Security and Accounts

I would be grateful for some input on advice I am giving to a local user here with a MacBook (although that in itself is not relevant).
Like many who buy Macs in this part of the world, the computer is "set up" for the users before they take delivery. That entails installation of some extra software and creation of an account. That account has a simple name, the password is the Enter/Return key, and the automatic login is allowed. All of this gives the user perhaps the most insecure system possible (on a Mac anyway).
I have urged the man to use passwords and to have another account for day to day working. However, as the computer has been used for several months, there is much data in the basic account. I am suggesting that an Admin account be created (with a strong password) and, as the original account has that data, intend to guide the user into changing that to a Standard account (again with a sensible password). I will also advise, of course, against changing account name/short name for either account.
Any comments or other suggestions that might help this user to keep it all tidy, please?

For people getting new machines, I recommend that they immediately create a new admin user account, disable auto login, log into the new account, and delete the *account created by the reseller*.
If you want to have those users go through the setup assistant again, boot into single-user mode (command-S during startup) and, once the command-line prompt appears, type the following lines, following each with hitting the return key:
*mount -uw /*
*cd /private/var/db/*
*rm .AppleSetupDone*
exit
When you hit RETURN after typing exit, OS X will restart and the setup assistant will launch automatically. Once the users goes through that process, then delete the account the reseller created as outlined above.

Similar Messages

  • New Imac. I get rid off login password from security and account and restart. Now it asks for username and password and it's not acepting anything. Any ideas?

    New Imac. I get rid off login password from security and accounts and restart. Now it asks for username and password and it's not acepting anything. Any ideas?

    First, reset your password as follows.
    Boot into Recovery by holding down the key combination command-R at startup. Release the keys when you see a gray screen with a spinning dial.
    When the OS X Utilities screen appears, select Utilities ▹ Terminal from the menu bar.
    In the Terminal window, type this:
    resetpassword
    That's one word with no spaces. Then press return. A Reset Password window opens.
    Select your boot volume if not already selected.
    Select your username from the menu labeled Select the user account if not already selected.
    Follow the prompts to reset the password. It's safest to choose a password that includes only the characters a-z, A-Z, and 0-9.
    Select  ▹ Restart from the menu bar.
    You should now be able to log in with the new password, but you won't be able to unlock the Keychain. If you've forgotten the Keychain password (which is ordinarily the same as your login password), there's no way to recover it. You’ll need to reset your keychain in the preferences of the Keychain Access application.
    If you're being prompted to authenticate when making changes to files inside your home folder, continue as follows.
    Back up all data now.
    This procedure will unlock all your user files (not system files) and reset their ownership and access-control lists to the default. If you've set special values for those attributes on any of your files, they will be reverted. In that case, either stop here, or be prepared to recreate the settings if necessary. If none of this is meaningful to you, you don't need to worry about it.
    Step 1
    Launch the Terminal application in any of the following ways:
    ☞ Enter the first few letters of its name into a Spotlight search. Select it in the results (it should be at the top.)
    ☞ In the Finder, select Go ▹ Utilities from the menu bar, or press the key combination shift-command-U. The application is in the folder that opens.
    ☞ Open LaunchPad. Click Utilities, then Terminal in the icon grid.
    Drag or copy — do not type — the following line into the Terminal window, then press return:
    sudo chflags -R nouchg,nouappnd ~ $TMPDIR.. ; sudo chown -R $UID:20 ~ $_ ; chmod -R -N ~ $_ 2> /dev/null
    Be sure to select the whole line by triple-clicking anywhere in it. You'll be prompted for your login password, which won't be displayed when you type it. You may get a one-time warning not to screw up. You don't need to post the warning. If you don’t have a login password, you’ll need to set one before you can run the command.
    The command will take a noticeable amount of time to run. Wait for a new line ending in a dollar sign (“$”) to appear, then quit Terminal.
    Step 2
    Boot into Recovery by holding down the key combination command-R at startup. Release the keys when you see a gray screen with a spinning dial.
    When the OS X Utilities screen appears, select Utilities ▹ Terminal from the menu bar. A text window opens.
    In the Terminal window, type this:
    resetpassword
    That's one word with no spaces. Then press return. A Reset Password window opens. You’re not going to reset a password.
    Select your boot volume if not already selected.
    Select your username from the menu labeled Select the user account if not already selected.
    Under Reset Home Directory Permissions and ACLs, click the Reset button.
    Select  ▹ Restart from the menu bar.

