Securing a Mac

I don't quite understand what you are asking. You call the thread 'securing a mac' you have an account setup with a password, yet you leave auto login enabled??? If you want your mac to be secure then you better be worried about people being able to get into it!! Turn auto login off and setup a guest account, that way no one can get into your account but they can get in as guest, they can't do much as guest and any files they create get deleted when they log out. No one can do anything as long as the root account is disabled and no one knows your admin account password.

 

Do others have physical access to your computer? If so, then that raises a red flag that it difficult to lower. People with physical access to your computer can do physical damage to it. Your physical system may be worth much more than the data stored on it.

If others do not have physical access to your computer, then your security measures are more than adequate for most users. Auto login allows the user at the keyboard to use your computer without entered the password. Remote users must still do so. Suffice it to say, you can't use a MacOS X DVD to reset your password via remote login.

BTW, you seem to believe that only the System Restore disc can reset your password. This is not true. Any compatible MacOS X distribution DVD can be used to reset the password. However, the user must have physical access to your system.

 

From Finder Help.

"If you don’t want the user to be able to change preferences or install software on the computer, don’t give the user administrator access.

To keep your computer secure, don’t share administrator names and passwords. Be sure to log out when you leave your computer, and use the Security pane of System Preferences to require a password when the computer is idle. If you leave your computer while you’re logged in, someone could sit down at your computer while you’re away and make changes using your administrator privileges.

Don’t have an administrator account automatically logged in when the computer starts up. If you do, someone could simply restart the computer to gain access with administrator privileges."

Set up a Standard user account without Admin privileges. Using an admin account for every day use is a security threat.

 

Who else has access to your Mac?

Also do they know much about Macs?

If anyone does and they want to cause problems they could change the admin password without knowing the current one easily in under 5 mins.

 

You should follow Undercover's recommendations on using it. I use it and you should have a guest account setup so that anyone who steals the computer can log in and get connected to the Internet and UC can do it's job.

Secondly, you shouldn't be telling anyone you even have that on there, that way they likely will not look to uninstall it. You can put all the passwords on OS/X or firmware passwords you want on it but if the person who wants your data or computer knows what they're doing, they will have their way with it. But in all likelihood, anyone who does steal it will not know how to bypass UC.

You really shouldn't have an auto login set with administrative privileges; you're just inviting trouble with that.