The Access Control preference pane allows you to change the username and passphrase needed to access your Mac, as well as the port number used by the iGet Mobile web server. This page documents how to change those items, but before doing so, it is important to know some basic facts about passphrases and security.
An important note about usernames, passwords, and security
It is tempting to use short, convenient usernames and passwords. But it is a very bad idea.
Many Mac users don't know this, but system crackers (i.e., what most people call "hackers") attempt to break into all of our computers on a regular basis. There might not be reason that an attacker would specifically target you or your Mac, but because of how the Internet works, they will target your system anyhow.
This is because there are are only a few billion addresses on the Internet, currently. That sounds like a lot, but there are hundreds of thousands of crackers around the world. With all of these attackers using automated tools to quickly scan IP addresses at random, and then trying to break into the computers that respond, in a given year your computer is probably attacked dozens, hundreds, or even thousands of times.
You might never notice, because Mac OS X is a relatively secure OS, and most of these attacks fail, and the automated system cracking software moves on to the next address. But if you set up a server on your Mac and use, for example, the username "jeff" and the password "jeff", an attacker WILL gain access to your Mac, guaranteed. lt's just a matter of time.
That's because the software used by crackers is pretty sophisticated. It runs through a dictionary of names and name combinations, and then tries each with many common permutations of passwords. So even if you made the password "jeff123jeff", your Mac would probably still get broken into.
How to create a good username password combination
There are many things you can do to make your server resistant to automated attacks like this.
- Use a longer passphrase, which includes lowercase and uppercase letters, as well as numbers.
- Use a longer, less guessable username as well. Even just using your first and last name, rather than only your first name, makes it much less likely that the username would be in a dictionary of names.
- Don't base the passphrase on the username.
Ultimately, the balance of convenience vs. security is up to you, but you should be aware of the risks. With this understanding, you can create a username and passphrase that works for you, while still providing a good measure of security.
Some examples of username/passphrase combinations:
Username
|
Passphrase
|
Comment
|
---|---|---|
David K. Morgan | clam 1978 sKK bKK yeah!! | Great. Secure, yet easy. |
DavidM | Me likes m00nbeams | Still pretty good |
dave | s#jKIs_hd$$k12 | Good, but hard to remember |
dave | i like girls | Not real great |
dave | dave2080 | Poor. Based on username. |
dave | girls | Terrible. Not secure at all. |
Once you've decided on a username and password, you can specify it (or change it at any time) using the Access Control preference pane.
The Access Control preference pane.
When you change the username and password, if the server is running at the time, it will be stopped and restarted.
- Username - The username you will be required to enter in the browser on your client device. It doesn't have to be based on your name; it can be anything you like.
- Passphrase - The passphrase that will be required to log into your iGet Mobile server. Use a combination of upper and lowercase letters, numbers, spaces and punctuation for better security.
- Port - The port number on which the server will listen for incoming connections. The default is 55555, but it can be changed if necessary. Each server running on the Mac needs a unique port number. Port numbers beow 1025 are reserved for the Mac's built-in servers, such as Personal Web Sharing, File Sharing, Screen Sharing, etc.
Next: Preferences: Network
See Also:
Additional Links: