Gary, than you for creating a 2024 version for all your subs. The information is valuable and I already learned a few things that I did and did not already have activated. Your reasoning for having something activated or not was easy to follow. Keep up the great work!
Thank you Gary once again for a straightforward security health check. I noticed that you focussed on the common sense settings and safe use of a Mac and didn't spend any time on the idea of having Anti Virus software on a Mac. As per your previous videos, I don't have AV software on my Mac and am comfortable with that. Kudos to you for focusing on these core settings and behavioral skills. Too often I run into people with "no time" for common sense practices instead 'relying" on paid AV software. To me that's a bit like inexperienced bicycle riders that don't prioritize improving their traffic and anticipation skills instead blindly pulling into traffic thinking that their helmet and high viz gear makes them safe.
Yep. And often it is the AV software that CAUSES the problems. So many of them are poorly developed or dishonest. But even a good one creates a false sense security that leads people into trouble.
Gary, thanks for the updates to this one! I didn't even think of going into Safari's own Settings/Notifications..... I found a few old news sites with permissions I nuked from orbit - Not needed any more.
Thanks I needed this. Someone broke into my intel imac and changed the firmware password and I couldn’t reinstall etc. He basically turned my iMac into a brick. Luckily I was almost in the market for a new mac so I just picked up the M4 mini. I want to do everything I can now to secure it. Great video.
Thank you very much. I just switched to a MacBook for most things. And although I know tons of security settings to change with Windows, I didn't have a list for Apple devices until today. ❤
Paused to go and check my auto-update software settings and noticed again a repeating annoyance - "they" don't automatically notify me even though all options are checked as you've shown them around 10:14. Once again I see that there's been an update waiting - for weeks. The darned red dot on System Settings in the Dock only shows AFTER I've gone to have a look. What on earth is the point of that? :/ It's like I'm supposed to check every day just because they don't want everyone updating at the same time. Thanks very much though for a lot of useful and accessible information. Appreciated greatly.
Same here, I only get notifications after I check because I know there’s an update. Also there is software like for my Logitech mouse that always shows an update but never gets updated.
Hmmm... the only thing I'm doing/not doing, is that my mbp is on pretty well 24/7, I rarely power down. Wonder if that might be it? Though can't see why it would have to be off to notify me/update, when I hear that some people carry on working with it happening in the background. Puzzling, but thank you for your comment. @@macmost
Typical users don't need it. Apps on macOS aren't just "listening" to incoming signals like an old Windows machine. It is only useful for certain kinds of developers.
Great video Gary, I didn't have to change a thing since I was already up on those suggestions. Great job, hopefully people are accessing these videos on UA-cam and learning something. Keep it going!
Thanks! I replaced my iMac (2013) with a new iMac (M1). I thought I could get my new iMac configured and running based on my experience and intuition. I soon realized that things are different between the two iMac. I've been watching your videos for guidance. Since this video was *updated for 2014* it was more helpful than your older videos. I hope you do more *UPDATES*
10:00 I have a MacBook pro with Ventura, and I don't have all these buttons for "automatically install from store, update apps", etc. for the Sofware updates. I just have the one button for automatic updates, and it's turned "on" so I'm assuming that I'm OK.
Great valuble details, thank you. What is your recommendation for an extra security layer with regular backup drives? I have a 3 x 16TB drive as a backup system. 1 main and 2 copies with work dating back over 20 years. All raid 0 so all individual drives which 1 of these is moved around a lot, therefore exposed to a larger risk of getting lost or stolen. Is there a good encryption to use without slowing down the drive too much?
That seems like overkill for a local backup. But more is better than too little, sure. I would just have a simply single drive as a local Time Machine backup and then get an online backup.
Very cogent items in today's video. One thing I do, I have my log in password in a language other than English. It is one not commonly spoken in this area. I've done that since OS9, or thereabouts. Very important points you made, today. Well worth doing.
Doesn't matter. If the word is found in ANY dictionary, then it is just as vulnerable. There aren't people typing in passwords to try them, these are programs (bots) doing it.
@@macmost I totally understand. I’ve seen several UA-camrs using 1Password. I currently subscribe to Norton and their various security services (VPN, Password Manager, Antivirus, etc.) but am reconsidering that purchase as my renewal is coming up. Just exploring other options.
