More About Logging In


The most important options that affect logging in are set from the System Preferences Accounts pane (Figure 2-12). At the bottom of the list of accounts is a picture of a house labeled Login Options. Click this icon to disable the automatic login feature or to select between the List of users and the Name and password text boxes method of logging in. Under Mac OS X Server, the default setup provides name and password text boxes and always requires a user to log in.

Figure 2-12. System Preferences Accounts pane


What to Do if You Cannot Log In

When you enter your username or password incorrectly, the system shakes the login window from side to side after you enter both your username and password. The shaking effect is supposed to look like someone shaking his head "no." This behavior tells you that you have entered either the username or the password incorrectly, or that they are not valid. The behavior does not differentiate between an unacceptable login name and an unacceptable password, in an effort to discourage unauthorized people from guessing names and passwords to gain access to the system. The additional security of not disclosing the existence of a specific account is one of the advantages that the name and password text boxes method of logging in has over the list of users method. If you cannot log in check the following:

  • The login name and password are case sensitive.

    Make sure that the CAPS LOCK key is off and that you enter your name and password exactly as specified or as you set them up. If the CAPS LOCK key is on, the login window utility helpfully displays an up-arrow graphic to warn you.

  • Make sure your login name is valid.

    Another reason the login/password combination may not be valid is that you have not been set up as a user. If you are picking your account from a list, only available accounts are listed, so you know that your account has been set up. Otherwise, check with the system administrator. Mac OS X allows you to use either your long or short username (the long name is generally your name; the short name is a lowercase name that is set up when your account is created).

Refer to "Changing Your Password" on page 36 when you want to change your password.

Logging In on the Text Console

The name and password text box method of logging in (Figure 2-2, page 21) offers access to a nongraphical login called the text console that provides an interface similar to a traditional text terminal. To use the text console, enter the string >console in the Name text box and press RETURN. This special login string does not require a password. When you press RETURN OS X displays a blank screen with a traditional, textual UNIX Login: prompt. Enter your username and password in response to the prompts as described in "Textual Login" on page 21.

Once you log in in this manner, you are working with the shell and a command line interface (page 23)you have no access to graphical features. You can use the text console as a fail-safe login because it bypasses the graphical environment, including Finder. Frequently you can repair or replace (from backups) corrupt files in this environment when you cannot log in to a graphical environment. The text console is the same environment that OS X provides in single-user mode (page 437).

Logging Out

To log out from a graphical interface, select Log Out username (username is replaced by your long username) from the Apple menu. From a character-based interface, press CONTROL-D or give the command exit in response to the shell prompt. Exiting from a shell does not end a graphical session; it just exits from the shell you are working with. For example, exiting from the shell that Terminal provides closes the Terminal window.

Changing Your Password

If someone else assigned you a password, it is a good idea to give yourself a new one. A good password is seven or eight characters long and contains a combination of numbers, uppercase and lowercase letters, and punctuation characters. Avoid using control characters (such as CONTROL-H) because they may have a special meaning to the system, making it impossible for you to log in. Do not use names, words from English or other languages, or other familiar words that someone can easily guess.

For security reasons none of the passwords you enter is ever displayed by any utility.

Security: Protect your password

Do not allow someone to find out your password: Do not put your password in a file that is not encrypted, allow someone to watch you type your password, give it to someone you do not know (a system administrator never needs to know your password), or write it down.


Security: Choose a password that is difficult to guess

Do not use phone numbers, names of pets or kids, birthdays, words from a dictionary (not even a foreign language), and so forth. Do not use permutations of these items.


Security: Differentiate between important and less important passwords

It is important to differentiate between important and less important passwords. For example, Web site passwords for blogs or download access are not very important; it is acceptable to use the same password for these types of sites. However, your login, mail server, and bank account Web site passwords are critical: Never use these passwords for an unimportant Web site.


Your password should meet the following criteria to be relatively secure:

  • It should be at least six characters long.

  • It should not be a word in a dictionary of any language, no matter how seemingly obscure.

  • It should not be the name of a person, place, pet, or other thing that might be discovered easily.

  • It should contain at least two letters and one digit.

  • It should not be your login name, the reverse of your login name, or your login name shifted by one or more characters.

  • If you are changing your password, the new password should differ from the old one by at least three characters. Changing the case of a character does not make it count as a different character.

When you successfully change your password, you change the way you log in. If you forget your password, Superuser can change it and tell you your new password.

Changing Your Password Graphically

To change your password in a GUI, open System Preferences, go to the Accounts pane, select your account from the list on the left, and click Change Password. You must enter your new password twice before clicking Change Password or the system will not change it. When you change your password this way, you can set a password hint to remind you of your password. However, setting password hints is a poor security practice; it is better to pick a password you can remember.

Changing Your Password Textually

You can also change your password by giving the command passwd from the command line; using the passwd utility changes your login password, but does not change your Keychain password. (The Keychain password is used by various graphical applications. You can change the Keychain password using the Keychain Access application.)

The first item passwd asks you for is your old password. This password is verified to ensure that an unauthorized user is not trying to alter your password. Next the system requests the new password.

After you enter your new password, the system asks you to retype it to ensure you did not make a mistake when you entered it the first time. If the new password is the same both times you enter it, your password is changed. If the passwords differ, it means that you made an error in one of them, and the system displays an error message:

Mismatch; try again, EOF to quit. 





A Practical Guide to UNIX[r] for Mac OS[r] X Users
A Practical Guide to UNIX for Mac OS X Users
ISBN: 0131863339
EAN: 2147483647
Year: 2005
Pages: 234

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net