  • I forgot the answer of the two deep security and my account has been locked. How do I retrieve the answers?

    I forgot the answer of the two deep security and my account has been locked. How do I retrieve the answers?

    Do you have a rescue email set up? Then reset your security questions at iForgot:
    http://iforgot.apple.com
    If you do not have set up a rescue email, you'll need to speak to our Account Security team for security purposes.
    To contact an Account Security Advisor, call the AppleCare technical support team. To find the right phone number, see this article:
    Contacting Apple for support and service
    http://support.apple.com/kb/HE57
    When you call, ask to speak to the Account Security team.
    Regards
    Léonie

  • HT5312 If I already have an Itunes I.D. and account, how do I set up a rescue email and change my security questions?

    If I already have an Itunes I.D. and account, how do I set up a rescue email and change my security questions?

    As an alternative ...
    Rescue email address and how to reset Apple ID security questions

  • Would apple Support send me an email saying: "   We need to ask you to complete a short and brief step to securing and validating your account information.   Click here to complete validation   Failure to complete our validation process will result in a s

    We need to ask you to complete a short and brief step to securing and validating your account information.
    Click here to complete validation
    Failure to complete our validation process will result in a suspension of your Apple ID.

    You are welcome. The emails are difficult to block effectively, because the spammer/phishers continually fake their sending email address. You can, however forward the email to Apple.
    [email protected]

  • My computer continually asks me to enter my password for Keychain access. This problem is continuos and I am having trouble with eliminating it. I have changed my password through Security and my Accounts numerous times to no avail.  Is there anythin

    My computer continually asks me to enter my password for Keychain access. This problem is continuos and I am having trouble with eliminating it.
    I have changed my password through Security and my Accounts numerous times to no avail.
    Is there anything I can do other than Resetting the entire computer and re installing all of the software, apps, etc.etc.

    Back up all data before proceeding.
    Launch the Keychain Access application in any of the following ways:
    ☞ Enter the first few letters of its name into a Spotlight search. Select it in the results (it should be at the top.)
    ☞ In the Finder, select Go ▹ Utilities from the menu bar, or press the key combination shift-command-U. The application is in the folder that opens.
    ☞ Open LaunchPad and start typing the name.
    Select the login keychain from the list on the left side of the Keychain Access window. If your default keychain has a different name, select that.
    If the lock icon in the top left corner of the window shows that the keychain is locked, click to unlock it. You'll be prompted for the keychain password, which is the same as your login password, unless you've changed it.
    Right-click or control-click the login entry in the list. From the menu that pops up, select
              Change Settings for Keychain "login"
    In the sheet that opens, uncheck both boxes, if not already unchecked.
    From the menu bar, select
              Keychain Access ▹ Preferences... ▹ First Aid
    There are four checkboxes in the window that opens. Check all of them. if they're not already checked. Close the window.
    Select
              Keychain Access ▹ Keychain First Aid
    from the menu bar and repair the keychain. Quit Keychain Access.
    If you use iCloud Keychain, open the iCloud preference pane and uncheck the Keychain box. You'll be prompted to delete the local iCloud keychain. Confirm. Then re-check the box. Follow one of the procedures described in this support article to set up iCloud Keychain on an additional device.

  • Security on Entities and Accounts, FMv11

    Hi
    What is the correct setup in shared services when having enabled security for both entities and accounts in application settings?
    My goal is to give a user access to a specific account for a specific number of entities.
    If I give a user read access to specific entities and write access to a specific account and none access to other accounts the user get read access to all accounts.
    If I give a user write access to specific entities and write access to a specific account and none access to other accounts the user get write access to all accounts.
    If I give a user no specific access to entities and write access to a specific account and none access to other accounts the user get no access to anything.
    Can someone please point me in the right direction?

