Security on a Mac: Setting Passwords & Locking your Screen

Standard

 

I use a Mac and a PC at my job, and one thing we fall victim to, if we do not lock our computer when we walk away, is we end up coming back to a desktop wallpaper of David Hasselhoff.

Knight Rider

You could wind up with this on your screen. Or worse.

So we are always told to lock our PCs. Fortunately, this is easy to do. You simply press the Windows key + L and it locks your machine (The Windows key is the key between ctrl and alt, that has the Windows flag on it).

But I also needed to find a way to lock my Mac — which isn’t as easy as the nice, two-key combo Microsoft has laid out for us.

You can lock a Mac through key combinations. In newer Macs, you can click control + shift + the power button, and you will see your screen go black, and if you tap any key on the keyboard, it will wake up the screen, and you can see that your Mac is locked.

However, in my case, I can’t even reach my power button, so this just won’t work. What I do (and I consider this the best and easiest way to lock a Mac) is to lock by using Keychain Access.

Keychain Access is the equivalent of Windows Credential Manager, in that it saves passwords that you frequently use on the Mac. In order to use Keychain Access for locking your Mac, you will, of course, need to set a password on your Mac (otherwise what’s the point in locking, if users can hit ‘return’ and go right into your Mac).

To set a password on a Mac, click on the Apple logo in the upper left-hand corner of the Mac, and go to System Preferences. From there you will see a location called Users & Groups.

Preferences

Inside Users & Groups, you will see your account listed. You might have to click on the lock, down in the lower left-hand corner, to make changes (if you do, it will require a password, and if you have none set, you can simply click OK). Once you have the ability to edit your account, click on it. You will see the location, next to your photo, that states Reset Password. This is where you will enter your password.

You can then click the lock to prevent further changes and move on to Keychain Access.

When you launch Keychain Access, you won’t need to do anything in the window that pops up, only in the Preferences for Keychain Access. To access Preferences, click on the words “Keychain Access” in the upper left-hand corner, and go to Preferences…

In Preferences, under the General tab, put a check mark where it states: Show keychain status in menu bar

Keychain

This adds an unlocked lock in the menu bar in the upper right hand corner of your Mac. If you now click on that icon, you have an option to ‘Lock Screen’.

Lock

It’s as simple as that!

 

Staying Safe in the Digital Age

Standard

 

In today’s world, nearly everything is interconnected. While this provides many great conveniences it does increase the risk of sensitive information landing in unwanted hands. It seems every other week there is news about a new security breach and, while these may be out of your hands, there are things you can start doing right now to minimize having your sensitive info or data hacked.

Passwords
  • Never write passwords down, especially on a sticky note around your desk.
  • Do not use the same password for multiple accounts.
  • Never share your passwords with anyone.
  • Use strong passwords with upper case, lower case, numbers, special characters, and at least 8 characters, overall.
  • Avoid common passwords like “Password1”, “abc123”, “123456”, etc.
Email
  • Do not open emails, attachments, or click links in emails from people you don’t know or are not expecting.
  • Do not click on links in emails that ask you to type in your credentials. Always visit the desired site by typing it into your web browser. A common trick called “phishing” is where you are routed to a look-alike site and have to put your info in.
  • One common method is someone gets hacked and email is sent out to people in their address book. If the sender is familiar but not the content of what they sent, use caution.
Web Browsing
  • If it sounds too good to be true, it probably is (free games, easy money, you’ll never believe this one secret, etc).
  • Never login into an unsecure website. Depending on your browser, a secure site is usually indicated by a lock icon.
  • Avoid clicking on advertisements or pop-up ads. This is a good way to get unwanted cookies or malware on your computer.
Miscellaneous
  • Make sure all your mobile devices (cell phones, tablets, etc) have a lock screen with a password, pin, or other form of security.
  • Lock your computer whenever you walk away by pressing “Windows Key + L.”
  • Reboot once a week. Some Windows updates cannot apply until your PC is rebooted, which can prevent other updates from applying. This may also help with general performance of your PC as well.

This list only scratches the surface, but hopefully it has provided some good ideas about what you can do. Ultimately, if you are ever in doubt, get a second opinion from your IT department (if that’s Everon, call us at 888-244-1748) before clicking that link or opening that email!

key

 

Spotlight on Small Business Week: Start with your Password

Standard

 

To remain secure, start with using password best practices.

  • Length: 8-12 characters at minimum, but 16-18 are even better.
  • lockCombination: Your password should include a mixture of letters (uppercase and lowercase), symbols and numbers.
  • Keep them random: Use a random combination of the above, making sure to stay away from birthdays and family names.
  • Change them regularly:  Change your passwords frequently (at least every 60 days)
  • Log-out: Be sure to log-out of your session once you are complete. Do not leave any room for someone to access your network under your name.

