Stolen MacBook should I worry about my data?How to secure data before returning Macbook Air?Macbook pro, rootkithunterPatching Mac DMA attackShould I worry about a breach where my password was not revealed?Did I get “hacked”? Need helpIs non-malicious unauthorised usage likely to suggest a security compromise?How secure is the new MacBook Pro's Touch ID?MacBookPro's OSX install.log has entries that predate the initial unboxingHow to Best Minimize Damage After Loss of Computer

Does the Reduce option from the Enlarge/Reduce spell cause a critical hit to do 2d4 less damage?

Do sharpies or markers damage soft rock climbing gear?

Drawing probabilities on a simplex in TikZ

How could a self contained organic body propel itself in space

Counting the triangles that can be formed from segments of given lengths

Why is getting a PhD considered "financially irresponsible" by some people?

Alternatives to Network Backup

Does NASA use any type of office/groupware software and which is that?

Time difference between banns and marriage

Pen test results for web application include a file from a forbidden directory that is not even used or referenced

Stolen MacBook should I worry about my data?

What's the point of fighting monsters in Zelda BoTW?

Term used to describe a person who predicts future outcomes

Recommended Breathing Exercises to Play Woodwinds

Can I use coax outlets for cable modem?

Are there any to-scale diagrams of the TRAPPIST-1 system?

Using a JoeBlow Sport pump on a presta valve

Defending Castle from Zombies

Is a memoized pure function itself considered pure?

To what extent should we fear giving offense?

Did anybody find out it was Anakin who blew up the command center?

If I said I had $100 when asked, but I actually had $200, would I be lying by omission?

Will removing shelving screws from studs damage the studs?

How to pass 2>/dev/null as a variable?



Stolen MacBook should I worry about my data?


How to secure data before returning Macbook Air?Macbook pro, rootkithunterPatching Mac DMA attackShould I worry about a breach where my password was not revealed?Did I get “hacked”? Need helpIs non-malicious unauthorised usage likely to suggest a security compromise?How secure is the new MacBook Pro's Touch ID?MacBookPro's OSX install.log has entries that predate the initial unboxingHow to Best Minimize Damage After Loss of Computer






.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty margin-bottom:0;








2















Unfortunately, someone stole my laptop(Macbook) and I did not realize that for 48 hours. Now, this was a work laptop and my company's security team is going to wipe the laptop out remotely if it is on ASAP. Which is nice.



However, what I am worried about is more about what could happen in those first 48 hours.



  1. My passwords were all over the place(auto-fill on my browser etc)

  2. My evernote had some good amount of passwords

What I am guessing is that since it was stolen from my car, someone stealing it was interested more into selling parts of it or wipe it off and re-sell it(Not data). At least, I hope that.



Now, in worst case scenario, if it was stolen by a person who is dedicatedly interested in data. What are their options? Can they really crack open a Macbook and get my data?



If so, what are my options?










share|improve this question





















  • 1





    Given enough time and effort, in the worst case scenario, yes this would be possible. That's why we usually encrypt our drive(s) in order to prevent data leakage. In the meantime, you should change all your online passwords a.s.a.p.

    – Jeroen - IT Nerdbox
    7 hours ago

















2















Unfortunately, someone stole my laptop(Macbook) and I did not realize that for 48 hours. Now, this was a work laptop and my company's security team is going to wipe the laptop out remotely if it is on ASAP. Which is nice.



However, what I am worried about is more about what could happen in those first 48 hours.



  1. My passwords were all over the place(auto-fill on my browser etc)

  2. My evernote had some good amount of passwords

What I am guessing is that since it was stolen from my car, someone stealing it was interested more into selling parts of it or wipe it off and re-sell it(Not data). At least, I hope that.



Now, in worst case scenario, if it was stolen by a person who is dedicatedly interested in data. What are their options? Can they really crack open a Macbook and get my data?



If so, what are my options?










share|improve this question





















  • 1





    Given enough time and effort, in the worst case scenario, yes this would be possible. That's why we usually encrypt our drive(s) in order to prevent data leakage. In the meantime, you should change all your online passwords a.s.a.p.