    What access does the user have for the [Default] class? Any metadata that has no specified class uses the security access of the [Default] class. In general I strongly recommend you give all users either Read or All access to the [Default] class.
    If you have ten accounts, for example, and you have a user who should access only eight of the ten accounts, you must apply a security class "A" to the eight accounts, granting the user Read or All access to class "A", and then assign class "B" to the remaining two accounts, granting the user "None" access to class "B".
    --Chris                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           

  • Security and/or filtering error in data form creation

    Hi,
    I am getting this error when I am trying to preview my data form.
    This is the first time I am creating an application and data form in Hyperion.
    The data form is multicurrency and plan type is Plan1.
    Row:
    Account members: Descendants(Account)
    Column:
    Year:Descendants(FY10)
    Period:Descendants(YearTotal)
    Page Dimension(s)
    Entity:Descendants(Entity)
    Scenario:Current
    Version:BU Version_1
    POV:
    Currency:USD
    Disabled all options in "Other options" and Not selected any business rukes.
    When selecting preview data form I am getting below error:
    Security and/or filtering has resulted in a required dimension not being represented on this data form
    I have not selected any security/filter settings as of now. Please suggest whats causing this.
    Thanks,

    Hi Jake,
    I did what you suggested,but I am still getting same error.
    Here I would like to point out that. I have selected my application to support multicurrency, but 'HSP_RATES' does not come in Dimension selection drop down. I can see 'HSP_RATES' in Performance settings tab, but I cant see it in Dimensions tab or Evaluation order tab.
    Is this causing problem? Should I add it manually?
    Thanks,
    Rajni.

  • Secure and non-secure access to the web application in one war

    Say we have one web application (in one war) which includes JSP, servlets and the security intercepter. There is one business requirement to have most of the JSP(s) accessed via HTTPS, but a few JSP(S) accessed via HTTP.
    My questions are:
    a. Is this possible, or a reasonable requirement or a good practice?
    b. if yes, what can we do to make it happen in the security intercepter implementation?
    c. If not, what is the technical reasons?
    Thanks much.

    a) Yes its is reasonable and good practive, there is an overhead using https, so you should only encrypt file you need to. When you use an online store, only account details / payments are https, the shop itself is http
    b) I dont really understand your difficulty. You can define a folder as 'secure' and put all your secure pages in this folder, leaving non secure files in a different folder. Whenever a page in the secure folder is accessed, https is automatically invoked.

  • Security and privacy

    Hello after recently updating to Yosemite i can no longer edit the security and privacy section of system preferences. When I select the accessibility pane for example, when I click the lock to make changes and then enter my Admin password and click unlock, it will unlock but then instantly re lock before I can do anything. This is really making me angry, any ideas?

    Hello hoanghuu,
    Thanks for using Apple Support Communities.
    If you are not receiving the reset email and you do not know the answers to your security questions, then please contact Apple account security in your country by finding their contact information in the article below.
    Apple ID: Contacting Apple for help with Apple ID account security - Apple Support
    Take care,
    Alex H.

  • Discover Card Secure online account nos. won't work in Firefox. It says browser not found. It works in IE8.

    I have Discover Card Secure Online Account Nos. installed. When I try to use it in Firefox, it says browser not found. If I use it in IE8, it works fine.
    == This happened ==
    Every time Firefox opened

    Do you have that problem when running in the Firefox SafeMode?
    [http://support.mozilla.com/en-US/kb/Safe+Mode]
    ''Don't select anything right now, just use "Continue in SafeMode."''
    If not, see this:
    [http://support.mozilla.com/en-US/kb/troubleshooting+extensions+and+themes]

  • Ask the Expert: Introduction to Cisco Adaptive Security Appliance (ASA) version 9.x (Context Aware Security and VPN Features)

