I will keep my Mac safe from other users

By Joe Kissell, Macworld
October 09, 2007 09:20 AM ET

When it comes to security, you may be your own worst enemy. What puts you at risk is not so much the firewall, antivirus, or other security software you do (or don't) use as much as the bad habits you may have picked up. Careless computing puts your data, and even your identity, at risk.

So what are you supposed to do about it? Start developing some new habits. That's why we've assembled the following security manifesto for Mac users: 5 promises you should make to yourself to avoid compromising your security.

We've also included some concrete steps that'll help you keep those promises. Some of those steps might seem familiar or obvious. But you'd be surprised how many savvy Mac users still avoid them. (For your convenience, we've graded each one on a scale of 1 to 4 for the amount of security it provides and the hassle it entails.)

I know that anyone can access my computer whenever I'm not looking, so I'll try to prevent others from getting at my private data.

Related Content

Use admin accounts for administration only

Security: 2

Hassle: 1

When you initially set up your Mac, OS X creates a single user account for you. That account includes administrative rights, which give you the authority to install, change, or delete anything on the computer.

Using that administrator account as your normal, day-to-day login account can be risky. First, you make it easier to mistakenly change or delete something crucial to your computer's operation. And second, you open a potential security hole: if you step away from your computer without logging out, someone else will have complete access to your Mac's data and settings. So the safest course is to set up a second user account, without administrative privileges, and use that as your main day-to-day account. When you need to install software or perform some other administrative tasks, you can still log in to the administrator account.

To set up a new nonadministrator account, open the Accounts pane of System Preferences. If the lock icon in the bottom left corner is closed, click on it and enter your administrator password. Then click on the plus (+) icon to create a new account. You can use the same first and last name as in your existing account, but you must choose a different Short Name. Enter and verify a password, but do not select Allow User To Administer This Computer. Then click on Create Account. If you want to transfer any data (such as preferences files or e-mail messages) from your current account to the new one, drag the items from their current location in your Home folder to the corresponding location in the new account's Home folder.

Now, choose Log Out user name from the Apple menu and log back in as the new, nonadministrative user. From now on, use your standard account except when you have a specific reason not to.

Don't share user accounts

Security: 2

Hassle: 2

If more than one person uses your computer, make sure each user has a separate account. Doing so keeps mail, documents, keychains, browser history, and other personal data safe from casual snooping.

For more Mac news, visit Macworld. Story copyright Mac Publishing, LLC.