Never type your administrator password again!
I always get annoyed having to type in my password every time I update Safari, install a new program, etc.
In addition, no one uses this machine other than me.
So now, I've reset my password to nothing. Blank. Every time I get asked for my password I hit "Enter."
Try it, you'll like it.
In addition, no one uses this machine other than me.
So now, I've reset my password to nothing. Blank. Every time I get asked for my password I hit "Enter."
Try it, you'll like it.
Comments
The answer is probably yes, but for some folks who are OK with this, it is efficient.
Originally posted by mrmister
Herm. Well, it kind of FUBAR's some of the safety net passwords....
I've thought about that. It's not like you're disabling the password process altogether, just that you're choosing an easy password.
On my iMac, I just love never having to lift my hand off the mouse - I just hit the enter key with my right thumb.
Originally posted by francisG3
I've thought about that. It's not like you're disabling the password process altogether, just that you're choosing an easy password.
Ayup. And guess what every cracking script tries first? An empty password. Next is 'password'.
I really can't recommend AGAINST this practice highly enough. You're just setting yourself up for cracking by any random script kiddie that comes along.
Originally posted by Kickaha
Ayup. And guess what every cracking script tries first? An empty password. Next is 'password'.
I really can't recommend AGAINST this practice highly enough. You're just setting yourself up for cracking by any random script kiddie that comes along.
Thanks to the eye-candy sheet animation in OS X, hacking passwords just got a little more difficult.
If you really want to protect yourself against disctionary attacks, th3n wr1t3 l1k3 th1s. It works.
Are you trying to tell me someone over the internet is going to hack into my computer unless I have a password on my OS X account?
Maybe I need an education here. In OS 9, there was no such thing as a password. And I don't remember people ever getting their OS 9 machines hacked into. It never was a concern, actually.
Now that I'm in OS X, I have an easy password, and now I'm vulnerable ?
If I boot into OS 9, am I safer, or more at risk?
But you're no safer, too. That's the big thing.
The big push with security in Mac OS X is to make it safer than Classic Mac OS was. In Classic, you ran everything as root. You and any of your software were free to do anything destructive that they wanted. Anything could go in and trash the System Folder and other important goodies. The security structure in Mac OS X is set up to stop that.
There aren't any efforts that I know of that are out there trying to crack Mac users in particular. This is all about taking preventative measures, though. It's like insurance. Sure, you may not think you need it today, but in the event of a freak disaster, you're going to be kicking yourself hard for not making that small effort.
You wont get it...
Because I am a safe computer user that does not like to run the risk of an unprotected system.
Unix-like systems are great for staying safe.
So now, I've reset my password to nothing. Blank. Every time I get asked for my password I hit "Enter."
so.....
what IP address you connecting from?
Originally posted by alcimedes
so.....
what IP address you connecting from?
Naughty moderator, trying to bait this unsuspecting fellow
Under Classic (9), everything (security, FTP, web serving, file sharing) was Apple's own proprietary protocols. Sure, people could go find out enough to crack them, but no one bothered. Too few computers.
Now, we're using the *same* protocols as everyone else, more or less, which means that the same tools that the crackers have built to get access to Unix boxen around the globe can now be targeted at us. Whoo.
But.
The tools and protocols we're using offer a pretty darned spiffy amount of protection *if* you use a little prevention and common sense.
A blank password satisfies neither.
For instance, one could (heck, *I* could) sniff traffic on your network (say, your ISP's public traffic?), and see your IP, see your username when you access your mail elsewhere, and say "Hmmm... I wonder if..." and *blam*, I can log in as you, and do anything to your files you can. Fun, huh? IP addresses and user names are frequently *not* sent hidden, because the protection is in... you guessed it... having a good password. You're basically advertising your IP and username on a regular basis, and having zero password protection only makes you vulnerable is someone *does* decide to target you.
Is it *likely*? Well heck, I dunno - I'm on a good ISP, and see a crack attempt a couple times a month into my server. (I see Windows virus attacks a dozen times a day...)
So, changed it to something non-empty yet?
the MOST important being "Remote Login" which allows A.N.Other to ssh into your machine and sudo all sorts of things which you REALLY don't want to happen.
Originally posted by lungaretta
I thought i'd add a word of advice if you are using a simple (or blank) password for your administrator account: turn off any services that you have running under sharing.
the MOST important being "Remote Login" which allows A.N.Other to ssh into your machine and sudo all sorts of things which you REALLY don't want to happen.
And please put your firewall up.
Originally posted by francisG3
I always get annoyed having to type in my password every time I update Safari, install a new program, etc.
In addition, no one uses this machine other than me.
So now, I've reset my password to nothing. Blank. Every time I get asked for my password I hit "Enter."
Try it, you'll like it.
I only make my admin password more then 0 characters when a program doesn't work without it (some programs, like delocalizer, NEED you to have a password.)
P.S. While writing most of this post I saw a McAffee VirusScan PC ad. How ironic, Mac OS X v10.1 and later don't have any viruses!
Originally posted by ryaxnb
How ironic, Mac OS X v10.1 and later don't have any viruses!
10.0 has viruses? I never read about any.