Make your Mac safer online: Five tips for better password security

How-to
By last updated

Seems like there are endless examples of security problems with all the Internet services we depend on. What can we do?

Gotofail. Heartbleed. Target. Sony's PlayStation Network. The NSA. It seems like every few weeks, there's a new story circulating in the news about major security breach concerning systems that you rely on. What can you do to protect yourself?

The bottom line is that attacks do happen, so it's best to try to minimize the risk you face when these services inevitably are breached. Here are some tips to help you stay as safe as possible by changing your password habits.

1. Don't reuse the same password

It's easy to remember one password, more difficult to remember dozens. That's why many of us end using a single password for several different services we access. If you're doing this, don't. It's huge mistake. You're making it much easier for someone to get access to all of your accounts when you do this, especially if stolen information about you includes your e-mail address or other crucial identifying information you use across multiple sites.

2. Change your passwords...often

Get into the habit of changing passwords on a regular basis, at least on higher-risk sites and services like your bank or other financial institutions or anywhere sensitive data about you is maintained. Whether it's monthly, quarterly, whatever, make sure you don't use the same password forever. Many of these institutions may require you to change your password periodically already, but many (like my bank) don't. So make sure to shore up your security by filling in those gaps when necessary.

Use strong passwords

Don't use dictionary terms; hackers often employ word lists straight from the dictionary. That's why many services now require you to use a combination of letters, numbers and other characters.

Don't use the name of your spouse, pet, kids or any other information that might be gleaned from a potentially compromised personal profile.

The longer, the better. Some services have minimum password lengths they'll allow, but it's often a good idea to extend it even further. If your service requires an eight character password but allows up to 16, use as many letters as you can. Mix up letters, numbers, upper and lower case, punctuation — anything you can do to make it harder to crack your password.

3. Use two-step authentication if it's an option

Check to see if the services you rely on use two-step authentication. Google, many banks, even iCloud support two-step authentication.

The idea behind two-factor authentication is to combine something you know, like a password, with something you have, like your cell phone. While it does add a layer of complexity to interaction with services you depend on, it is very secure, because while a hacker might be able to get your password, they're unlikely to have access to your cell phone or another device you use for authentication.

4. Use a password manager or even just a notebook to keep track

Rotate passwords periodically. Use strong passwords. Use different passwords for every different service — it's easy to lose your mind with passwords. Make it easy on yourself by using a password manager.

Password managers are standalone apps that help you manage passwords for all the different sites and services you use. Some, like Mavericks' own iCloud Keychain and Agile's 1Password, work on both OS X and iOS.

If you can't afford a password manager right now or you don't feel comfortable using one, consider getting a dedicated notebook to keep track of your passwords, assuming you're a home user with relatively little security risk. It sounds counterintuitive: If it falls into the wrong hands, a notebook with your passwords can jeopardize your online safety, no question. (It pays to keep the notebook somewhere safe, that's for sure, to keep out prying friends and relatives).

But on the other hand, many of us aren't trying to keep friends, family and coworkers away from our online accounts, but hackers from the far corners of the globe who we've never met and are unlikely ever to meet. To that end, a notebook can be a relatively secure option.

5. Be safe

These are just a few common-sense tips to protect yourself online; there are a lot of other things you can do to keep your identity safe while you're online.

Your best tips for better Mac password security?

I suspect you have a few of your own that you're dying to share, so lay 'em on me in the comments!

Peter Cohen
Peter Cohen
Latest in Security
iPhone 15 Plus review
Recent Apple iPhone spyware alerts could have been triggered by China-linked attacks, researchers say
Google One VPN on iPhone
Google is about to give iPhone owners a privacy and security headache as it prepares to shut down another key service
iCloud Keychain on iPad
I can finally use iCloud Keychain and ditch 1Password thanks to this key new feature
At home with 15-inch MacBook Air, on a mosaic balcony table and on a wooden floor.
Old-school Mac malware is hiding in plain sight in this productivity app
M2 Macbook Pro 13 Inch Hero
Researcher claims a key Mac security feature can be bypassed and Apple won't fix it
macOS Ventura Passkeys
The apple.com website adds passkey support, but there's a catch
Latest in How-to
iPhone 16 Event Invite It's Glowtime
How to watch the iPhone 16 Glowtime reveal event - tune in for iPhone 16, iPhone 16 Pro, iPhone 16 Plus and iPhone 16 Pro Max
macOS Sequoia
Here's how to use Window Tiling on macOS Sequoia
iPhone 14 with Messages app on home screen
Here's how to add some flair to your messages with new iOS 18 text effects
watchOS 11
How to pause activity streaks in watchOS 11
Apple Intelligence Siri on iPhone 15 Pro Max
How to type to Siri on iOS 18 and why it's made me use it more
Control Center iOS 18
Control Center has been supercharged in iOS 18 — here’s how to get the most from it
More about security
iPhone 15 Plus review

Recent Apple iPhone spyware alerts could have been triggered by China-linked attacks, researchers say
Google One VPN on iPhone

Google is about to give iPhone owners a privacy and security headache as it prepares to shut down another key service
iMore Logo

One more thing… Goodbye from iMore
See more latest