British Flag
British Apple Users Info & Support
LOGIN
The next event is:
Internet Retailing Conference 2017

On 5 May 2017
More events…

macOS 10.12 Sierra
FREE
Amazon UK Mac Software Affiliate Link Discounted Shopping via QuidCo

Mac Security Article #5 User Names & Passwords including Apple IDs

Article ID = 85
Article Title = Mac Security Article #5 User Names & Passwords including Apple IDs
Article Author(s) = Graham Needham (BH)
Article Created On = 22nd May 2012
Article Last Updated = 27th February 2017
Article URL = http://www.macstrategy.com/article.php?85

Article Brief Description:
How to secure user names and passwords

User Names and Passwords including Apple IDs

This article has the following sections:
  1. User Names
  2. Passwords
  3. Apple IDs
  4. Storing User Names & Passwords
It is number five in a series of MacStrategy security articles.

User Names

Depending on how paranoid you are about your security/online privacy you should generally avoid using obvious user names like "admin", "administrator" or if your name is "Joe Bloggs" don't use the obvious "joebloggs" - this is especially relevant online/for internet web sites. Combining other letters/characters and numbers with the user name will make it less obvious. So, for instance, if your name is "Joe Bloggs" and you work for "ACME Ltd" and you're creating an account in 2012 why not use one of the following or similar:
  • joebloggs12
  • joebloggs2012
  • jb2012
  • acjoebloggs
  • acjoebloggs12
  • acme_jb
  • acme_jb2012
  • acme_admin
  • acmeadminjb

Passwords

Where possible you should always use secure/strong passwords.
DO
  • Lock your online accounts, computer, phone and other (portable) devices with passwords.
  • Keep passwords and PINs secret. Don't disclose them to friends, co-workers, businesses (like an Internet café operator) or be tricked into giving them away - most companies/people will NEVER ask you for a complete password but they may ask you for individual characters e.g. the 2nd and 5th.
  • Make sure your passwords are over 8 characters long (the longer, the better) and that they contain a mix of many different character types including letters, numbers and symbols.
  • Use a long sequence of (random) characters including a mix of uppercase and lowercase letters, numbers, punctuation marks and (if the site or software supports it) characters typed while holding down the Option or Alt key.
  • Change passwords often.
DON'T
  • EVER use the same password for everything/all accounts especially online - if someone get's the password they have the password to all your accounts.
  • Use obvious names (such as your own), words of any language found in a dictionary or personal data like phone numbers, dates, or simple combinations of these - they are easy to obtain/guess.
  • Use a pattern of keyboard characters, such as lines of keyboard keys, for example, "qwerty" - they are easy to guess.
  • Write a password on a post-it note and stick it to your monitor - that's just stupid - use a secure disk image to store the password.
Additional help for creating secure/strong passwords
  • Use OS X's built-in Apple "Password Assistant" - this is accessed using the key button which is usually available in dialogue boxes that require a password.
  • Use Comparitech's password strength tester web page.
  • Read the Gibson Research Corporation's article on the benefits of password "length" and using a passphrase rather than a password.
  • If you have a lot of passwords (as most people do nowadays) use a password storage utility.

Apple IDs

Apple has recently (early 2012) increased the security of Apple IDs by adding in the requirement for a series of security questions and answers. This is primarily to stop people getting the basic Apple ID information and trying to activate it on a new device (like a computer/iPod touch/iPad/iPhone). When they try to activate the Apple ID security questions have to be answered. This is also true if you want to manage the Apple ID online. Although at first it may appear like an inconvenience it is a very good idea. Remember you can always make up the answers and store them securely. Apple IDs can be used for one or more of the following:
  • iTunes (Store) including Music, Films, iOS Apps and Books (iBooks and iBookstore)
  • iTunes Genius
  • iTunes Home Sharing
  • Apple Music / iTunes Match
  • iCloud
  • Mac App Store
  • iChat / Messages
  • iMessage
  • FaceTime
  • Game Center
  • iPhoto / Photos and Aperture purchases
  • Find My iPhone/iPod/iPad/Mac
  • OS X 10.7 Lion or later
  • Apple TV
  • Apple Online Store
  • Apple Retail Store
  • Concierge (for appointments at the Genius Bar)
  • Apple.com support
  • register.apple.com (Apple product registration)
  • MobileMe
  • iWork publishing (publish.iwork.com)
On 5th April 2013 Apple introduced two-step verification for Apple IDs.
NOTE: Some of the above can have a credit card registered with them so it is definitely wise to use a strong password for your Apple ID.