Erase the whole Time Machine drive? Do you mean like you want to start over? In that case use Disk Utility, erase the drive, then set it up as a new Time Machine drive after that.
Hi Gary! Can you make a video about passkey? I keep seeing apple recommend using passkeys. I already use Safari passwords but it keeps saying passkeys are safer.
Yes, using passkeys is a good idea. If the service you are using offers them, follow the instructions to switch to using the passkey. Each service does it a little differently, so it is hard for me to do a tutorial on it.
You should set up a completely separate account for them, make it a standard account, not an admin. Then you can use Screen Time in System Settings for that account to further restrict what they can do.
Hi Gary. Have you considered doing a video on setting up encrypted email with a certificate (s/mime). I’m in the process of doing this and some of your viewers might be interested. Take care and have a great day. -Don
@@macmost Thanks for the quick reply. I'm more than a little paranoid about security so when I learned that this was possible I decided to do it just to give me and my wife a little more peace of mind. I've got the security on my home network cranked up quite a bit and am always on the lookout for new (to me) ideas. I'm a 69 year old home user with an IT (retired) background who likes to stay up-to-date. You're probably correct in thinking that most users wouldn't be all that interested but I thought I would raise the question just in case. My wife and I really enjoy your videos and always find them useful. Thanks again for getting back to me.
@@doncrabtree7538 But who are you emailing WITH? Just between you and your wife? Otherwise, how are you convincing the people at the other end to do it?
Can you encrypt without formatting an external drive by selecting the drive in finder, right click and select encrypt? It doesn't say anything about formatting when you get to the password screen.
@@macmost I wanted to encrypt a drive already in use without formatting. It seemed to suggest I could do this if I select the drive in finder and select encrypt.
Password for what? And why would you take a screenshot of it? For websites and services, generate a password using a password manager (like the one that is part of macOS) and it is saved in that password manager.
@@macmost I almost always have trouble with passwords. I was watching Gary he said write them down? Well if they’re long and difficult why not take a screenshot. That the point of my comment.
@@johnpurcellpurcell5207 More secure if they are written down (or printed out) on paper and put somewhere secure. That would require a physical theft to get at them. A screenshot is just a file on your computer. In that case a password manager is much much more secure than an image file outside of a password manager. And it offers no advantage over a text file with passwords anyway. Not sure why you would have an image file instead.
On Time Machine, you said you could click on something to encrypt it, but you did not explain where? I looked all over and could not find how to encrypt data going on to the drive with Time Machine.
I have an important question...: Under General/Sharing and you look at the very bottom... it says Local hostname. How can I turn it off so that it will not be detected at all.
Turn off the switch next to File Sharing at the top. And any other sharing option you don't want. If you have them off, then your Mac won't show up on the network when someone is looking for other machines using that type of service.
@@macmost well that's good to know. I have everything set to max sec level but this morning I saw that the firewall was set back to receiving incoming stuff. Anyway. I figured it has to be someone within the network. I used to have neighbor doing that once. Thank you again Gary. 🙏🏻🙏🏻
@@niluferozyoruk Unless you are a developer doing network things, or beta testing some network apps, then the Firewall doesn't matter. Mac apps aren't "open" to receive commands from the Internet like old-fashioned Windows apps may have been.
@@macmost I understand. But, could you consider if they could be ghosting my computer within the network, most possibly ISP level. I have many signs that this is happening... way too many signs. I hope I'm delusional :D
Hard to say without knowing your situation. Do you access the Internet on untrusted networks? Then you may want to use a VPN in those situations, though it only improves on privacy (not security) slightly and can be quite a hassle to use.
I have a newer iMac with the fingerprint ID. I don’t understand why it asks me to enter my password as well as my fingerprint when I wake it up after sleeping. I thought fingerprint was enough as on the iPad. This is such a nuisance compared with the old “touch any key” method.
If you are just unlocking the screen (wake from sleep) it shouldn't. If you shut it down it should. It also does it when it has been sleeping for a long time.
@@macmost thanks that must be what’s happening. It’s when I have left it sleeping overnight that it usually happens. Seems like a redundant thing but I’ve found it can be disabled in the settings. Unfortunately that means that touch id doesn’t work for other apps such as my password manager.