    With Namit Agarwal and Rahul Govindan 
    Welcome to the Cisco Support Community Ask the Expert conversation. This is an opportunity to learn and ask questions about Cisco Adaptive Security Appliance (ASA) version 9.x (Context Aware Security and VPN Features) with experts Namit Agarwal and Rahul Govindan.
    This is a continuation of the live webcast.
    Cisco ASA CX (Context-Aware) is a next generation firewall service that serves as an extension to the Cisco Adaptive Security Appliance (ASA) firewall platform. In addition to the proven stateful inspection firewall capabilities, it provides us with next-generation capabilities and a host of additional network-based security controls for end-to-end network intelligence and streamlined security operations.
    Namit Agarwal is a customer support engineer at the Cisco Technical Assistance Center in Bangalore, India. He has more than four years of experience in the security domain. His areas of expertise include ASA firewalls, IPS, and ASA content-aware security (ASA CX). He has been involved in various escalation requests from around the world. He holds CCIE certification (number 33795) in security.   
    Rahul Govindan has been an engineer with the Security Technical Assistance Center team in Bangalore for more than three years. He works on security technologies such as VPN; Cisco ASA firewalls; and authentication, authorization, and accounting. His particular expertise is in Secure Sockets Layer VPN and IP security VPN technologies. He holds CCIE certification (number 29948) in security.
    Remember to use the rating system to let Namit and Govindan know if you have received an adequate response. 
    Because of the volume expected during this event, Namit and Govindan might not be able to answer every question. Remember that you can continue the conversation in the Security community, subcommunity VPN shortly after the event. This event lasts through November 1, 2013. Visit this forum often to view responses to your questions and the questions of other Cisco Support Community members.
    Webcast related links:
    Slides from the live webcast
    Video Recording of the live webcast
    Introduction to Cisco Adaptive Security Appliance (ASA) version 9.x (Context Aware Security and VPN Features): FAQ from live webcast

    Hello Namit and Rahul,
    Here are few questions that came in directly during your live webcast hence posting them here so that users can benifit:
    1)      How is ASA CX different from other UTM solutions ?
    2)      How is dynamic application inspection of CX better than other inspection engines  ?
    3)      What features or functionalities on the CX are available by default ?
    4)      what are the different ways we can run or install CX on the ASA platform ?
    5)      What VPN features are supported with multi context ASA in the 9.x release ?
    6)      What are the IPv6 Enhancements in the ASA version 9.x ?
    Request you to please provide your responses to them individually.
    Thanks.

  • Security and permissions issue

    I don't know if what happened with me is a problem or just a normal thing!
    I have Windows Server 2003, PCs, and MACs, the following scenario happening:
    1-A Mac (MacBook) bind (Joined) the domain (Windows Server 2003).
    2-Log in to the Mac using network account (account from the Windows Server 2003).
    3-Connect to the server (Command + K in Finder) and access the share folders on the server (Windows Server 2003).
    4-Now when I see the info for any shared folder from Mac (Right click and Get Info) I just get Administrators (Read Only) and Every one (No Access), but if I see the security from the Windows server I got many securities and deferent from what I got on Mac.!!!
    Also is there any way to get full permissions like Windows when we go to: Right Click on folder -> Properties -> Security -> Advanced -> Permissions. is there something like that in Mac??
    Thanks in advance.

    Strongly suggest posting to a windoze server forum.
    …is there any way to get full permissions like Windows when we go to: Right Click on folder -> Properties -> Security -> Advanced -> Permissions. is there something like that in Mac??
    Select the file/folder and CMD+I allows you to change permissions. Alternatively, see System Preferences->Shariing and Accounts (unlock the lock and CONTROL-click an account->Advanced Settings.

  • Sharing calendar appears on another persons device - security and privacy risk

    I really wanted to raise this as a bug, but couldn't find anywhere to do that.
    On my wife's iPhone which is running iOS 7, I wanted to share her iCloud calendar to my Apple ID so that I could see her calendar from my iPhone (also iOS 7).  Although I received the email telling me to accept the shared calendar, when I clicked the link it told me I was not authorized.  I then discovered that my parents had received the sharing invite on their phone (iOS 4.2.1) which they accepted and could see her calendar.
    This is a security and privacy risk because they are not connected to my iCloud account and it is not the account we specified to share with.  Also we did not specify their account to share with.  How can this happen?  Their iPhone was never registered to my Apple ID.  The only connection I can think of is that I believe my email address (which is also my Apple ID) is listed as their secondary email address or something.

