I was reading a thread, helping someone who had lost his admin password and installation disks (yeah, I know, I thought the same thing). I know that if someone stole my computer, they could just wipe my hard drive and they could just do whatever they wanted, but I thought my data was secure. But one of the old-timers around here (well, I've been posting for 10 years, but not at the level of some of you guys) posted this link:
In other words, with a simple hack at startup, you can reset the admin password, and gain entry into my Mac. Well, that pretty much ruined my day. I knew that the admin password was useless, it's just to keep girlfriends/children/creepy friends out of my computer, but I assumed that if you did get in through some hack, the keychain, for example, was locked.
Here's what I've done or I'm considering doing:
- De-link the keychain from the Admin password. I had recently linked them, because I thought I was secure, but now I know it's not.
- Most of my stuff is in 1Password which is rock solid from everything I've read.
- I'm out of ideas.
I've never considered Filevault, ever since trying it many years ago and having all kinds of problems. I guess that's a possibility. Is there any type of root password? I mean why can someone access my Linux root with a simple hack at log-in?
Any other security ideas or links would be helpful. I need to balance paranoid protection and ease of use. Once I log into my computer, I usually am around to watch it (since it's an iMac). When I leave the house, that's when I want it locked down.