I’ve been wondering the same thing. Generally I’m away from my Mac on weekends - I leave it on and just allow it to sleep. When I go to use it again, say, Monday morning, I’m prompted to manually re-enter my password. I’m glad someone asked this question and also appreciate the Professor’s reply.
@@Quince828 Why would you disable it? It is only asks for the password in the morning, that's just one time. Then you get the convenience the rest of the day. How does disabling it help you?
@@macmost it’s one less password to remember and it’s quicker when I want to simply access one thing, ie look something up using Safari. I don’t understand why Apple thinks a second layer of security is needed when they have already incorporated touch id. They don’t require it on iPhone or iPad so why on the Mac?
To prevent account changes if Mac is stolen and thief gets password, go to Settings, Content&Privacy, and set a pin to restrict changes to Allow Passcode Changes and Allow Account Changes. Do this on iOS too.
Furthermore, consider not using TouchID as passwords imply consent since you actively need to enter them, your fingerprint can be taken from you or used in other ways against your will and even without your knowledge. Doing the same with a password would require visual hacking, key logging, or brute force and is therefore considerably more complicated than simply getting your fingerprint. TouchID is a convenience feature, as with all convenience features, it comes at the expense of some kind of degradation in security.
If someone has stolen your fingerprint and recreated it somehow (unlikely), they still need physical access to your Mac to use it. If they have both your fingerprint and your Mac then that's quite a situation you are in.
@@macmost I'm mostly thinking of journalists and whistleblowers. They were able to make a fake fingerprint with ballistic gel pretty easily from a scan of a fingerprint, it didn't require super high tech to do it. Point is if a government or an organization wanted in they would only need a fingerprint and the device. I do agree with you for most people it would be better to use the fingerprint and avoid the carpal tunnel of typing the password repeatedly haha. Thanks for your reply and the video!
@@ohokcool It isn't carpal tunnel that is the problem. It is weak passwords (or no password). Tell people to NOT use Touch ID and they will have to enter in their passcode so often they will end up using something too simple. But with Touch ID, they can use something longer, random and unique. That's the problem that Touch ID and Face ID solve. Telling everyone that spies are after them creates paranoia that ironically leads to weaker security.
14.4 is causing issues for some people. If you use your mac for work, I would recommend not having auto update on. For normal users it is okay to have on.
No. But there is a feature where you can have it communicate with nearby devices (iPhones, for instance) via Bluetooth to find it if it is "offline." See support.apple.com/guide/findmy-mac/set-up-fmm53101237/mac#:~:text=on%20or%20off.-,The%20Find%20My%20network,-is%20an%20encrypted
What about “iCloud Private Relay”? What about “Stealth Mode” in Firewall? What about “Lock Down Mode”? You didn’t talk about them at all. Very disappointing 😅😅😅
iCloud Private Relay is a privacy option, not a security one, and only for people with iCloud+. You don't need the macOS firewall unless you are developing or testing specialty network software. Lock Down Mode is definitely not something you should be turning on to make your Mac more secure unless there is an emergency. See support.apple.com/105120 Sorry you didn't like the video.
You state that ‘password hint’ should NOT be used. Why not? As long as that ‘hint’ is only valid for YOU, then there is no problem. All my ‘hints’ and ‘security question answers’ are things that merely ‘trigger’ an association in MY mind. There is no rhyme or reason to them, no association to the actual password or answer.
@@macmost …yoiu have missed the most critical part of my premise…. my hints NEVER weaken my passwords, because they make NO sense to others. There is NO connection, either logical nor causal, in any way, shape or form. One (old, about 30 years old, no longer used) hint was “me and myself”. For me, it triggered a SPECIFIC memory that had NOTHING to do with ‘me’ NOR ‘myself’, or even the complete phrase “me and myself”. Besides, anywhere Man can hide something, Woman can find. Beware.
@@ernestgalvan9037 It does. A hint only works if a password is weak. A strong password (random characters) couldn't have a hint. If your password is weak (names, words, dates, etc) then it is weak whether you have a hint or not. I mean do what you want. Put a key under the mat to your front door or whatever. But I'm giving advice here for people who want to improve security. I don't know what to make of your last statement. That's not the kind of thing I'm talking about here.
For me you the only trustworthy youtuber for my Imac ! :) Thanks a lot for all the years of hard work!