    – Jeroen - IT Nerdbox
    7 hours ago













2












2








2








Unfortunately, someone stole my laptop(Macbook) and I did not realize that for 48 hours. Now, this was a work laptop and my company's security team is going to wipe the laptop out remotely if it is on ASAP. Which is nice.



However, what I am worried about is more about what could happen in those first 48 hours.



  1. My passwords were all over the place(auto-fill on my browser etc)

  2. My evernote had some good amount of passwords

What I am guessing is that since it was stolen from my car, someone stealing it was interested more into selling parts of it or wipe it off and re-sell it(Not data). At least, I hope that.



Now, in worst case scenario, if it was stolen by a person who is dedicatedly interested in data. What are their options? Can they really crack open a Macbook and get my data?



If so, what are my options?










share|improve this question
















Unfortunately, someone stole my laptop(Macbook) and I did not realize that for 48 hours. Now, this was a work laptop and my company's security team is going to wipe the laptop out remotely if it is on ASAP. Which is nice.



However, what I am worried about is more about what could happen in those first 48 hours.



  1. My passwords were all over the place(auto-fill on my browser etc)

  2. My evernote had some good amount of passwords

What I am guessing is that since it was stolen from my car, someone stealing it was interested more into selling parts of it or wipe it off and re-sell it(Not data). At least, I hope that.



Now, in worst case scenario, if it was stolen by a person who is dedicatedly interested in data. What are their options? Can they really crack open a Macbook and get my data?



If so, what are my options?







account-security macos apple






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited 7 hours ago









Conor Mancone

13.5k5 gold badges36 silver badges59 bronze badges




13.5k5 gold badges36 silver badges59 bronze badges










asked 8 hours ago









LostLost

1571 silver badge4 bronze badges




1571 silver badge4 bronze badges










  • 1





    Given enough time and effort, in the worst case scenario, yes this would be possible. That's why we usually encrypt our drive(s) in order to prevent data leakage. In the meantime, you should change all your online passwords a.s.a.p.

    – Jeroen - IT Nerdbox
    7 hours ago












  • 1





    Given enough time and effort, in the worst case scenario, yes this would be possible. That's why we usually encrypt our drive(s) in order to prevent data leakage. In the meantime, you should change all your online passwords a.s.a.p.

    – Jeroen - IT Nerdbox
    7 hours ago







1




1





Given enough time and effort, in the worst case scenario, yes this would be possible. That's why we usually encrypt our drive(s) in order to prevent data leakage. In the meantime, you should change all your online passwords a.s.a.p.

– Jeroen - IT Nerdbox
7 hours ago





Given enough time and effort, in the worst case scenario, yes this would be possible. That's why we usually encrypt our drive(s) in order to prevent data leakage. In the meantime, you should change all your online passwords a.s.a.p.

– Jeroen - IT Nerdbox
7 hours ago










2 Answers
2






active

oldest

votes


















5















If your laptop doesn't require a password, then they have your data.



If you had a password, and that password is required every time you open your screen, AND you had filevault turned on (or your company did), then they need to guess your password to decrypt the data.



But, if you had a dumb password, they can probably guess it. Check out haveibeenpwned.com to determine if you had a dumb password.



If you had a strong password, file vault, and your device requires you to enter a password, then you're probably ok.



Still, why not go through your accounts and reset them anyways. Now's a good of time as any. Get a password manager like 1password and let it autogenerate passwords for you. Choose a not-dumb password (like a truly random string of 10 characters - google a pw generator) for your password manager and memorize it.



Do the same for your new laptop password. You'll have to memorize two crazy passwords. Write them and put them in your wallet until you do remember them.






share|improve this answer




















  • 1





    While I generally agree with this response, I think it could be improved in a couple of ways. First, haveibeenpwned.com serves as a way to see if an email address has been associated with "dumps" containing a potential password to the account. It does not serve as a metric to measure password strength. Instead, I would reference a list of the most common passwords, as a thief who likely does not have password cracking skills is unlikely to manually test many besides these.

