Mac|Life

Master basic macOS security

The first steps that will safeguard your Mac and your data for online activity

1 Lock your Mac

Many security features are irrelevant once someone has physical access to your Mac, including a thief. Keep them out. In Apple > System Prefs > Security & Privacy > General, you should have a login password set up for your user account, and ensure “Require password” is checked and set to Immediatel­y.

2 Heed the Gatekeeper

In the same place, no matter what is selected for “Allow apps downloaded from”, you can still open apps from unidentifi­ed developers: Ctrl– click one in Finder and pick Open, then click Open on the warning dialog. But think twice, and never enter your admin username and password if you’re unsure.

3 Look for the lock

Many web addresses start with “https://” rather than “http://”, meaning they use SSL to encrypt data exchanged with them. A padlock in Safari’s search bar confirms it. Don’t enter sensitive data if this is missing. If it’s there, it just means the connection is secure, not that the site owner is legit.

4 Cancel Java

A few apps still require Java — which is different from JavaScript, commonly used online — on your Mac, but it’s a bit of a security nightmare. You can install it from java.com, manage it in System Prefs > Java, and turn it on in Safari > Prefs > Websites if you really need to — but if you don’t, well… don’t.

5 Secure online accounts

iCloud and many third–party online services now offer 2FA (two–factor authentica­tion), requiring “something you know” (login details) and “something you have” (typically your iPhone, or a small device that generates a key code). Enable it unless you have a good reason not to; it makes your accounts harder to hack.

6 Always update

Most new security threats are patched very quickly by Apple and other vendors. But this will only keep you safe if you install updates promptly. Unlike on iOS, you can usually roll back automatic updates if they cause issues. If you prefer to keep automatic updates off, don’t keep ignoring or snoozing alerts indefinite­ly.