Useful Apple ID web sites

Storing User Names & Passwords

The simplest way of storing data on a Mac is to create a secure disk image and store a text file of your passwords in it. Alternatively you could use any of the following:
OS X Keychain
Apple's OS X operating system includes a feature called Keychain. When you use your Mac it may give you the option to "save password" usually with a tick box. When you tick this box it usually means the password will be saved into your Keychain. Here are some facts about Keychain:
  • By default your primary keychain (login) is automatically unlocked when you login to your computer as it uses the same password as your computer's user account password.
  • Keychains can be managed using the Keychain Access utility in Macintosh HD > Applications > Utilities folder.
  • Keychains can store more than passwords such as security certificates and encryption keys.
  • You can change a Keychain's settings e.g. set it to automatically lock itself after inactivity/sleep - use Keychain Access > select the Keychain on the left > go to Edit menu > Change Settings for Keychain.
  • You can change a Keychain password (so that it is not automatically unlocked when you login) - use Keychain Access > select the Keychain on the left > go to Edit menu > Change Password for Keychain.
  • To obtain a password stored in a Keychain that you have forgotten - open Keychain Access > select the Keychain on the left > select Passwords in the bottom left > select the item on the right > double click the item/click the i button/use File menu "Get Info" > click "Show Password" > enter the keychain's password > click "Allow" > the password will be revealed.
  • Keychains can store multiple passwords for the same thing (causing problems) - to delete a password open Keychain Access > select the Keychain on the left > select Passwords in the bottom left > select the item on the right and press the delete/backspace button on our keyboard > confirm the deletion.
  • iCloud Keychain Sync was introduced with OS X 10.9 Mavericks or later and iOS 7 or later
Web Browsers
Most web browsers can store user names and passwords for web sites for your convenience. However, you should be very careful when using this feature of a web browser as it is usually switched on by default, the data may not be stored as securely as you would like and malicious web sites may be able to access (and steal) this data using holes in the web browser software. This feature can be called Auotfill. Here is the relevant settings for common web browsers:
  • Apple Safari v5.x or earlier - go to Safari menu > Preferences > Autofill tab
  • Apple Safari v6 or later - go to Safari menu > Preferences > Passwords tab
  • Camino - uses the OS X Keychain [WARNING: discontinued 31/05/2013]
  • Google Chrome - uses the OS X Keychain
  • Chromium - go to Chromium menu > Preferences > click on "+ Show advanced settings" at the bottom > "Passwords and forms" heading
  • Mozilla Firefox - go to Firefox menu > Preferences > Security > Logins heading
  • iCab - uses it's own system for storing passwords
  • Omniweb - go to Omniweb menu > Preferences > Show All tab > AutoFill icon
  • Opera - go to Tools > Advanced > Password Manager
  • Seamonkey - go to Tools > Manage Stored Passwords
  • Stainless - does not appear to have this feature
  • Sunrise - does not appear to have this feature
  • TenFourFox - go to TenFourFox menu > Preferences > Security tab > Passwords heading
Software Utilities and Online Synchronisation

Article Keywords: Macintosh Mac OS X OSX macOS Security

This article is © MacStrategy » a trading name of Burning Helix. Apple, the Apple logo, and Mac are trademarks of Apple Inc., registered in the U.S. and other countries. App Store is a service mark of Apple Inc.


If this information helped you or saved you time and/or money why not donate a little to us via PayPal?
All proceeds go directly to MacStrategy / Burning Helix Limited to help fund this web site.
If this information helped you or saved you time and/or money why not donate a little to us via PayPal?
All proceeds go directly to MacStrategy / Burning Helix Limited to help fund this web site.

Go to this
web page
to donate to us.