here some suggestions to protect your private data
1) use Disk Utility to create an encrypted disk image volume that you can mount after you've logged in - in Disk Utility, click on "New Image" then set up, say, a few hundred MB image, with Encryption turned on (either 128bit or 256bit AES encryption), and set image format to "sparse image". sparse image means that even if you configure a 500MB image, it will only actually consume as much actual disk space as it actually contains, up to a max of 500MB, or whatever
then store any of your sensitive personal data on this image, and be sure to unmount this disk image when you're not at your computer. these disk images will of course automatically unmount whenever you log off.
this disk image can be easily moved/copied to another drive or machine, but contents remain encrypted unless you supply the password when you mount it. I have several such encrypted disk images on my machines each containing various things (e.g. personal files, work files, email database, etc)
whenever you double click the encrypted volume, a dialog box will pop up asking you for the password. Make sure you DON'T check the box that says "remember password in my keychain" - this way if someone guesses/breaks your login password, they can't open your encrypted disk image. of course this means you need to use a different password!
2) turn on File Vault encryption, if you wish (I don't use this, myself)
3) turn on a screensaver, and in System Preferences/Security/General check the box that says to require a password when the screensaver begins. Set your screensaver to turn on after only a short time, to prevent someone from casually accessing your machine when you step away from your desk for a minute. Of course this is not particularly high security but it will help prevent accidental snooping of your disk.
4) in System Preferences/Security/General, check the box to turn on "secure virtual memory" - this encrypts your virtual memory swap files that are written to disk, to prevent someone from recovering data from those off your drive
5) use 1Password - highly , highly recommended way to easily store all your web passwords, online banking passwords, serial numbers, notes, credit card numbers, 11 herbs and spices recipes :) etc etc. This way you don't need to use an easy to guess, simple password that is the same for all your many accounts (like the name of your cat). 1Password can help you generate strong and unique passwords, and then use them with the click of a mouse. The database is encrypted and protected by a master password. Assign a strong password for the master password. There's also a companion iPhone app so you can always have your passwords handy, wherever you go.
Did I mention that I *highly* recommend using 1Password? I can't live without it after using for more than a year now. Seriously - go to the webpage I linked and watch the screencast video to see how to use it. You might not think it's that useful just from first description but try it an you will see (free trial available)
6) even though there are published ways around them, I still turn on firmware password. I also make sure that I turn OFF automatic login (System Preferences/Accounts/Login Items) - even if I am the only user configured on the Mac
2 件のコメント
Great Question.
Majesty さんによる
Thanks for all the great answers. I wish I could accept them all. This really tough. rdk because that's the first thing I'm going to do.
mayer さんによる