Mac Security for Crypto and Steem Holders - The Basics
Would you like to see what are the basic settings of a Mac to protect yourself from unauthorized access because if you are holding Steem or other cryptocurrency in a wallet, you absolutely have to be as careful as possible?
I am writing this post for people who use their Mac to hold and transact with cryptocurrencies, but the advice I give are valid for anyone who want a secure machine.
There are different applications that you can install on your Mac to make it more secure, but if you are just setting your Mac properly, it will already be 95% secure, in my opinion.
You may want to read my first post, which talks about how you can protect your Mac from malwares: Mac Security for Crypto and Steem Holders
Most people with Macs just don't know the basics of securing their machine. They will not set any administrator password, will auto log in into their account at start-up and don't use the firewall. I have helped several people with their Mac and when the basics are not there, then issues arise and that's the user's fault, not Apple's, that has done a great job making their machine more secure than PCs.
Background image in thumbnail source pixabay.com.
Mac Security for Crypto and Steem Holders - The Basics
The first thing you have to do when you buy a new Mac is to create a new user for your daily use and have a password for both the administrator account and the user accounts. On a new machine there is no password set up usually.
If your Mac is not new and you are using your admin account for daily tasks and auto login, or worse, have no password, follow what I explain below as soon as possible.
Set up your users
You have to go to the "System Preferences" and click on the "Users & Groups" button.
There you can see the users I have set up. My daily account is "Michel," a Standard account and I have the Admin account, which I never login into.
If you already have a password set up, and want to change something, you have first to authenticate by clicking on the lock. Then you will have to enter your Admin username and password.
Then click "Unlock" and you will have administrator privileges.
If for you it is set-up like that, it's already good. You might only have the Admin account from where you are doing this and it will ask you the password the same.
You can reset the "Admin" password if you wish.
Notice that the lock is now unlocked and you can do all the changes you want.
If you go to your "Standard" account, you can change the password in the same manner.
I suggest that you uncheck "Allow user to administer this computer" because there is no point to have a "Standard" account if it can act as an admin.
If you have kids using the computer, you might want to enable parental controls, but if you have cryptocurrencies on your Mac, it would be preferable not to have kids using the computer.
This is what you have when you change the password. It will ask you for your old password, which you have to leave empty if there is no previous password, enter a new password and verify it again.
Click the "Change Password" button.
If you don't have a "Standard" account, this is how to create one.
Click on the "+" sign and this will open this window.
Select "Standard" for the new account, give it a name and a password.
Click "Create User" and you are done.
Have different passwords for the "Standard" and "Admin" accounts.
If you have been doing that from the "Admin" account, log out from Admin and log in with your new "Standard" account.
Go back to the "Users & Groups" section of "System Preferences."
The next step is to set up the login options.
You have to unlock first and then click the "Login Options" button.
Set up "Automatic login" to OFF.
Then, I suggest you check the box for "Show the Sleep, Restart and Shut Down buttons"and also "Show Input menu in login window" so you can change the keyboard input from the login window. Also check the box for "Show fast user switching menus as" so you can switch from one account to the other quickly.
Do not forget to lock the lock when you are done.
Now, you are going to use your standard account for your daily work and never log in back as admin. When you want to install or uninstall an application you will be asked for the admin username and password as shown below.
Nothing can be now installed and run without your knowledge. Of course, you have to be careful about what you install and where you downloaded it from because the application may contain a virus or malware and you won't know.
If your Mac is left unattended, lost or stolen, then the passwords will make it very difficult to have someone enter the machine.
Set up your general security and firewall
The next step is to go to the "Security & Privacy" section in "System Preferences."
On the "General" tab, I suggest that you check the box for "Require password immediately" after sleep or screen saver begins, and of course, set up your sleep and screensaver.
If you are logged in your Steem account, your Lastpass password manager and everything else at all time, and someone can just get to your Mac while you are in the bathroom, you are in serious problem.
Your hacker might just be your co-worker!
You have first to unlock the lock as explained earlier to make any change.
Check the box for "Disable automatic login."
That's a very important one.
Then in the "Allow apps downloaded from" section, select "Mac App Store and identified developers." If you select this option, then it will be very unlikely to have a bad app as Apple is doing its best to protect all its users.
If you try to install an app downloaded somewhere else, you will have warnings and the possibility to reconsider using that application.
The next tab is for "Firewall" and lots of users just ignore it.
You just have to click on "Turn On Firewall."
When the Firewall is on, this will protect you against unauthorized applications, programs and services from accepting incoming connections.
This will not protect you against outgoing connections and I will write another post to show you what you need for that.
Click on "Firewall Options."
The "Block all incoming connections" can be used if for example you are in a hostile environment or being under attack. For regular use, it is better unchecked.
What I suggest you to do is check the two options you see in the image above. The first one will allow signed software to work normally and the second one, "Enable stealth mode," will make your Mac invisible on the network. When nobody sees it, nobody hacks into it.
Another thing that is important to do on a Mac is to do the updates when they are made available.
Also, it's better not to use illegal file sharing services as you may just download and authorize the installation of an application that is compromised.
I hope that this post is useful for you to secure your Mac.
Would you upvote this post and follow me for more because this will encourage me to write more posts about Mac security like this one?
Would you please help @jerrybanfield become a top 10 Witness because you can help funding projects to build Steem as explained here? Vote for jerrybanfield as a witness or set jerrybanfield as a proxy to handle all witness votes at https://steemit.com/~witnesses. Read the 5 reasons why I'm voting for Jerry Banfield as a witness and how to vote in my post. You may be interested to read: What is a Steem Witness, How to Vote and Why?