Gary, than you for creating a 2024 version for all your subs. The information is valuable and I already learned a few things that I did and did not already have activated. Your reasoning for having something activated or not was easy to follow. Keep up the great work!
Ditto
Great stuff - thanks Gary. I changed a couple of settings along the way, while watching this.
I've always loved that design of the house with the combination lock dial
Thanks for these updated security tips, Gary! Always useful to hear the latest tips from you.
Thank you, Gary! You always have such useful information!!
Thanks very much, Gary, for this informative video! Some excellent security recommendations.
Thank you Gary once again for a straightforward security health check. I noticed that you focussed on the common sense settings and safe use of a Mac and didn't spend any time on the idea of having Anti Virus software on a Mac. As per your previous videos, I don't have AV software on my Mac and am comfortable with that. Kudos to you for focusing on these core settings and behavioral skills. Too often I run into people with "no time" for common sense practices instead 'relying" on paid AV software. To me that's a bit like inexperienced bicycle riders that don't prioritize improving their traffic and anticipation skills instead blindly pulling into traffic thinking that their helmet and high viz gear makes them safe.
Yep. And often it is the AV software that CAUSES the problems. So many of them are poorly developed or dishonest. But even a good one creates a false sense security that leads people into trouble.
Great suggestions in your vid. Thank you. I subscribed to your channel because of this video.
Thank you Gary, as always, well presented and informative.
Thank you Gary✨. This information is very helpful ☺️✨.
Thank you Gary it was very useful 😀👍
Gary, thanks for the updates to this one! I didn't even think of going into Safari's own Settings/Notifications..... I found a few old news sites with permissions I nuked from orbit - Not needed any more.
Very good advice! Thanks!!
Thanks Gary, great info to implement. Keep up the good work 👍
Thanks I needed this. Someone broke into my intel imac and changed the firmware password and I couldn’t reinstall etc. He basically turned my iMac into a brick. Luckily I was almost in the market for a new mac so I just picked up the M4 mini. I want to do everything I can now to secure it. Great video.
Thank you Gary ❤.
As always I learned something new and things to think about for my Mac. Great job!
Thank you very much. I just switched to a MacBook for most things. And although I know tons of security settings to change with Windows, I didn't have a list for Apple devices until today. ❤
Fantastic, Thank you... 👍
Thank you Gary!
Thanks. Much appreciated.
Thank you!
Nice. good one
Paused to go and check my auto-update software settings and noticed again a repeating annoyance - "they" don't automatically notify me even though all options are checked as you've shown them around 10:14. Once again I see that there's been an update waiting - for weeks. The darned red dot on System Settings in the Dock only shows AFTER I've gone to have a look. What on earth is the point of that? :/ It's like I'm supposed to check every day just because they don't want everyone updating at the same time. Thanks very much though for a lot of useful and accessible information. Appreciated greatly.
That's not normal. You should get a notification.
Same here, I only get notifications after I check because I know there’s an update.
Also there is software like for my Logitech mouse that always shows an update but never gets updated.
Hmmm... the only thing I'm doing/not doing, is that my mbp is on pretty well 24/7, I rarely power down. Wonder if that might be it? Though can't see why it would have to be off to notify me/update, when I hear that some people carry on working with it happening in the background. Puzzling, but thank you for your comment. @@macmost
@@TR-rz1xt You should never need to shut it off (power it down). Just let it sleep.
It does that fairly frequently... which makes this issue all the more questionable. Thank you.@@macmost
Good video, but I was surprised that you didn’t talk about Firewall and its settings. It would be good to hear your thoughts on this.
Typical users don't need it. Apps on macOS aren't just "listening" to incoming signals like an old Windows machine. It is only useful for certain kinds of developers.
Great video Gary, I didn't have to change a thing since I was already up on those suggestions. Great job, hopefully people are accessing these videos on UA-cam and learning something. Keep it going!
Thanks! I replaced my iMac (2013) with a new iMac (M1). I thought I could get my new iMac configured and running based on my experience and intuition. I soon realized that things are different between the two iMac. I've been watching your videos for guidance. Since this video was *updated for 2014* it was more helpful than your older videos. I hope you do more *UPDATES*
10:00 I have a MacBook pro with Ventura, and I don't have all these buttons for "automatically install from store, update apps", etc. for the Sofware updates. I just have the one button for automatic updates, and it's turned "on" so I'm assuming that I'm OK.