    Sorry just realised it was their iPad 3 that received the invite not their iPhone, and it would have been running iOS 6

  • Security and privacy system preferences not working after Lion install.  What to do?

    Security and privacy system preference not working after Lion install.  Not sure if it happen with Lion installer or after updating. What to do?

    Please read this whole message before doing anything.
    This procedure is a diagnostic test. It won’t solve your problem. Don’t be disappointed when you find that nothing has changed after you complete it.
    Third-party system modifications are a common cause of usability problems. By a “system modification,” I mean software that affects the operation of other software — potentially for the worse. The following procedure will help identify which such modifications you've installed. Don’t be alarmed by the complexity of these instructions — they’re easy to carry out and won’t change anything on your Mac.
    These steps are to be taken while booted in “normal” mode, not in safe mode. If you’re now running in safe mode, reboot as usual before continuing.
    Below are instructions to enter some UNIX shell commands. The commands are harmless, but they must be entered exactly as given in order to work. If you have doubts about the safety of the procedure suggested here, search this site for other discussions in which it’s been followed without any report of ill effects.
    Some of the commands will line-wrap or scroll in your browser, but each one is really just a single line, all of which must be selected. You can accomplish this easily by triple-clicking anywhere in the line. The whole line will highlight, and you can then either copy or drag it. The headings “Step 1” and so on are not part of the commands.
    Note: If you have more than one user account, Step 2 must be taken as an administrator. Ordinarily that would be the user created automatically when you booted the system for the first time. The other steps should be taken as the user who has the problem, if different. Most personal Macs have only one user, and in that case this paragraph doesn’t apply.
    Launch the Terminal application in any of the following ways:
    ☞ Enter the first few letters of its name into a Spotlight search. Select it in the results (it should be at the top.)
    ☞ In the Finder, select Go ▹ Utilities from the menu bar, or press the key combination shift-command-U. The application is in the folder that opens.
    ☞ If you’re running Mac OS X 10.7 or later, open LaunchPad. Click Utilities, then Terminal in the page that opens.
    When you launch Terminal, a text window will open with a line already in it, ending either in a dollar sign (“$”) or a percent sign (“%”). If you get the percent sign, enter “sh” (without the quotes) and press return. You should then get a new line ending in a dollar sign.
    Step 1
    Copy or drag — do not type — the line below into the Terminal window, then press return:
    kextstat -kl | awk '!/com\.apple/{printf "%s %s\n", $6, $7}'
    Post the lines of output (if any) that appear below what you just entered (the text, please, not a screenshot.) You can omit the final line ending in “$”.
    Step 2
    Repeat with this line:
    sudo launchctl list | sed 1d | awk '!/0x|com\.(apple|openssh|vix)|edu\.mit|org\.(amavis|apache|cups|isc|ntp|postfix|x)/{print $3}'
    This time, you'll be prompted for your login password, which won't be displayed when you type it. You may get a one-time warning not to screw up. You don't need to post the warning.
    Note: If you don’t have a login password, you’ll need to set one before taking this step. If that’s not possible, skip to the next step.
    Step 3
    launchctl list | sed 1d | awk '!/0x|com\.apple|edu\.mit|org\.(x|openbsd)/{print $3}'
    Step 4
    ls -1A /e*/mach* {,/}L*/{Ad,Compon,Ex,Fram,In,Keyb,La,Mail/Bu,P*P,Priv,Qu,Scripti,Servi,Spo,Sta}* L*/Fonts 2> /dev/null
    Important: If you synchronize with a MobileMe account, your me.com email address may appear in the output of the above command. If so, anonymize it before posting.
    Step 5
    osascript -e 'tell application "System Events" to get name of every login item' 2> /dev/null
    Remember, steps 1-5 are all drag-and-drop or copy-and-paste, whichever you prefer — no typing, except your password. Also remember to post the output.
    You can then quit Terminal.

Maybe you are looking for