General Security Tips for your Mac

Status
Not open for further replies.

vansmith

Senior Member
Joined
Oct 19, 2008
Messages
19,924
Reaction score
559
Points
113
Location
Queensland
Your Mac's Specs
Mini (2014, 2018, 2020), MBA (2020), iPad Pro (2018), iPhone 13 Pro Max, Watch (S6)
Contrary to popular myth, OS X is not impenetrable nor is it without fault. For this reason, you are encouraged to remain vigilant and exercise caution when using your machine (without being paranoid of course). At the end of the day, your Mac is just a personal computer and like every other device on the planet, it requires you to interact with and keep it clean. With that, here are some tips to help keep your machine safe and clean, ensuring smooth and enjoyable operation.

Before we dive into some tips for some best security practices, let’s look at what OS X provides you with already.

GateKeeper
Built into OS X, GateKeeper, enabled by default, will limit what software can be installed on your machine. In its default configuration state, GateKeeper will only let you install software from the Mac App Store and software that has been signed by developers who have registered with Apple (developers who have validated their applications with Apple). Although easily bypassed by users, this mechanism can help to ensure that software on your machine has undergone some semblance of quality control by trusted peoples. Although this is not a bulletproof method of ensuring “clean” code (Researchers outwit Apple, plant malware in the App Store - Computerworld), it works fairly well at mitigating the propagation and installation of malicious software.

Who should use it?
If you only install software from the Mac App Store, you might as well keep it enabled since it won’t affect software installation. If you install third party applications, you may also want to consider keeping it enabled since, if you can trust the developer of your third party app, it can be easily and temporarily bypassed.

Who shouldn’t use it?
People who have deep knowledge of OS X and/or install a lot of obscure software packages (ones that 90% of Mac users won’t install) will probably find that it might be a nuisance. Simply put, those who shouldn’t use it know who they are and can likely do so without concern because they know what to look for. If you don’t know whether or not you fall into this group, you probably don’t and should keep it enabled.

More info here.

XProtect
Built into OS X as well is XProtect. This piece of software checks applications against a database of known malware. The files for this can be found in /System/Library/CoreServices/CoreTypes.bundle/Contents/Resources. Don’t modify or tinker with these files – this is just here for reference.

XProtect is non-interactive meaning that you are not meant to do anything with it since it does not expect user input. It runs silently in the background, only updating whenever Apple needs to do so.

Who should use it?
Everyone and you don’t really have a choice so embrace it. ;)


While some of the aforementioned services and practices can protect you and the software that you run, they are hardly sufficient in and of themselves. Many of the techniques that malware (and eventually viruses) will use exploit user mistakes and misinformation. Here are some tips to keep in mind while using your Mac (all computers).

Random and Strong Passwords
Passwords are the key to your machine – everything important requires one for one very simple reason: that which is password protected needs to be secure. Remembering this and crafting good passwords as a response to this very basic fact is an important step in securing your machine.

Creating a password with unconventional combinations of all types of characters (letters, numbers and symbols) is the best type of password to create. Unfortunately, these can be unruly and hard to remember (if at all). However, here are some tips for creating passwords. First, let’s start with a really weak password and strengthen it: hello.
- Use different cases throughout. So, let’s capitalize our password: HeLlo.
- Be generous with characters. So, let’s do that: HeL1o@
- The longer, the better. Many apps designed to crack passwords will take longer if there are longer words (not always the case but it doesn’t help these apps): HeL1o@%H1
- Avoid dictionary based words. Many tools designed to crack passwords work through dictionary words first since they are the most obvious. If possible, remove dictionary based words: Hqr1@neq23#

At this point, the password is rather illegible and, to be frank, hard to remember. The solution to this problem is not writing it down – this defeats the purpose. Storing them anywhere that isn’t encrypted or in your head is useless so you’ll need to use something that encrypts them (or start training your brain to remember these). A forum favourite for the app option is 1Password.

If you’re looking to generate strong passwords, consider one of the following built in tools to help you generate them (and one website).
- Keychain Access (/Applications/Utilities): go to File > New Password Item… > click the key icon and choose a type & change the length. The longer the green progress bar, the better the password.
- Norton Identity Safe Password Generator: Norton.
- OpenSSL (and other command line tools): Generate Random Passwords from the Command Line

Wireless Networking
Most of us use wireless networking at home, work or on the road. Here are some tips for the wireless networkers among us.