    – svartedauden
    6 hours ago






  • 1





    Second, while the suggestion of a password manager is good, I think the suggestion of a random string of 10 characters isn't in practice the ideal password for something like disk decryption or a password manager. While it's all up to personal preference, a set of words or a phrase could be easier to remember while being just as difficult if not more difficult to crack, depending on context.

    – svartedauden
    6 hours ago


















0















Even if you format (wipe) the data, someone clever enough can still recover it, but that requires some serious skills. Try to google "recovering formatted drives".



They would still need to crack your password as macs are encrypted.






share|improve this answer








New contributor



Puértolas Luis is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.























    Your Answer








    StackExchange.ready(function()
    var channelOptions =
    tags: "".split(" "),
    id: "162"
    ;
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function()
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled)
    StackExchange.using("snippets", function()
    createEditor();
    );

    else
    createEditor();

    );

    function createEditor()
    StackExchange.prepareEditor(
    heartbeatType: 'answer',
    autoActivateHeartbeat: false,
    convertImagesToLinks: false,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: null,
    bindNavPrevention: true,
    postfix: "",
    imageUploader:
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    ,
    noCode: true, onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    );



    );













    draft saved

    draft discarded


















    StackExchange.ready(
    function ()
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f216050%2fstolen-macbook-should-i-worry-about-my-data%23new-answer', 'question_page');

    );

    Post as a guest















    Required, but never shown

























    2 Answers
    2






    active

    oldest

    votes








    2 Answers
    2






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes









    5















    If your laptop doesn't require a password, then they have your data.



    If you had a password, and that password is required every time you open your screen, AND you had filevault turned on (or your company did), then they need to guess your password to decrypt the data.



    But, if you had a dumb password, they can probably guess it. Check out haveibeenpwned.com to determine if you had a dumb password.



    If you had a strong password, file vault, and your device requires you to enter a password, then you're probably ok.



    Still, why not go through your accounts and reset them anyways. Now's a good of time as any. Get a password manager like 1password and let it autogenerate passwords for you. Choose a not-dumb password (like a truly random string of 10 characters - google a pw generator) for your password manager and memorize it.



    Do the same for your new laptop password. You'll have to memorize two crazy passwords. Write them and put them in your wallet until you do remember them.






    share|improve this answer




















    • 1





      While I generally agree with this response, I think it could be improved in a couple of ways. First, haveibeenpwned.com serves as a way to see if an email address has been associated with "dumps" containing a potential password to the account. It does not serve as a metric to measure password strength. Instead, I would reference a list of the most common passwords, as a thief who likely does not have password cracking skills is unlikely to manually test many besides these.

      – svartedauden
      6 hours ago






    • 1





      Second, while the suggestion of a password manager is good, I think the suggestion of a random string of 10 characters isn't in practice the ideal password for something like disk decryption or a password manager. While it's all up to personal preference, a set of words or a phrase could be easier to remember while being just as difficult if not more difficult to crack, depending on context.

      – svartedauden
      6 hours ago















    5















    If your laptop doesn't require a password, then they have your data.



    If you had a password, and that password is required every time you open your screen, AND you had filevault turned on (or your company did), then they need to guess your password to decrypt the data.



    But, if you had a dumb password, they can probably guess it. Check out haveibeenpwned.com to determine if you had a dumb password.



    If you had a strong password, file vault, and your device requires you to enter a password, then you're probably ok.



    Still, why not go through your accounts and reset them anyways. Now's a good of time as any. Get a password manager like 1password and let it autogenerate passwords for you. Choose a not-dumb password (like a truly random string of 10 characters - google a pw generator) for your password manager and memorize it.



    Do the same for your new laptop password. You'll have to memorize two crazy passwords. Write them and put them in your wallet until you do remember them.






    share|improve this answer




















    • 1





      While I generally agree with this response, I think it could be improved in a couple of ways. First, haveibeenpwned.com serves as a way to see if an email address has been associated with "dumps" containing a potential password to the account. It does not serve as a metric to measure password strength. Instead, I would reference a list of the most common passwords, as a thief who likely does not have password cracking skills is unlikely to manually test many besides these.

