This article is a pre-release chapter in the upcoming “Take Control of Security for Mac Users,” by Joe Kissell, scheduled for public release later in 2015. Apart from, and , these chapters are available only to ; see  for details.
Whether you’re talking about your Mac’s user account, your Wi-Fi router, any of the zillions of Web sites where you might have an account, or countless other services, passwords are nearly always a factor in digital security. They are also nearly always the weakest link.
If the only thing standing between a random visitor and your data is your password, that password had better be pretty darn strong. Unfortunately, most people use lousy passwords that are easily guessed or broken, for the simple reason that they’re convenient to remember and type. And that’s a real pity—your Mac (including built-in software like Safari and Mail) supports excellent, heavy-duty security methods, but if you pick a terrible password, it’s like using a fantastic lock but then hiding your key under the doormat.
So, for the various ways in which your Mac itself uses passwords, as well as for the devices and services to which you connect with your Mac, one of the most crucial steps you can take to improve your security is to improve your passwords.
What’s your password?
Sorry, that was a trick question. If you can answer it, you may have a problem.
Wait, what? Ah yes, I misspoke—you more likely have two problems!
The first problem is that you shouldn’t have just one password, but many; if you do have only one, you’re playing with fire. The second problem is that, of the many passwords you (should) have, nearly all of them should be so long and complex that you couldn’t possibly remember them without looking them up. If you can remember them, there’s a good chance they’re not strong enough.
If you find any of that information surprising or disturbing, read on for an explanation of both the problem and the solution.
When you’re asked to create a new password, perhaps your first impulse is to use the same password you use everywhere else, because it’s easiest to remember a single password. And what is that one password? An astonishing number of people use memorable and easy-to-type sequences like
qwertyui, the name of a child or pet, or something snarky such as
stopasking. What if they’re required to include a capital letter and a number in the password? Why, they’ll choose
course! This is a dangerous habit.
If I found your Mac unattended and decided to break in to one of your accounts, I might start by trying some of the most commonly used passwords—it’s easy to find lists of them online—and if I happened to know anything about you, I might also try words, names, and dates I know you’d remember.
But that’s not how most password attacks work. Sophisticated attackers can use freely available software to crack passwords using a variety of methods, including automatically checking lists of common passwords, trying patterns of all sorts, or even systematically checking every possible combination of characters (up to a point)—all very quickly and effortlessly. Your passwords need to be more sophisticated to resist cracking attempts long enough that the attacker will give up. (How do you come up with passwords like that? We’ll get back to that in a moment—see.)
In case you were wondering, safeguards designed to lock out people who enter the wrong password too many times in a row are useful—but not a guarantee. The bad guys might be able to go around your password entirely by exploiting a flaw in your security software. Or they might have a stolen or hacked list of encrypted passwords that they can run their cracking software on, without any of those pesky anti-intrusion measures interrupting them. Don’t assume that just because you can’t try more than a few passwords per minute, no one can! These days, password-cracking setups can try billions of password combinations per second.
Now suppose an attacker somehow managed to crack one of your passwords—Twitter, Facebook, LinkedIn, or whatever. Precisely how it happened is irrelevant; the point is that things like this can and do occur all the time. The fact that someone knows your password is troubling, but hey, if it’s “just” a social media account or what-have-you, it’s no real crisis, right? You can change your password and move on.
But, nobody cares about accessing your LinkedIn account. If someone cracked your LinkedIn password, he’s hoping that you used the same password for accounts that have money, personal data, or other valuable resources connected to them—and you’d better believe he’ll try that password with other sites right away. He’ll use your LinkedIn password to see if he can access your Gmail, iCloud, or PayPal account, your bank account, and so on. And these are places where some real damage can be done. For example, someone with your iCloud password could potentially see all the photos on your iPhone, all the addresses in Contacts, all your email, and your exact current location—but worse, he may be able to erase any or all of your Macs and iOS devices and lock you out from using them yourself! This isn’t hypothetical. It has happened.
And that’s why I say it’s a problem if you use the same password everywhere. If every password is unique, then even if one of them is stolen, cracked, or guessed, the damage is contained to that one site or resource.
To summarize: If you want your passwords to do what they’re designed to do—keep your accounts and data secure—they must be both strong (resistant to automated cracking) and unique. If you fail on either of those counts, you’re asking for trouble.
In I get into a little bit of the math that describes what makes one password stronger than another, and how strong is (probably) “strong enough”—by which I mean, highly likely to fend off an attack long enough that it’s not worth the attacker’s time to keep guessing, even at the rate of billions of guesses per second. I also talk about factors that can improve a password’s strength (length, character set, and randomness), because yes, I’ve read that  you’re going to mention (everyone does)—and also .