Great valuble details, thank you. What is your recommendation for an extra security layer with regular backup drives? I have a 3 x 16TB drive as a backup system. 1 main and 2 copies with work dating back over 20 years. All raid 0 so all individual drives which 1 of these is moved around a lot, therefore exposed to a larger risk of getting lost or stolen. Is there a good encryption to use without slowing down the drive too much?
That seems like overkill for a local backup. But more is better than too little, sure. I would just have a simply single drive as a local Time Machine backup and then get an online backup.
Also, firmware passwords are deprecated with Apple silicon, superseded by FileVault
Very cogent items in today's video. One thing I do, I have my log in password in a language other than English. It is one not commonly spoken in this area. I've done that since OS9, or thereabouts. Very important points you made, today. Well worth doing.
Doesn't matter. If the word is found in ANY dictionary, then it is just as vulnerable. There aren't people typing in passwords to try them, these are programs (bots) doing it.
I do the same :-) This way it is easy to remember the password without writing it down.
@macmost
At 1:01 my change button is greyed out .
Are you using a standard user account?
@@macmost how do i know? Its my personal mac at home and only i use it. And there is only one account
@@tulitulko3973 If you have only one account, then it must be an admin one. So that can't be the problem. Try a restart and see if that fixes it.
@@macmost found it!
System settings/screen time/content privacy/preference restrictions
The for box must be ticked.
Thanks for the help anyway
I use multiple systems (OS and Windows). What is your recommended password manager!
I don't make recommendations like that as I don't review products. I use 1Password, but I haven't compared it to others sufficiently enough.
@@macmost I totally understand. I’ve seen several UA-camrs using 1Password. I currently subscribe to Norton and their various security services (VPN, Password Manager, Antivirus, etc.) but am reconsidering that purchase as my renewal is coming up. Just exploring other options.
I am getting so much great info from your videos. A question related to this video ... Safari > Websites. Which should you Allow, Deny, or Ask? TIA
What are you asking about, exactly? Safari > Websites doesn't make sense all by itself.
@@macmost I found the answer in another of your videos - Safari Cookies, Cache and History. My gosh, how many you have made! Thank you!
@@GASueZQ More than 4,000 since 2007, if you count the Patreon-exclusive ones. Even more if you count the courses.
At 5:34 shouldn't "Everyone" be set to no access or does someone still need the Mac's account password?
"Everyone" only applies to all users who are logged in. Yes, they have to be logged into the Mac.
Hi. Do you have a video about how to erase Time Machine and then encrypt?
Erase the whole Time Machine drive? Do you mean like you want to start over? In that case use Disk Utility, erase the drive, then set it up as a new Time Machine drive after that.
Hi Gary! Can you make a video about passkey? I keep seeing apple recommend using passkeys. I already use Safari passwords but it keeps saying passkeys are safer.
Yes, using passkeys is a good idea. If the service you are using offers them, follow the instructions to switch to using the passkey. Each service does it a little differently, so it is hard for me to do a tutorial on it.
Hi Gary…do Mac’s need any security software such as Clean my Mac?
ua-cam.com/video/fhYzpcDPZ5Y/v-deo.html
@@macmost Thank you Gary!
What if a secondary user is using the mac . And I want that person to use in a limited way ? What should I do
You should set up a completely separate account for them, make it a standard account, not an admin. Then you can use Screen Time in System Settings for that account to further restrict what they can do.
Hi Gary. Have you considered doing a video on setting up encrypted email with a certificate (s/mime). I’m in the process of doing this and some of your viewers might be interested. Take care and have a great day. -Don
No, because it isn't something that typical Mac users need. Even me, I've never needed it. What's your own use-case for it?
@@macmost Thanks for the quick reply. I'm more than a little paranoid about security so when I learned that this was possible I decided to do it just to give me and my wife a little more peace of mind. I've got the security on my home network cranked up quite a bit and am always on the lookout for new (to me) ideas. I'm a 69 year old home user with an IT (retired) background who likes to stay up-to-date. You're probably correct in thinking that most users wouldn't be all that interested but I thought I would raise the question just in case. My wife and I really enjoy your videos and always find them useful. Thanks again for getting back to me.
@@doncrabtree7538 But who are you emailing WITH? Just between you and your wife? Otherwise, how are you convincing the people at the other end to do it?
