Safer Internet: Offline: Accounts

Why?

  • + Protect (encrypt) personal, sensitive (even deleted) files with a strong password (macOS: FileVault; iOS: default)
  • + Deny others easy access to your device: auto-login apps, e.g., messaging, email, password resets
  • - Inconvenience of entering password, esp. if short timeout

Basic

  • username basis with boss[1] Set a strong password / passcode on your computer, tablet, phone
  • Set a longer timeout to minimize your logins and inconvenience; shorter timeout when travelling?
  • Limit number of login attempts? auto-erase?
  • Add contact info maybe -- in case of loss (vs. Privacy) -- see Services: Location section
  • Protect sensitive files on drive -- see Encryption section
  • Avoid giving your password to tech support (esp. remote scammers) -- and if you do, change it immediately afterwards
  • baby usernamemacOS : System Preferences > Security & Privacy > Change Password
  • System Preferences > Users & Groups > Password > Change Password -- to set initial password, or change other accounts
  • System Preferences > Security & Privacy > Require password > (time)
  • Use same strong admin password for main disk (FileVault) and backup drive, e.g., TimeMachine
  • iOS: Settings > Passcode > Turn Passcode On
  • iOS: Settings > Passcode > Change Passcode > Passcode Options: Custom Alphanumeric Code, Custom Numeric Code, 6-Digit Numeric Code
  • Use more than default PIN, e.g., 4-digit (iOS 8), 6-digit (iOS 9+); so attacker won't know length and will take much longer
  • Although letters and symbols can be included, a much longer numeric PIN can be entered more easily on larger number-only keypad; still difficult to brute force if OS limits login attempts
  • iOS: Settings > Passcode > Require Passcode > After x minutes/hours shorter when traveling?
  • iOS: Settings > Passcode & gt; Allow Access When Locked : Today View, Recent Notifications, Control Center, Siri, Home Control, Return Missed Calls
  • iOS: Settings > Passcode > Erase Data after 10 failed passcode attempts
  • iOS: Settings > Touch ID & Passcode fingerprint sensor on selected models, e.g., iPhone 6

Intermediate

  • login[2] Setup separate accounts for each user
  • Admin account for installs/updates; 2nd admin backup account
  • Non-admin accounts for routine use to avoid accidental malware
  • Setup "Parental Controls" on shared computers?
  • When: now, or the next time you upgrade your OS or replace hardware, and migrate user info
  • macOS: System Preferences > Users & Groups

Advanced

  • admin acct[3] Set a firmware password (macOS, Win) to prevent booting with other OS, accessing file system
  • May still be appropriate for some high security situations; alternatively, enable whole disk encryption
  • [3] Set a SIM PIN on cellular devices, e.g., iPhone, some iPads -- see Connection : WiFi section

References

Android

iOS

macOS

Windows