Disk Encryption because disk intensive tasks can still slow you down noticeably.

Encrypting removable storage devices is a good idea if you want to protect that data from access should your external hard drives and flash memory sticks be stolen or lost. PGP’s Whole Disk Encryption handles that task well, although it often breaks — and leaves your data inaccessible — when Apple releases Mac OS X software updates. If Symantec’s PGP offerings are too expensive for you, GNU Privacy Guard is a free and open source alternative for encrypting files and folders.

Interested in learning more about protecting your Apple gear and your data? Check out part 2 of TMO’s Tech Lockdown series where we take a look at backing up your data, dealing with loss and theft, Find My iPhone, and other device tracking services.

Sign Up for the Newsletter

Join the TMO Express Daily Newsletter to get the latest Mac headlines in your e-mail every weekday.

5 Comments Leave Your Own

iVoid

You can, however, keep all but the most sophisticated hackers out of your data thanks to Apple?s Disk Encryption feature in Mac OS X.

Last I heard no one’s cracked AES-256 so besides a brute force attack on figuring out the password, are there other vulnerabilities in Apple’s Filevault or encrypted disk images?

ketty

Wow!!! That’s really amazing. I am always having problem with security reason. Apple did a really marvelous work.

digitalfix

Having had had a unfortunate incident where I had 2 Macbook Pro’s stolen AND a Mac Book Air All same time), then without the help of the police getting them ALL back I can tell you personally that using Lastpass (shut off access to everything remotely), and Prey or lojack on your machines and cell phones pays off Definitely.  Our house is in a decent neighborhood and thieves broke in on a whim and took them.  I do IT…  Don’t mess with the IT guy…  They ended up in jail and are still there after 6 months and have no date for release.  Happy Holidays right wink

Frank

Good tips. Apple users need to know the tuth.

http://applehaters.blogspot.com/2010/12/please-dont-believe-illusion.html

Lee Dronick

“Using the same password for all of those online accounts may be easy, but it?s also dangerous”

You can have your cake and eat it too.

For blogs, news sites, and other places that require a login, but are not too important from a security standpoint you can use the same password.

For online banking, insurance, work, and other such places you should use different passwords and ones that are secure.

Log-in to comment