How to password protect your Mac

With so many security threats about, having a Mac password is the first step towards keeping your Mac safe. And crucially, it needs to be a smart one. In this article, we look at how to set a password on Mac that another person or a smart virus would find difficult to crack. 

Even according to recent studies, too many people are still using passwords, such as 1234 or Password or Password1 — ones that are too simple to be secure. This means that your Mac is easier to break into, and so your data is vulnerable. 

On new Macs, you can use biometrics, known as TouchID. Already popular on iPhones and iPads, this is another layer of security that is unique to you, making them almost impossible to hack into. However, for everyone who still uses passwords, here is how to set a password for a Mac. 

1. Set a Firmware password 

Although you might not realize it, your Mac is vulnerable, even with a strong password. 

Did you know that your Mac could be vulnerable to someone booting it up using an external hard drive? This method sidesteps every security measure in place. 

One way to remove the worry of someone booting your Mac using an external hard drive is to set up a Firmware password. 

Before you do this, please note that it can’t be easily reset. If you forget it, you are probably going to need an Apple Genius Bar or a certified reseller/expert to fix the problem. Firmware passwords live in a special area of persistent memory on your Mac’s mainboard, so take good care of this one. 

Before proceeding with the steps, boot your Mac into recovery mode. 

For an Intel-based Mac:

  1. Go to Apple menu > Restart.
  2. Immediately press and hold Command+R.
  3. Don’t release the keys until you hear Mac’s startup sound or until the Apple logo appears.

For a Mac with Apple silicon:

  1. When turning on your Mac, press and hold the Power button.
  2. Keep it pressed until you see startup options.
  3. Click the Gears icon (Options) and hit Continue.
  4. You may be asked to select a user and enter their administrator password. Follow on-screen instructions and press Next after any action you take.

Once booted into recovery mode, follow these steps:

  1. Wait until the macOS Utilities screen appears, and then click on Utilities > Startup Security Utility.
  2. Now you can switch on Firmware password. 
  3. Enter a new password (something secure and different from other passwords already in use) and confirm it.
  4. Now click Set Password and then Quit Firmware Password Utility.
  5. And finally, click on the Apple () menu, then > Restart.

2. Delete any passwords 

Another way to improve security is to start from scratch — always a good move if you are concerned that passwords might have been compromised. To do this, use a third-party app with impeccable reputation — CleanMyMac X. Just follow these steps: 

  1. Download CleanMyMac X (for free, here).
  2. Click on the Privacy module.
  3. Use this to erase old passwords.
  4. Now follow steps 3 (below) and 1 (above) — if you want extra security — to create stronger new passwords on every app and account you want to reset.
CleanMyMac X - Privacy module

3. Make your new password more secure 

What we all need is layers of security. 

Use a variable mix of numbers and letters, which is one of the main reasons people use password software to retain and remember all of them. 

When you use a mix of lower case letters, UPPER CASE LETTERS, numbers (ideally not in sequence, e.g., 4179, and not something that someone could easily guess, such as a birthday) and symbols (e.g., $%@), you make a password more secure than if you only used one or two of those characters. 

4. Different device — different passwords 

It might sound like common sense from a security perspective, but what security experts find is that convenience often beats other concerns. 

To properly protect your Mac and all it contains, you need to set a password that isn’t used on another device, such as an iPhone or iPad. Make sure your iCloud password is not the same as your Mac’s because if someone gets one device, and that is connected through iCloud to your Mac, then everything on the Mac is at risk. 

So use different passwords for different devices, especially when there is a cloud connection that potentially puts everything in the reach of criminals. 

5. Scan for password-stealing software (keyloggers)

Something else to watch out for is keylogger software. Also known as keystroke software. This records everything you type. So when typing in a password, or even when a password is entered using a keychain, this malicious software records it and, unless it’s been detected and shut down, sends the data back to whoever wants to use it. 

Here is how you remove this particularly unwanted and high-risk threat: 

  1. Download CleanMyMac X (for free, here)
  2. Click on the Malware Removal module.
  3. This will show you any malware, viruses, or keylogger scanners hiding within your Mac. 
  4. Now use it to safely and quickly delete them.
  5. It’s always worth restarting your Mac after this to clear everything out of cookies and cache. 
Removing malware files

Passwords keep us safe

Passwords keep the wolf from the door. In the digital world, bots and cybercriminals are waiting to exploit any vulnerability and weakness, starting with our passwords. We need every defense we can possibly set up to protect us. 

Having a secure password is the first step towards keeping your Mac protected. Beyond that, it helps to know that you’ve got apps that can monitor the health of your Mac and protect it from malware, viruses, and keylogger tracking software. CleanMyMac X can do both — improve the performance of a Mac and remove malicious software, malware, and other viruses.

Laptop with CleanMyMac
CleanMyMac X

Your Mac. As good as new.