I will make life difficult for anyone trying to break into my Mac or my online accounts by choosing excellent passwords and protecting them properly.
Choose strong passwords
Miscreants wanting to break into one of your accounts would start by trying to guess your password. They’d begin with words and numbers that have significance to you. Therefore, you should
use the following as passwords: your name or nickname; the names of your spouse, kids, or pets; your birthdate, anniversary, or spouse’s or kids’ birthdays; any part of your address or telephone number; any word or phrase associated with your hobbies, favorite sports teams, or book or movie quotes; anything else that someone who knows you well might be able to guess, or that could be found in public records.
But even a seemingly random password is not necessarily secure. For more advice on choosing better passwords, see
Fix Password Glitches.
However you choose your passwords, be sure to use different ones for each account. If you use one password for everything, all your data can be compromised if someone guesses it. Again, see
Fix Password Glitches
for more details.
4. Makes you practically invulnerable.
3. Good, strong protection—but a really determined intruder can overcome it.
2. Helps deter casual meddlers, but someone who wants to get in will.
1. Makes you feel better, but won’t really keep out intruders.
4. Let’s be honest: it’s a pain in the neck.
3. Takes consistent, considerable effort.
2. Takes a little effort, but it’s not a big problem.
1. Set it and forget it.
Change your keychain password
OS X stores passwords for things like AirPort base stations and file servers in a special encrypted keychain file; Safari also uses this file for storing user names and passwords.
The keychain presents several problems, however: by default it uses the same password as your user account; also, when you log in, you automatically unlock your keychain; and worse, when you turn on your Mac, your keychain automatically unlocks by default (unless you manually change some settings).
The best solution is to change your keychain password. To do this, open Keychain Access (in /Applications/ Utilities/). If the button in the bottom left corner of the window says Show Keychains, click on it. In the Keychains list in the top left corner, select your default keychain, which appears in boldface (it’s usually called “login,” but it may have another name, such as your short user name). Then choose Edit: Change Password For Keychain
, enter your current password, type in and confirm a new password, and click on OK. Thereafter, the first time OS X needs to access your keychain after you log in, it will prompt you to enter your new keychain password to unlock it.
Keep your passwords safe
Your passwords, and especially your keychain password (since it protects other passwords), are valuable pieces of information. If you write them down on a sticky note attached to your monitor, it doesn’t matter how long or complex they are—they’re no longer secure. For maximum security, memorize your login password and your keychain password (plus the password to your third-party password vault, if you use one). As long as you have those two or three passwords committed to memory, you can let your computer remember all your others for you.
In some cases, however, you actually
security by keeping your passwords only in your head. For one thing, you could forget them, especially if you don’t use them every day. For another, an emergency could arise in which someone else legitimately needs to know them. If you were incapacitated, for example, your spouse might need access to your medical records, or your business partner might need to get at your company’s financial data. To prepare for such eventualities, make sure an appropriate other person knows your login and keychain passwords. If this means writing them down, be sure to put them in a mutually agreed upon place where they’re unlikely to be found accidentally.
Joe Kissell is the senior editor of
and the author of
Take Control of Passwords in Mac OS X
(Take Control Books, 2006).
Keychain Access: Unless you change your default keychain password, a stranger could have access to all your passwords.