These seemingly cool things are easy to learn and use, so try protecting your Mac with them.
There are so many different passwords on the Mac that they can be awkward to set. Some people just use a comforting password or let their computer run naked.
Minority wrote an earlier article about a simple way to secure your data. This one achieves a similar effect, but with a more direct command line approach that lets you protect your Mac like a computer geek.
The purpose of this article is to guide you through the different passwords and understand the appropriate use of each password. In order to avoid the tedious interface switching back and forth, I try my best to introduce the use of the command line. Readers who have basic knowledge and need can have a try, and those who are afraid of locking their computers can not be opened, just as a popular science.
MacOS user account password
The user password is the most commonly used password, the current system administrator password.
Its permission is required for everything involving Root, such as partial system Settings, partial terminal operations, and the installation of strange applications. Because can bypass through certain means, can say, user password prevents gentleman only, do not prevent villain.
In practice, you will often need to enter your password manually. For convenience, it should be 6-8 characters long. It should not be too long or complicated — but not too simple. The weirdest password I’ve ever seen is “space”, which can be unlocked with just two keystrokes. Such ostentatious behaviour is not encouraged. If you need to change the password, you can use this command:
passwd
Enter the old password and new password and confirm the password.
As for MacBook’s with Touch Bar, they can use a fingerprint instead of a password in some cases. However, be aware of anyone who may be lurking behind you, because some applications will display the password in clear text after successful fingerprint verification (for example, iTerm 2).
👀 Cold knowledge: My password is broken?
Sometimes you can open the cover and enter the user password, but it is correct, but you can’t unlock the screen. When registering ⇪Caps Lock, ⇧Shift, and the input language, restart. This is the bug of Apple server. According to my experience of computer reselling, it happens after repair and replacement.
Firmware Firmware password
Firmware prevents others from booting from an unspecified disk, such as a CD-ROM or external USB flash drive.
This is a very effective layer of protection from an unknown boot disk. One minor snag is that if you want to reinstall and restore the system yourself, you’ll have to manually enter the password.
To set up Firmware, use the following commands:
sudo firmwarepasswd -setpasswd
It is recommended that Firmware be enabled on all macOS devices. If you forget Firmware, you need to go into recovery mode and enter the user password to shut down Firmware. When you reinstall your system and forget the password for the Firmware you haven’t used in a while, stop thinking about your life in front of the Firmware screen that pops up.
Another way to do this is to add “firmware password” protection to your Mac
FileVault 2 Full disk encryption
FileVault (FileVault 2 in OS X Lion and later) prevents non-logged-in users from reading disk data. FileVault uses XTS-AES-128 encryption in conjunction with a 256-bit key, which is almost at the highest level of encryption, making it impossible for someone with an ulterior motive to remove a hard drive or SSD from its contents. In contrast, once an account is logged in, FileVault decrypts it, and the protection of the data under that account needs to find another way.
The Mac will ask you if FileVault is enabled during activation. For those who forget whether FileVault is enabled or not, use this command:
fdesetup status
If FileVault is off is displayed, it is not enabled. I do not recommend enabling FileVault in daily use because encryption and decryption are time-consuming and power consuming. However, to prevent mismanagement, FileVault is recommended for devices that are often not around — especially Mac Mini NAS, MacOS-based workstations and external disks that live in one place. The command is as follows:
sudo fdesetup enable
Enter the user password and wait until the encryption is complete and the FileVault password is generated. Be sure to take care of it.
If you want to use iCloud to save yourself from forgetting your FileVault password, go the “normal way” and turn FileVault on step by step in your system Settings:
- Unlock the lower left lock under System Settings – Security over Privacy -FileVault. Enter the user password
- I’m gonna say “Open FileVault”
- Choose whether to store the FileVault password in iCloud
- To start the long encryption process, it is recommended to connect to the power supply
Compressed file encryption
You can set the password for the selected compressed package. It is recommended to use it for important working files and original works. The system’s own compression tool has encryption capabilities, and we use its command-line version.
Zip -e File name. Zip file path
Enter and confirm the password, and immediately produce a compressed file with password protection. When I try to open it, I’ll ask you for the password.
summary
Password protection is far more than this, there are file encryption, network disk encryption and so on. The passwords described here are fairly basic, but it’s disturbing that most people’s macBooks have a single lock screen password that’s better than none.
While our lives are not the electronic battlefields of Who Am I, we still have to guard against a few suspicious individuals. Instead of installing some anti-virus software with Sima zhao’s heart in mind, a few simple precautions with Mac tools can make your computer much more secure.
The picture is from Unsplash