@@macmost the email that I am protecting is for close friends and family. I use other emails for everything else.
You re mac god ❤
Hi Gary, in the event of a disaster and I have to go to TIme-Machine and the files are encrypted.....,could this be an impediment to doing so?
Not sure what you mean. Do you mean if you lost the encryption password? You've go to save that somewhere (or in multiple places).
Can you encrypt without formatting an external drive by selecting the drive in finder, right click and select encrypt? It doesn't say anything about formatting when you get to the password screen.
Not sure what you are trying to do. You want to format (erase) the drive? You do that in Disk Utility.
@@macmost I wanted to encrypt a drive already in use without formatting. It seemed to suggest I could do this if I select the drive in finder and select encrypt.
@@dannyjo22 Yes, that's what it does. The second sentence of your initial question made it sound like you were looking for formatting options.
@@macmost thank you!
I can use family members laptop to backup my iPhone ?
Technically you could. But why not use iCloud?
If we generate a very hard password and simply take a screen shot to save it…is that sufficient?
Password for what? And why would you take a screenshot of it? For websites and services, generate a password using a password manager (like the one that is part of macOS) and it is saved in that password manager.
@@macmost I almost always have trouble with passwords. I was watching Gary he said write them down? Well if they’re long and difficult why not take a screenshot. That the point of my comment.
@@johnpurcellpurcell5207 More secure if they are written down (or printed out) on paper and put somewhere secure. That would require a physical theft to get at them. A screenshot is just a file on your computer. In that case a password manager is much much more secure than an image file outside of a password manager. And it offers no advantage over a text file with passwords anyway. Not sure why you would have an image file instead.
On Time Machine, you said you could click on something to encrypt it, but you did not explain where? I looked all over and could not find how to encrypt data going on to the drive with Time Machine.
It is a choice you make when you set up Time Machine.
So how do I setup Time Machine? I go to settings and I have no option to change it to encrypted.@@macmost
I have an important question...: Under General/Sharing and you look at the very bottom... it says Local hostname. How can I turn it off so that it will not be detected at all.
Turn off the switch next to File Sharing at the top. And any other sharing option you don't want. If you have them off, then your Mac won't show up on the network when someone is looking for other machines using that type of service.
@@macmost well that's good to know. I have everything set to max sec level but this morning I saw that the firewall was set back to receiving incoming stuff. Anyway. I figured it has to be someone within the network. I used to have neighbor doing that once. Thank you again Gary. 🙏🏻🙏🏻
@@niluferozyoruk Unless you are a developer doing network things, or beta testing some network apps, then the Firewall doesn't matter. Mac apps aren't "open" to receive commands from the Internet like old-fashioned Windows apps may have been.
@@macmost I understand. But, could you consider if they could be ghosting my computer within the network, most possibly ISP level. I have many signs that this is happening... way too many signs.
I hope I'm delusional :D
I have to add though... Mac is really supportive in this privacy topic. It's very sturdy !
Do you need a VPN? If so, what do you recommend?
Hard to say without knowing your situation. Do you access the Internet on untrusted networks? Then you may want to use a VPN in those situations, though it only improves on privacy (not security) slightly and can be quite a hassle to use.
my only doubt is Vault...
I have a newer iMac with the fingerprint ID. I don’t understand why it asks me to enter my password as well as my fingerprint when I wake it up after sleeping. I thought fingerprint was enough as on the iPad. This is such a nuisance compared with the old “touch any key” method.
If you are just unlocking the screen (wake from sleep) it shouldn't. If you shut it down it should. It also does it when it has been sleeping for a long time.
@@macmost thanks that must be what’s happening. It’s when I have left it sleeping overnight that it usually happens. Seems like a redundant thing but I’ve found it can be disabled in the settings. Unfortunately that means that touch id doesn’t work for other apps such as my password manager.
I’ve been wondering the same thing.
Generally I’m away from my Mac on weekends - I leave it on and just allow it to sleep. When I go to use it again, say, Monday morning, I’m prompted to manually re-enter my password.
I’m glad someone asked this question and also appreciate the Professor’s reply.
@@Quince828 Why would you disable it? It is only asks for the password in the morning, that's just one time. Then you get the convenience the rest of the day. How does disabling it help you?