Note – much of what is discussed is hardware dependent. Feel free to ask questions about how to do what is discussed below for your piece of hardware.

Home Network
Securing your home network is important and something that should be amongst the first things you do once you plug in your router. In the configuration screens for your router of choice, you’ll be given options for what type of security. If you’re confused, here’s a simple one word answer: WPA2. Avoid WEP as if it was the plague – it’s antiquated, weak and easily cracked. WPA2 is no more difficult from the users perspective while remaining a much better choice for the purposes of security.

If your router has a firewall feature, use it. There’s no reason not to and any nuisances it might cause (likely not a concern for 95% of users) can be easily managed.

Networking on the Go
If you’re using a mobile Mac, you may not be able to enjoy the benefits of your secure network all the time. When you leave your home, you have to depend on the security functionality that the establishment/person has set up. Thus, the best you can do is secure your Mac. The first thing you’ll want to do is enable the firewall on your Mac. Go to System Preferences > Security & Privacy > Firewall > unlock the pane (click the lock in the bottom left hand corner) > enable it. While the router that you connect to in public might have a firewall on, you will likely be on the same network as many other people who may not be as nice as your family members/roommates.

General Tips
Vigilance – always be wary of software from websites that do the following:
- claim to be better than others (if this is the case, they probably aren’t).
- have a lot of advertising (an abundance of advertising is a likely sign that they just want ad revenue).
- offer deeply discounted or free versions of software that they do not develop (the legality of that software is likely questionable).

Don’t know what it is? Don’t run or open it. This seems like a simple tip but really, people are quicker to do this on their computer than they are in real life (if a stranger offered you something and didn’t tell you what it was, would you open/eat/use it?).

If something says that you need to install something else so as to ensure proper functionality, look it up or ask us. Shady websites are notorious for this, commonly notifying users of the need to install third party codecs or something else so as to ensure proper website functionality. Many of these popups also mimic the look and feel of native browser popups so be cautious. A general tip – you will likely only ever need Java, Flash or Silverlight (if you even need these at all). If a website says you need something other than these three, it’s probably not a good idea to install it.

The Anti-Virus Question
This is a question commonly broached by people transitioning over from Windows where AV is a part of daily life. For Macs, the necessity of AV software is not quite as prominent. You can safely go without AV software if you remain aware of what you’re doing on your machine. In other words, if you use your machine thinking it’s Superman, you’re going to lose the game that is Russian Roulette online because your Mac isn’t Superman. There is malware and pernicious pieces of rogue software that exist and will continue to exist for the foreseeable future. While little of it necessitates AV software, the widespread claim that you don’t need AV software doesn’t mean that nothing malicious exists.

In short, you probably don’t need it but that doesn’t mean that evil stuff doesn’t exist. Also be open to the idea that, at some point, AV software is likely going to be needed for Macs. Do not become complacent – that gets you nowhere productive quickly.

Final Thought
Mac users, of all types, are quick to defer to history as the reason for lax security practices. This is hardly a reason to shun responsibility for your machine. Not only is a Mac a PC (in the literal sense) like any other in form, it is far from perfect. Hubris gets us nowhere – it didn’t work for the captain of the Titanic and it backfired on the Soviets during WW2 when they invaded Finland (history moment for those history buffs on the forums). Practicing safe computing is important regardless of what operating system you’re using. And while anti-virus may or may not be needed as of right now, it doesn’t mean that it won’t in the future nor does it mean that you should use your machine without reservations. I’m not suggesting that you use your machine with fear or reticence but rather, you should use it intelligently which means remaining aware that, as with anything manmade, it has faults.
I’m not trying to scare you – much of what I’ve said is common sense and should be followed regardless of what platform you’re using. Follow some of the tips above and any others from our knowledgeable members and you’ll likely have a secure and enjoyable experience with your Mac.

If you've got any questions, tips, concerns or ideas, feel free to discuss below. I'll update this as/if necessary.
 
