Locking Things Down (MacBook)

If security is a potential problem and you still need to share a Mac between multiple users, lock things down. To protect Mac OS X from unauthorized use, take care of these potential security holes immediately:
♦ Disable the Sleep, Restart, and Shut Down buttons. Any computer can be hacked when it’s restarted or turned on, so disable the Restart and Shut Down buttons on the login screen. (After a user has successfully logged in, Mac OS X can be shut down normally by using the menu item or the keyboard shortcuts that I cover earlier.) Open the Accounts pane in System Preferences, click the Login Options button, and deselect the Show the Sleep, Restart, and Shut Down Buttons check box. Press 96+Q to quit and save your changes. (You can find more about restarting and shutting down in topic II, topic 2.)
♦ Disable list logins. With a list login, any potential hacker already knows half the information necessary to gain entry to your system — and often the password is easy to guess. Therefore, set Mac OS X to ask for the username and password on the Login screen, as I describe earlier. This way, someone has to guess both the username and the password, which is a much harder proposition.
♦ Disable Automatic Login. A true no-brainer. As I mention earlier in the topic, Automatic Login is indeed very convenient. However, all someone has to do is reboot your MacBook, and the machine automatically logs in one lucky user! To disable Automatic Login, display the Accounts pane in System Preferences and click the Login Options button; then click the Automatic Login pop-up menu and click the Off entry.
♦ Disable the password hint. By default, Mac OS X obligingly displays the password hint for an account after three unsuccessful attempts at entering a password. Where security is an issue, this is like serving a hacker a piece of apple pie. Therefore, head to System Preferences, display the Accounts settings, click the Login Options button, and make sure that the Show Password Hints check box is empty.
♦ Select passwords intelligently. Although using your mother’s maiden name for a password might seem like a great idea, the best method of selecting a password is to use a completely random group of mixed letters and numbers. If you find a random password too hard to remember, at least add a number after your password, like dietcokel — and no, that isn’t one of my passwords. (Nice try.) My editor suggests a favorite location spelled backwards, with a number mixed in — easier to remember than a completely random sequence of characters!
For even greater security, make at least one password character uppercase, and use a number at the beginning and ending of the password. Or, do the “c001″ thing and replace characters with numbers, like the zero that you insert in dietcOke.