But I’m going to forgo all that here and cut to the chase. In my professional judgment, as of 2015, every single password you use should be at least 15 characters long; include upper- and lowercase letters, digits, and punctuation; and be randomly generated. If your password isn’t random, then it’ll have to be much longer to compensate—and many sites won’t even accept such long passwords.
If you had just one or two passwords to worry about, I could recommend any of   for creating them from scratch and making them both strong and memorable. As we’ve seen, however, you need lots of different passwords, and it’s not remotely worth your time and mental energy to try to create and remember dozens or hundreds of strong passwords.
So forget all (well, most) of that stuff. Let technology do all the heavy lifting for you!
The best way to improve your password security is to make sure all your passwords are both strong and unique. But since it’s difficult to come up with even a single truly strong password—and beyond most people’s memory skills to recall more than a few of them, no matter what mnemonic tricks you employ—the best solution is to let your Mac (or iOS device) do it for you.
All you need is a password manager—software that can do all the following:
For people who use Apple devices exclusively—all of them running at least OS X 10.9 or iOS 7—you already have a pretty good password manager built in: iCloud Keychain. (For details, see my Macworld article.) If you need to use other platforms or older versions of OS X, or if you want extra features not found in iCloud Keychain, use a third-party password manager such as:
There are many others, too, as a quick Web search will confirm. Pick any one you like, but trust me—you definitely want to be using a password manager of some sort. It’s the only reasonable way to achieve that crucial combination of strong, unique, and memorable passwords.
You’ll still need to have a few strong passwords committed to memory, such as the master password for your password manager, your Mac’s login password (which you’ll sometimes have to enter without the aid of your password manager), and perhaps your Apple ID password, since Apple is so fond of prompting you for it every half hour. For passwords like that, sure—you can use techniques like or the  if you like. But if there are more than four or five passwords you need to keep in your head, you’re doing it wrong.
I’m hoping that I’ve convinced you by now of the importance of great passwords, and once you start using a password manager, it’s easy to make all your future passwords strong. But what if you have a bunch of existing weak passwords or—perish the thought!—a single weak password you use everywhere? Well, it’s time to change them.
If you have only a handful of passwords, you can probably set aside a half hour to change them all, and that will be that. But if you have accounts with loads of sites (I have well over 700), we could be talking about multiple days of work. You’ll want to chip away at those old passwords, a few at a time, until they’re all up to snuff. But please, at the very least, change the following key passwords that are especially crucial to your overall security immediately:
Every user account on a Mac has an associated login password. Depending on your settings, you may be prompted for it when you turn on, wake, or restart your Mac, when you install some kinds of software, and when you unlock certain panes of System Preferences. This password protects many aspects of your Mac’s operation including (by default) your OS X Keychain, which in turn may contain numerous other passwords. So your login password is one of the very few passwords you’ll have to commit to memory—either by rote memorization or by using one of the tricks I linked to in Understand the Chain of Access in Chapter 2, it makes no sense to protect a strong password with a weaker password, so your login password should be among your very strongest.. As you’ll recall from
To change your login password:
Your new password takes effect immediately. If you haven’t done so, consider changing your Mac’s settings not to log you in automatically (see back in Chapter 3), because your password won’t slow down a thief if there’s never a prompt to enter it.
If you have your own Wi-Fi router, such as an Apple AirPort device, you probably know that it has both a Wireless Password (what your devices enter when they connect to the base station in order to get Internet access) and a Base Station Password (what the owner uses to gain access to the device’s settings)—other manufacturers use different terms, but there are always two different passwords. You should never use factory default passwords for either purpose—be sure to change them so that they’re both strong and different from each other.
Each router does things a bit differently, so consult the instructions that came with it. If you have an Apple product, you can read the manuals online:
Later on, in Chapter 9: Manage iCloud Security, I explain the ins and outs of security for a wide variety of iCloud features. For the time being, I merely want to make sure the password you use for iCloud is a good one. If it’s too weak (as discussed previously), you should change it immediately, because it’s one of your most important passwords.
You can’t change the password from within the iCloud pane of System Preferences, however. Because iCloud uses the same password as your Apple ID, you must go to Apple’s to change it. On that page, click Manage Your Apple ID and follow the prompts to change your password. Once you’ve done that, your Mac and any iOS devices will also prompt you for the new password.
As for everything else—email accounts, bank accounts, social networking services, and any other app or Web site you might have a password for—you’ll have to go through them one at a time to update any passwords that are too weak. The general process will be:
Read More: Chapter 12 |  |  |  |  |  |  |  |  |  |  |  |