      – svartedauden
      6 hours ago






    • 1





      Second, while the suggestion of a password manager is good, I think the suggestion of a random string of 10 characters isn't in practice the ideal password for something like disk decryption or a password manager. While it's all up to personal preference, a set of words or a phrase could be easier to remember while being just as difficult if not more difficult to crack, depending on context.

      – svartedauden
      6 hours ago













    5














    5










    5









    If your laptop doesn't require a password, then they have your data.



    If you had a password, and that password is required every time you open your screen, AND you had filevault turned on (or your company did), then they need to guess your password to decrypt the data.



    But, if you had a dumb password, they can probably guess it. Check out haveibeenpwned.com to determine if you had a dumb password.



    If you had a strong password, file vault, and your device requires you to enter a password, then you're probably ok.



    Still, why not go through your accounts and reset them anyways. Now's a good of time as any. Get a password manager like 1password and let it autogenerate passwords for you. Choose a not-dumb password (like a truly random string of 10 characters - google a pw generator) for your password manager and memorize it.



    Do the same for your new laptop password. You'll have to memorize two crazy passwords. Write them and put them in your wallet until you do remember them.






    share|improve this answer













    If your laptop doesn't require a password, then they have your data.



    If you had a password, and that password is required every time you open your screen, AND you had filevault turned on (or your company did), then they need to guess your password to decrypt the data.



    But, if you had a dumb password, they can probably guess it. Check out haveibeenpwned.com to determine if you had a dumb password.



    If you had a strong password, file vault, and your device requires you to enter a password, then you're probably ok.



    Still, why not go through your accounts and reset them anyways. Now's a good of time as any. Get a password manager like 1password and let it autogenerate passwords for you. Choose a not-dumb password (like a truly random string of 10 characters - google a pw generator) for your password manager and memorize it.



    Do the same for your new laptop password. You'll have to memorize two crazy passwords. Write them and put them in your wallet until you do remember them.







    share|improve this answer












    share|improve this answer



    share|improve this answer










    answered 7 hours ago









    JonathanJonathan

    1,3887 silver badges12 bronze badges




    1,3887 silver badges12 bronze badges










    • 1





      While I generally agree with this response, I think it could be improved in a couple of ways. First, haveibeenpwned.com serves as a way to see if an email address has been associated with "dumps" containing a potential password to the account. It does not serve as a metric to measure password strength. Instead, I would reference a list of the most common passwords, as a thief who likely does not have password cracking skills is unlikely to manually test many besides these.

      – svartedauden
      6 hours ago






    • 1





      Second, while the suggestion of a password manager is good, I think the suggestion of a random string of 10 characters isn't in practice the ideal password for something like disk decryption or a password manager. While it's all up to personal preference, a set of words or a phrase could be easier to remember while being just as difficult if not more difficult to crack, depending on context.

      – svartedauden
      6 hours ago












    • 1





      While I generally agree with this response, I think it could be improved in a couple of ways. First, haveibeenpwned.com serves as a way to see if an email address has been associated with "dumps" containing a potential password to the account. It does not serve as a metric to measure password strength. Instead, I would reference a list of the most common passwords, as a thief who likely does not have password cracking skills is unlikely to manually test many besides these.

      – svartedauden
      6 hours ago






    • 1





      Second, while the suggestion of a password manager is good, I think the suggestion of a random string of 10 characters isn't in practice the ideal password for something like disk decryption or a password manager. While it's all up to personal preference, a set of words or a phrase could be easier to remember while being just as difficult if not more difficult to crack, depending on context.

      – svartedauden
      6 hours ago







    1




    1





    While I generally agree with this response, I think it could be improved in a couple of ways. First, haveibeenpwned.com serves as a way to see if an email address has been associated with "dumps" containing a potential password to the account. It does not serve as a metric to measure password strength. Instead, I would reference a list of the most common passwords, as a thief who likely does not have password cracking skills is unlikely to manually test many besides these.