Last edited:

Slydude

Well-known member
Staff member
Moderator
Joined
Nov 15, 2009
Messages
17,596
Reaction score
1,072
Points
113
Location
North Louisiana, USA
Your Mac's Specs
M1 MacMini 16 GB - Ventura, iPhone 14 Pro Max, 2015 iMac 16 GB Monterey
Excellent suggestions as usual. See what happens when you stop slacking ad get back to work.:D
 
OP
vansmith

vansmith

Senior Member
Joined
Oct 19, 2008
Messages
19,924
Reaction score
559
Points
113
Location
Queensland
Your Mac's Specs
Mini (2014, 2018, 2020), MBA (2020), iPad Pro (2018), iPhone 13 Pro Max, Watch (S6)
Woah, you have to go ruin my post by making a joke about me? As the token Canadian on staff, I'm not used to that! :p
 
Joined
Nov 28, 2007
Messages
25,564
Reaction score
486
Points
83
Location
Blue Mountains NSW Australia
Your Mac's Specs
Silver M1 iMac 512/16/8/8 macOS 11.6
Don't worry Sly. We have the same 'little brother' problem with Kiwis!
 
Joined
Mar 30, 2013
Messages
156
Reaction score
1
Points
18
Location
US
Your Mac's Specs
13" MBP, OSX 10.8.5, 2.5 GHz Intel core i5 4 GB 1600 MHz DDR3 - I also have an iPad Air.
I really appreciate all the advice here. Security is so important, I like to stay informed about this too, because I've also read that the Mac is not immune, so it's good to let everyone know and remind them. Thanks for taking the time to write all that. :)
 
OP
vansmith

vansmith

Senior Member
Joined
Oct 19, 2008
Messages
19,924
Reaction score
559
Points
113
Location
Queensland
Your Mac's Specs
Mini (2014, 2018, 2020), MBA (2020), iPad Pro (2018), iPhone 13 Pro Max, Watch (S6)
Not a problem, glad that you found it useful.
 
Joined
Feb 14, 2004
Messages
4,781
Reaction score
166
Points
63
Location
Groves, Texas
As usual up to your lofty standards. Very good post. (well, except for that one little misspelling)
 
OP
vansmith

vansmith

Senior Member
Joined
Oct 19, 2008
Messages
19,924
Reaction score
559
Points
113
Location
Queensland
Your Mac's Specs
Mini (2014, 2018, 2020), MBA (2020), iPad Pro (2018), iPhone 13 Pro Max, Watch (S6)
As usual up to your lofty standards. Very good post. (well, except for that one little misspelling)
Don't leave me hanging! What am I looking for here (I get lost reading my own writing)?
 
Joined
Feb 14, 2004
Messages
4,781
Reaction score
166
Points
63
Location
Groves, Texas
Well now I cant find it :(
Could have sworn I saw a misspell or an awkward wording somewhere. Been painting all day, maybe that's it.
 

Slydude

Well-known member
Staff member
Moderator
Joined
Nov 15, 2009
Messages
17,596
Reaction score
1,072
Points
113
Location
North Louisiana, USA
Your Mac's Specs
M1 MacMini 16 GB - Ventura, iPhone 14 Pro Max, 2015 iMac 16 GB Monterey
You weren't perhaps going to give him a bit of grief for this ere you?
A forum favourite for the app option is 1Password.
:eek: That was the only thing I noticed. Except for a word or two that MS Word prefers to be hyphenated.

I used to be able to spell, then I got a computer. Now, as several of my posts have proven, I can't spell anymore.
 
OP
vansmith

vansmith

Senior Member
Joined
Oct 19, 2008
Messages
19,924
Reaction score
559
Points
113
Location
Queensland
Your Mac's Specs
Mini (2014, 2018, 2020), MBA (2020), iPad Pro (2018), iPhone 13 Pro Max, Watch (S6)

Slydude

Well-known member
Staff member
Moderator
Joined
Nov 15, 2009
Messages
17,596
Reaction score
1,072
Points
113
Location
North Louisiana, USA
Your Mac's Specs
M1 MacMini 16 GB - Ventura, iPhone 14 Pro Max, 2015 iMac 16 GB Monterey
If "proper spelling" means "containing superfluous vowels" that would be the one.:Mischievous:
 

RavingMac

Well-known member
Staff member
Moderator
Joined
Jan 7, 2008
Messages
8,303
Reaction score
242
Points
63
Location
In Denial
Your Mac's Specs
16Gb Mac Mini 2018, 15" MacBook Pro 2012 1 TB SSD
Excellent post, despite the extraneous vowels. ;)
 
Joined
Nov 28, 2007
Messages
25,564
Reaction score
486
Points
83
Location
Blue Mountains NSW Australia
Your Mac's Specs
Silver M1 iMac 512/16/8/8 macOS 11.6
Actually vansmith being a Canadian, we use English English the way it evolved from Anglo Saxon / Latin rather than the shortened American versions of favourite, humour etc etc.

