Texas Tech University.
TTU Home Safe Computing Practices Lubbock Community Recommended Computing Practices
logo small

Securing Your Mac

1. Choose good passwords

There are many programs out there that can easily guess every word in the dictionary. Be sure your passwords are not English words.

The best passwords are very long (at least eight to ten characters) and include numbers and even punctuation. But don't make your passwords so hard to remember that you have to write them down. One idea is to use the first letters of words in an easy-to-remember phrase.

2. Practice 'safe surfing'

Don't be afraid to enter confidential information, such as credit card numbers, into websites, but be sure that those websites are secure before you do. Look for a lock icon in the bottom left corner of your Web browser. As long as a site's secure, using a credit card online is in many ways safer than giving out that number over the phone or using a card in person. Also, don't download or install software if you aren't sure who it is from or what it does. If you didn't explicitly ask to download something, don't open or save it.

3. Don't open email attachments

Before opening any email attachments, be sure you know the source of the attachment. It is not enough that the mail originated from an address you recognize. The Melissa virus spread precisely because it originated from a familiar address. Malicious code might be distributed in amusing or enticing programs. Most email servers will filter viruses in email attachments but some still get through. For example, a new virus called Beagle.H bypasses many virus scanners by sending the virus in a password protected zip file. You should never open an attachment unless you know exactly what it is.

If you must open an attachment before you can verify the source, we suggest the following procedure:

For additional protection, you can disconnect your computer's network connection before opening the file.

Following these steps will reduce, but not wholly eliminate, the chance that any malicious code contained in the attachment might spread from your computer to others.

4. Install an antivirus application

Antivirus applications block viruses coming in through email or hidden in a downloaded application or file, but do nothing to prevent a hacker who's actively trying to infiltrate your machine. Texas Tech University provides Symantec AntiVirus for Macintosh free of charge. You can download this software from the eRaider website.

5. Install a firewall

Personal firewalls block (and log) active intrusion attempts, which are increasingly common these days. Even if you think you have nothing to lose on your Mac, a hacker could easily hijack your machine and use it in attacks against others. Macintosh Panther has a built in and very easy to use firewall. For information on how to enable and use the Macintosh Panther firewall, please visit http://support.apple.com/kb/HT1810.

6. Leave unused Internet services off

Out-of-the-box, Macs are usually quite secure, since Apple has turned off all Internet services. In general, you should leave them off, particularly file sharing. If you need to enable an Internet service, be sure to configure your personal firewall to limit access to specific Internet addresses and be sure to use good passwords. Of course, you should turn the service back off when you're done with it.