@@macmost it’s one less password to remember and it’s quicker when I want to simply access one thing, ie look something up using Safari. I don’t understand why Apple thinks a second layer of security is needed when they have already incorporated touch id. They don’t require it on iPhone or iPad so why on the Mac?
To prevent account changes if Mac is stolen and thief gets password, go to Settings, Content&Privacy, and set a pin to restrict changes to Allow Passcode Changes and Allow Account Changes. Do this on iOS too.
sshd-keygen-wrapper....??
Furthermore, consider not using TouchID as passwords imply consent since you actively need to enter them, your fingerprint can be taken from you or used in other ways against your will and even without your knowledge. Doing the same with a password would require visual hacking, key logging, or brute force and is therefore considerably more complicated than simply getting your fingerprint. TouchID is a convenience feature, as with all convenience features, it comes at the expense of some kind of degradation in security.
If someone has stolen your fingerprint and recreated it somehow (unlikely), they still need physical access to your Mac to use it. If they have both your fingerprint and your Mac then that's quite a situation you are in.
@@macmost I'm mostly thinking of journalists and whistleblowers. They were able to make a fake fingerprint with ballistic gel pretty easily from a scan of a fingerprint, it didn't require super high tech to do it. Point is if a government or an organization wanted in they would only need a fingerprint and the device. I do agree with you for most people it would be better to use the fingerprint and avoid the carpal tunnel of typing the password repeatedly haha. Thanks for your reply and the video!
@@ohokcool It isn't carpal tunnel that is the problem. It is weak passwords (or no password). Tell people to NOT use Touch ID and they will have to enter in their passcode so often they will end up using something too simple. But with Touch ID, they can use something longer, random and unique. That's the problem that Touch ID and Face ID solve. Telling everyone that spies are after them creates paranoia that ironically leads to weaker security.
14.4 is causing issues for some people. If you use your mac for work, I would recommend not having auto update on. For normal users it is okay to have on.
So newer macs send their location back to Apple even when powered off?
No. But there is a feature where you can have it communicate with nearby devices (iPhones, for instance) via Bluetooth to find it if it is "offline." See support.apple.com/guide/findmy-mac/set-up-fmm53101237/mac#:~:text=on%20or%20off.-,The%20Find%20My%20network,-is%20an%20encrypted
I don't see the need to set a lock timer on the screen, if your going to step away just lock the screen manually.
What about “iCloud Private Relay”?
What about “Stealth Mode” in Firewall?
What about “Lock Down Mode”?
You didn’t talk about them at all.
Very disappointing 😅😅😅
iCloud Private Relay is a privacy option, not a security one, and only for people with iCloud+. You don't need the macOS firewall unless you are developing or testing specialty network software. Lock Down Mode is definitely not something you should be turning on to make your Mac more secure unless there is an emergency. See support.apple.com/105120
Sorry you didn't like the video.
Oh, please. An Apple Id password of a random string is impractical. Ask any AppleCare Advisor whether that’s a good idea 😂
Why is that impractical? Do you have trouble remembering it? After using it a few times you should be able to remember it.
You state that ‘password hint’ should NOT be used. Why not?
As long as that ‘hint’ is only valid for YOU, then there is no problem.
All my ‘hints’ and ‘security question answers’ are things that merely ‘trigger’ an association in MY mind. There is no rhyme or reason to them, no association to the actual password or answer.
Write your password down, store it somewhere safe. No need to weaken things with a "hint."
@@macmost …yoiu have missed the most critical part of my premise…. my hints NEVER weaken my passwords, because they make NO sense to others.
There is NO connection, either logical nor causal, in any way, shape or form.
One (old, about 30 years old, no longer used) hint was “me and myself”. For me, it triggered a SPECIFIC memory that had NOTHING to do with ‘me’ NOR ‘myself’, or even the complete phrase “me and myself”.
Besides, anywhere Man can hide something, Woman can find. Beware.
@@ernestgalvan9037 It does. A hint only works if a password is weak. A strong password (random characters) couldn't have a hint. If your password is weak (names, words, dates, etc) then it is weak whether you have a hint or not. I mean do what you want. Put a key under the mat to your front door or whatever. But I'm giving advice here for people who want to improve security. I don't know what to make of your last statement. That's not the kind of thing I'm talking about here.
Words are not important. The length of the password and range of characters is.
It's all binary.