Nonetheless a top article sure to be a favourite.
 
Joined
Jan 20, 2012
Messages
5,053
Reaction score
414
Points
83
Location
North Carolina
Your Mac's Specs
Air M2 ('22) OS 14.3; M3 iMac ('23) OS 14.3; iPad Pro; iPhone 14
Actually vansmith being a Canadian, we use English English the way it evolved from Anglo Saxon / Latin rather than the shortened American versions of favourite, humour etc etc.

Nonetheless a top article sure to be a favourite.

Thanks Vansmith for the excellent summary - sure to help others!

But off the subject and to Harry's statement, American English accents (or lack of them) are so varied that their origins are difficult to pin down; but regarding what the English sounded like back in the 1600s & 1700s, the best place to hear the possibilities are in the Appalachian Mtn regions & in New England - in particular the English/Scottish ballads that were learned centuries ago there and passed down via oral tradition better replicate the sound of English back then.

The English accents that are now heard, especially in the American movies of the 20th century are basically incorrect for their periods of time - current 'upper crust' English accents are a product of recent development, i.e. 1800s into the next century. Plenty of material on the web supporting these views - a short discussion HERE for those interested. Dave :)
 
Joined
Feb 14, 2004
Messages
4,781
Reaction score
166
Points
63
Location
Groves, Texas
Found it!!
mitigating the propogation and installation
Propagation... Didn't even notice the other spelling of favorite.
 
Joined
Mar 15, 2006
Messages
1,237
Reaction score
27
Points
48
Your Mac's Specs
2015 Retina 4K iMac. Monterey. 8GB RAM. Crucial 500GB external SSD
22 yrs on macs and I've always used some sort of free antivirus protection. And i've never had a virus or malware issue that I was aware of.

I recommend using some sort of antivirus protection since it's free. I used clamxAV for years but the interface is pretty bad, so I recently changed to avast. avast works well on the PC so it made sense to use it on the mac. I had to disable the online security extension for avast (for the Mac) since it was slowing firefox down to a crawl. works fine now with that extension disabled. avast seems to work well in the background and I don't have to do anything since it auto updates itself. if you want once a month or can run a scan if you like.

common sense and knowledge go a long way. watch what your clicking on. Never click banner ads. the ad may say it's going to apple.com but it may be going somewhere else. never open email attachments from anyone including friends unless you first make sure the friend did send send it.

most of the bad guys still go after windows users but that could change. better safe than sorry.
 
OP
vansmith

vansmith

Senior Member
Joined
Oct 19, 2008
Messages
19,924
Reaction score
559
Points
113
Location
Queensland
Your Mac's Specs
Mini (2014, 2018, 2020), MBA (2020), iPad Pro (2018), iPhone 13 Pro Max, Watch (S6)
most of the bad guys still go after windows users but that could change. better safe than sorry.
It has and did so a long time ago - malware is not new to OS X. ;)
 
Joined
Mar 15, 2006
Messages
1,237
Reaction score
27
Points
48
Your Mac's Specs
2015 Retina 4K iMac. Monterey. 8GB RAM. Crucial 500GB external SSD
yeah Im getting old. can't keep up with the new info anymore. things change too fast for me. lol
 

pigoo3

Well-known member
Staff member
Admin
Joined
May 20, 2008
Messages
44,210
Reaction score
1,418
Points
113
Location
U.S.
Your Mac's Specs
2017 15" MBP, 16gig ram, 1TB SSD, OS 10.15
yeah Im getting old. can't keep up with the new info anymore. things change too fast for me. lol

Mac-Forums is a great place to visit frequently...exactly for reasons/info like this. If something dangerous should appear...we should be one of the first to know about it.:)

- Nick
 
Status
Not open for further replies.

Shop Amazon


Shop for your Apple, Mac, iPhone and other computer products on Amazon.
We are a participant in the Amazon Services LLC Associates Program, an affiliate program designed to provide a means for us to earn fees by linking to Amazon and affiliated sites.
Top