How to add password?

System Preferences>Security pane

check the Require password to wake this computer from sleep or screen saver box.

You could also log out when you're not using your computer.

I think you're best off password protecting the screen saver. This essentially accomplishes all you want to do, which is apparently keep your roommate from using or seeing anything on your Mac.

Logging off, though effective, may be a big pain in the butt since you have to relaunch all applications when you log back in. FileVault is probably overkill, especially since if they can guess your screen saver password, then FileVault is useless.

Just make your screen saver password something that is difficult to guess and you should be fine. Set your screen saver delay to something fairly short, so you don't have to worry about it taking an hour to lock if you have to leave and forget to activate it with hot corners.

Just enable "Fast User Switching" (System Preferences->Accounts) and then use the right-side menubar user menu to go to "Login Window". Everything is preserved, and, unlike the screen saver, someone with an admin password can't get to your screen. When you get back, log in, and you'll return to things exactly as you left them....

Also, stay away from File Vault unless you're really worried about security. It's safe enough, but, if you forget both the master and you personal passwords, you're utterly screwed. Word of warning.

A simple way to protect sensitive information is to create an encrypted folder with Applications->Utilities->Disk Utility.

To be specific:

• Open Applications->Utilities->Disk Utility.
• Click the "New Image" icon in the toolbar (or use Images->New...->Blank Image)
• Fill in "Save as:" field with a name.
• Select an appropriate size
• Set the excryption to AES-128
• Keep the format as "read/write disk image"
• Click "Create"
• You'll be prompted for a password - enter one
• Very important: Unselect "Remember password (add to Keychain)" before clicking OK to set the password.

This creates the password-protected .dmg file. Double-click it to open it (supply the password, and don't opt to store it in your keychain, or else anyone in your account can open it). It then looks like a mounted disk image - drag things into/out of it. "Eject" it to return it to it's password-protected state.

jsw said:

Just enable "Fast User Switching" (System Preferences->Accounts) and then use the right-side menubar user menu to go to "Login Window". Everything is preserved, and, unlike the screen saver, someone with an admin password can't get to your screen. When you get back, log in, and you'll return to things exactly as you left them....

Click to expand...

This is a cool tool, and I thought about recommending it, but you still need to (1) set up an unprivileged user to switch to, and (b) do the switching manually.

Using a screen saver password would seem to provide the same level of security as switching to a bogus user (maybe more, since then his roommate couldn't even use the system for anything) and do it automatically.

jsw said:

A simple way to protect sensitive information is to create an encrypted folder with Applications->Utilities->Disk Utility.

Click to expand...

This is an awesome idea. Thanks for the info!

emw said:

This is a cool tool, and I thought about recommending it, but you still need to (1) set up an unprivileged user to switch to, and (b) do the switching manually.

Using a screen saver password would seem to provide the same level of security as switching to a bogus user (maybe more, since then his roommate couldn't even use the system for anything) and do it automatically.

Click to expand...

Nope - you might need to set up a bogus account (not sure), but you definitely don't need to switch to it - just go to the login screen, then log back into your account when you want. I'm not sure if you get the menu bar "User" menu unless you have more than one account, but it's trivial to set a bogus one up with no privs and a bizarre password - who cares if you forget it, as you can just delete the entire account and lose nothing - although it's a good idea to have a "pristine" account anyway to verify problems with. It could even have the same password as your regular account, which would make it precisely as difficult to break into as your regular one, but harder to forget the password.

The plus for some users who have other users with admin passwords (not the case here) is that the screen saver will let any admin log in and get back to your account. Scary. The login window is also less hackable, although, for most, using the screen saver is just as good. In fact, I'd implement both, and use the screen saver as a backup in case I forgot to go to the Login window.

emw said:

This is an awesome idea. Thanks for the info!

Click to expand...

No prob - just passing along something I read here months ago, then started using.

just tried it, you do not need to have more than one account

don't forget to uk-check 'automatically log-in' or else even with the screensaver with password on, or with it switched to the user screen, someone could just reboot your computer.

also, hope that the person isnt' a Mac or UNIX person, or they could use the single user mode to search for your password that's stored as plain text in the swap files.