Choosing good passwords in Mac OS X

Summary

Mac OS X is designed to give you a safe and secure computing environment, often by the use of passwords. One of the best things you can do to keep your information and computer secure is to use good, hard-to-guess passwords.

• Consider how good of a password you need to secure different things. For example, with low-risk areas, such as an online news website, you can use an easy-to-remember password—you might even use the same password for other low-risk things. For very sensitive items, such as your system administrator password or an online bank account, use a unique, hard-to-guess password for each separate area, and do not reuse it elsewhere. This way, if one password is compromised (that is, someone figures it out), your other areas are not affected.
• For most people, you probably have a high number of items that require extra security, and it's very difficult or impossible to remember really good passwords for each item. Instead, store them all in a secure location, such as in a file on an encrypted disk image, on a USB memory storage device to which only you have access, in the System Keychain, or even on a piece of paper that's locked away in a secure location.
• Do not share your password with anyone else; that also means don't send it via email. Do not enter a password for a sensitive item, like a bank account, into an unprotected location, such as a non-secure website. It is possible for someone monitoring network traffic to obtain it.

• Use a long sequence of random characters. Include a mix of upper- and lowercase letters, numbers, punctuation marks, and (if the site or item supports it) characters typed while holding down the Option key.
• For easier-to-remember passwords, begin with a phrase, verse, or line from a song. Omit certain letters, and transform others into numbers or punctuation marks that resemble the original character. You might want to insert additional punctuation and numbers too. For example, the phrase "You will be welcomed" could be turned into "UW1llBvv3lc0meD;". And, of course, don't use our example password - everyone who sees this document will know it!
• Good passwords are over 8 characters long and contain a mix of many different character types. Avoid using city names, street names, names of people (real or fictional), pet names, words found in a dictionary or popular book, phone numbers, birthdays, anniversaries, or simple combinations of these. Avoid using a recognizable spatial pattern of keyboard characters, such as a couple diagonal lines of keyboard keys, such as "njimko."

• The administrator account password. This password is required to perform many tasks on the computer, including setting system preferences, installing software, and administering user accounts. An administrator password is an administrator user's login password.
• User account passwords that allow users to log in to their home folders. This is often referred to as a "login password." Make it a good one.
• Your keychain can store passwords for various applications and resources on the computer in a secure manner. Your keychain password "unlocks" the keychain so that the passwords inside it can be used. Your keychain password is the same as your login password when you first set up your account, but can be changed via the Keychain Access utility.
• The optional master password that can be used in the event that a FileVault-protected user (Mac OS X 10.3 or later) forgets his or her login password.

Technorati Tags: mac os x, security