Password Mistakes

  • Do not use your birth, graduation, or anniversary dates for your number combinations.
  • Do not use your children’s’ names, close friends’ and family names, or pet’s name for your letter combination.
  • Do not have any variations of the following passwords as these are the most popular: “password,” “123456,” “12345678,” “abc123,” “qwerty,” “monkey,” “letmein,” “dragon,” and “111111.”
  • Do not have your account automatically logged-in on your phone. Mobile security is key to protecting your passwords.
  • Do not keep your password hints on sticky notes, near your desk or anywhere that can be seen.

small business week specialFor more information on password security, check out this Jan. 2014 article by Wah Lee, Everon’s Principal Project Engineer.

To request a FREE Security Bulletin Update, contact us at  [email protected]  and put “Free Security Tips” in the subject line.

 

Passwords and Encryption: How to easily protect your files and folders

Standard

 

In a business environment our data is our lifeline. Whether it is transactions, logs, data collection, or spreadsheets, making sure our information is protected is paramount. Below are a few of my favorite easy and secure ways to keep peace of mind.

Excel/Word/PowerPoint

In the two latest builds of the popular Microsoft Office suite, 2010 and 2013, there is a built-in password protection tool for the three most-used applications: Excel, Word, and PowerPoint. When initially creating the document/spreadsheet select “File” on the top tab and select “Info” on the left-hand sidebar. There will be an option to protect the document (“Protect Workbook”).

BLOG9-1

Then select the option to “Encrypt with Password”

BLOG9-2

Simple as that!

AxCrypt

AxCrypt is a very powerful tool used for encrypting single files. One downside is that the application needs to be installed on the PC receiving the file in order to decrypt it. However, the process is very easy. Once installed, simply right-click on the file you wish to encrypt using AES 128-bit and select AxCrypt > Encrypt.

BLOG9-7

 

 

Type the desired password you wish to use to decrypt the file and press ok. All done!

 

 

 

NOTE: There are NO BACKDOORS into AxCrypt. If you forget your passphrase, your documents are likely to be irretrievably lost. Write it down, or print it, and keep it in a safe place!

7-zip

If you have ever worked with .ZIP files you have most likely used 7-zip at some point. 7-Zip is a cabinet file manager. One unique feature of 7-zip is that has the ability to create a .ZIP file that is also encrypted. The process is very easy: just highlight the files you wish to “Zip up” and right click on one of them. Then select 7-zip > Add to archive.

BLOG9-6

 

 

From here, type the desired password in the Encryption section. It is very important here to select the AES-256 Encryption method. This uses the industry standard encryption protocols rather than the proprietary ZipCrypto method.

 

Data protection is key in this competitive world. Protect your data, protect your future!

 

 

How Secure is your password in an insecure word?

Standard

We hear in the news all the time of credit card fraud and retailers being hacked. Or we get snail mail informing us of how we may have been compromised and all of the new protections in place to protect us.  Well, the easiest way to protect our online accounts is to have a good password.  So… how secure is your password?

Wah - blog image

If you are using “Password,” or any combination such as Password1 or Password123, it’s time to stop! This easy-to-hack password is the third most-popular from among 38 million hacked from Adobe.com, according to a report from October 4th. This report showed how easy most passwords would be to guess with any brute force attack. Even though these were from a consumer based site that does not mean that business users today do not fall under this category.

Most average users today choose passwords that would be easy enough for friends to guess. They usually involve everyday phrases or names of their children or pets. The addition of numbers can make this a little more secure but not by much. Most system admins today do not set up password policies for their domains either, which will allow users to be able to implement these same passwords into their everyday logins in the office. It is also not uncommon for a system admin to assign the default password “Password” to a new user and just expect the user to reset it.

So how do we get around this? While most of us have the bad habit of creating easy-enough-to-remember passwords it is always a great idea to start incorporating a password policy to log into your domain/cloud set up. Microsoft recommendations are a great base point for creating such policies and will add the extra layer of protecting the integrity of your password.

-        Enforce password history – setting should be to minimum of last 5 passwords

-        Maximum password age – average age should be no more than 90 days. This will allow peace of mind that users are changing their passwords regularly.

-        Minimum password length – longer passwords are harder to crack than shorter ones. Passwords should be set to a minimum of seven characters for a safer environment. This way users cannot have blank passwords (which should never be allowed).

-        Password complexity – require users to have to add a number or capitalize a letter. These make passwords trickier to guess or hack.

There is also a new trend with system admins that allow for more complex passwords. Passphrases are becoming the norm with some companies looking to get beyond the “Password123” realm. Passphrases look like they would be easy to get beyond but add more complexity and are extremely difficult for password hacking programs to get past.

So what is passphrase? It is essentially a string of words to create a password rather than a single word. An example would be “This Is My Login Password” rather than just “Password.” All brute-force-attack software will do is to just start looking for alpha-numeric passwords starting with 1 character, up until it finds one that works. It does not take into account strings of words and would make it virtually impossible for it to be guessed. These can be implemented with a common denominator, such as 1st word is an object, 2nd word is a color, 3rd word is a planet, etc. Most hackers would not guess “staple cyan Jupiter” to be used.

Get creative with your password policies and you will find less and less users reporting some kind of comprise on their accounts. Once you have pick your password you can check out this site to see how long it would take to get hacked!