    – svartedauden
    6 hours ago





    While I generally agree with this response, I think it could be improved in a couple of ways. First, haveibeenpwned.com serves as a way to see if an email address has been associated with "dumps" containing a potential password to the account. It does not serve as a metric to measure password strength. Instead, I would reference a list of the most common passwords, as a thief who likely does not have password cracking skills is unlikely to manually test many besides these.

    – svartedauden
    6 hours ago




    1




    1





    Second, while the suggestion of a password manager is good, I think the suggestion of a random string of 10 characters isn't in practice the ideal password for something like disk decryption or a password manager. While it's all up to personal preference, a set of words or a phrase could be easier to remember while being just as difficult if not more difficult to crack, depending on context.

    – svartedauden
    6 hours ago





    Second, while the suggestion of a password manager is good, I think the suggestion of a random string of 10 characters isn't in practice the ideal password for something like disk decryption or a password manager. While it's all up to personal preference, a set of words or a phrase could be easier to remember while being just as difficult if not more difficult to crack, depending on context.

    – svartedauden
    6 hours ago













    0















    Even if you format (wipe) the data, someone clever enough can still recover it, but that requires some serious skills. Try to google "recovering formatted drives".



    They would still need to crack your password as macs are encrypted.






    share|improve this answer








    New contributor



    Puértolas Luis is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
    Check out our Code of Conduct.

























      0















      Even if you format (wipe) the data, someone clever enough can still recover it, but that requires some serious skills. Try to google "recovering formatted drives".



      They would still need to crack your password as macs are encrypted.






      share|improve this answer








      New contributor



      Puértolas Luis is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.























        0














        0










        0









        Even if you format (wipe) the data, someone clever enough can still recover it, but that requires some serious skills. Try to google "recovering formatted drives".



        They would still need to crack your password as macs are encrypted.






        share|improve this answer








        New contributor



        Puértolas Luis is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
        Check out our Code of Conduct.









        Even if you format (wipe) the data, someone clever enough can still recover it, but that requires some serious skills. Try to google "recovering formatted drives".



        They would still need to crack your password as macs are encrypted.







        share|improve this answer








        New contributor



        Puértolas Luis is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
        Check out our Code of Conduct.








        share|improve this answer



        share|improve this answer






        New contributor



        Puértolas Luis is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
        Check out our Code of Conduct.








        answered 6 hours ago









        Puértolas LuisPuértolas Luis

        11 bronze badge




        11 bronze badge




        New contributor



        Puértolas Luis is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
        Check out our Code of Conduct.




        New contributor




        Puértolas Luis is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
        Check out our Code of Conduct.
































            draft saved

            draft discarded
















































            Thanks for contributing an answer to Information Security Stack Exchange!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid


            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.

            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function ()
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f216050%2fstolen-macbook-should-i-worry-about-my-data%23new-answer', 'question_page');

            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            Popular posts from this blog

            Canceling a color specificationRandomly assigning color to Graphics3D objects?Default color for Filling in Mathematica 9Coloring specific elements of sets with a prime modified order in an array plotHow to pick a color differing significantly from the colors already in a given color list?Detection of the text colorColor numbers based on their valueCan color schemes for use with ColorData include opacity specification?My dynamic color schemes

            Invision Community Contents History See also References External links Navigation menuProprietaryinvisioncommunity.comIPS Community ForumsIPS Community Forumsthis blog entry"License Changes, IP.Board 3.4, and the Future""Interview -- Matt Mecham of Ibforums""CEO Invision Power Board, Matt Mecham Is a Liar, Thief!"IPB License Explanation 1.3, 1.3.1, 2.0, and 2.1ArchivedSecurity Fixes, Updates And Enhancements For IPB 1.3.1Archived"New Demo Accounts - Invision Power Services"the original"New Default Skin"the original"Invision Power Board 3.0.0 and Applications Released"the original"Archived copy"the original"Perpetual licenses being done away with""Release Notes - Invision Power Services""Introducing: IPS Community Suite 4!"Invision Community Release Notes

            199年 目錄 大件事 到箇年出世嗰人 到箇年死嗰人 節慶、風俗習慣 導覽選單