Sunday, September 2, 2012

Passwords and Security for Macs and for Mail


t’s a common perception that Macintosh computers are immune to viruses and malware, but technically, that’s not quite true. Despite Apple’s more secure UNIX based operating system, any computer is susceptible to attacks from unscrupulous programmers. However, in 20 years of using Macs online on a daily professional basis, I’ve yet to hear first hand of any successful, debilitating mass attack. To this day, the only reason I have an antivirus software on my computer, is because I was asked by a client to test it. I check it every 2 weeks or so, with no reported attacks.

Email is another issue that can be problematic from a security standpoint, particularly webmail services, such as Hotmail, Yahoo and Gmail. Hotmail is probably one of the most hacked email services out there, and you’ve probably gotten emails in the past year from ‘friends’ whose accounts have been compromised, and who have unwittingly spammed their entire contacts list. Your best defense against such potentially harmful hacking is to change your password to something more secure, and change it again every few months. 

When I say a more ‘secure’ password, that means that it should not be a common word, or string of numbers.  According to the New York Times, the most common passwords out there are ‘12345’, followed (logically) by ‘123456’, and then, if you can believe it, ‘password’. And if you’re one of the 70% of people I meet whose password is the name of their pet, or their children, don’t worry, there’s help for you.

One trick I use when creating a new password is to substitute certain letters for numerals, ie., if the word contains an ‘O’, I’ll use zero. If it has an ‘E’, I’ll use  the number three, and if there’s an ‘I’, I’ll substitute a one. Also, any letter in the word that falls on the top row of the qwerty keyboard, I will capitalize, thus making the password far harder to hack by any online robot. Visually it will look similar to the word I find easy to remember, but it’s far more secure against hackers. For instance, if one of my favourite authors is Farley Mowat, I might have a password that looks like faRl3Y. If my pet’s name is Luther, my password mght look like lUTh3r. It might. 

Passwords are probably the most problematic issue for casual users. If I had a nickel for every time I asked a client for their computer, email, Skype, Apple ID or wifi password, only to be greeted with a blank stare, I’d be a wealthy man. As discussed in the last installment, the Keychain access utility on your Mac will remember your lesser passwords for you, and allow you to retrieve them if need be, but you will need to know your computer user password to access them. 

You can get away with not having your Apple computer’s password for a short period of time, but any software updates or installs will require that you remember it eventually. Luckily you can change the user password by booting from your system disk, included in the box at purchase time. To do so, insert the disk, click restart and hold down the ‘C’ key until you see the grey screen and spinning gear. Once it’s up and running, there will be a list of utilities in a drop-down box. Choose ‘reset password’ and input a password that you will remember, according to some of the previous hints. If you’re running Lion or Mountain Lion, hold the Option key on startup and choose the Recovery HD icon. That will bring up a similar set of options.

When it comes to passwords, my suggestion is to use one or two straightforward passwords for inconsequential websites, like Facebook or Skype, and another one or two more secure passwords for more sensitive uses, such as email or online banking. And it wouldn’t kill you to write them down somewhere and store them somewhere not far away, because your main security threat is not the person who breaks into your home to steal your valuables, but some professional in an office in Russia, or his mom’s basement in Dakron, sniffing around for trouble. Protect yourself with strong passwords.

No comments: