Site icon The Mac Security Blog

Do this now to protect your Mac in case it gets stolen

Apple recently introduced a feature called Stolen Device Protection for iPhone. This feature, when enabled, helps protect your data in case your iPhone ever gets stolen.

So far, Apple has not announced a Stolen Device Protection feature for Macs. Nevertheless, there are some features in macOS that can provide a similar level of security in case someone ever steals your Mac.

In this article, we’ll explain how to set up your Mac to make it harder for thieves to exploit. Not only will it be harder for anyone to access your files or resell your Mac, but you may even be able to locate and recover it.

Why isn’t there Stolen Device Protection for Mac?

iPhones need it more; they’re small, portable, and everywhere

Apple hasn’t said why Stolen Device Protection remains exclusive to iPhone; the feature doesn’t exist on Mac (or even iPad). The most likely reason why iPhones got the feature first is that iPhones are so ubiquitous and portable; in many countries, roughly half of the adult population carries an iPhone with them everywhere they go.

More than a decade ago, iPhone theft was a really big problem. Although it’s less of an issue today thanks to technologies incorporated into Find My, iPhone theft nevertheless remains relatively common. But it’s also true that Macs are stolen every single day—from workplaces, homes, airports, and elsewhere.

Macs typically have more complex passwords than iPhones

Aside from its size and portability, one of the biggest differences between the iPhone and the Mac is in the way you authenticate. On the iPhone, most people set up a six-digit passcode; it’s the standard key that unlocks the device. You have other options, such as longer passcodes or alphanumeric passcodes, plus biometrics (Face ID or Touch ID). Thieves can often break into stolen iPhones by “shoulder surfing” before taking them; shoulder surfing is when someone watches you as you type your passcode. The iPhone setup process prompts you to create a six-digit PIN, and the number buttons are quite large on an iPhone lock screen; it’s pretty easy to see what someone types. A lot of shoulder surfing takes place in busy areas, such as bars, on trains or busses, or in airports.

On a Mac, however, you set up a password to log in. Many people have a tendency to use a simple login password, but it’s a good idea to choose one that’s impossible to guess. (Here are some tips for creating secure passwords.) Because Mac keyboards have significantly more keys than the iPhone’s numerical keypad, and because computer passwords are usually longer than six characters, it’s much harder to sneakily look over someone’s shoulder when they’re using a Mac and watch them type in their password.

Macs are often used in more private, stationary locations

Additionally, Macs are often used in stationary environments, such as at a desk; they’re less commonly used in public places than iPhones. Of course, that’s not universally true; some people carry their MacBook with them everywhere and use it in public. But the facts above may at least partially explain why Apple has not yet expanded Stolen Device Protection to the Mac.

Even though Macs don’t have an official “Stolen Device Protection” feature, there are still a number of things you can do to safeguard your Mac’s data. You can also make it more difficult for thieves to resell your Mac, and you may even be able to locate it—and help police recover it.

Which macOS features can protect your data if your Mac is stolen?

FileVault

The most important feature to enable is FileVault. This encrypts everything on your Mac’s drive, and your password is the key that unlocks the encryption. (This is one reason why it’s important to use a strong password for logging into your Mac.) If you don’t have FileVault enabled, anyone who steals your Mac could start it up from an external disk, or boot it in target disk mode, and have immediate access to every file on your device. But if File Vault is enabled, they must enter the Mac’s password to be able to access any files from the internal drive.

You were likely prompted to enable FileVault when you first set up your Mac. But if you haven’t done so, or if you aren’t sure, you can find FileVault settings in System Settings > Privacy & Security > FileVault.

If you haven’t enabled FileVault, you should do so now to protect your data in case your Mac ever gets stolen.

Firmware password

Newer Macs with Apple silicon chips (M1, M2, or M3) don’t have a firmware password feature; FileVault is sufficient to protect their data. But older Macs with Intel processors allow you to set a firmware password. If you do so, Apple says that “users who don’t have the password can’t start up from any disk other than the designated startup disk.”

If you set a firmware password, make sure to record it somewhere safe (other than your Mac, of course). It won’t be automatically saved in Apple’s iCloud Keychain; because you set it by booting into the Mac’s recovery partition, your main operating system isn’t running at the time. You’ll need to enter your firmware password whenever you start up your Mac, and you may need it if you ever have to boot your Mac from an external drive.

Find My

“Find My” is Apple’s feature for helping users track the location of their devices; trackable device types include Mac, iPhone, iPad, Apple Watch, Apple Pencil, AirTag, and AirPods. Turning on Find My on your device not only helps you locate it if it’s lost or stolen but also allows you to remotely erase it, deleting all your data.

Find My also enables Activation Lock, which means that your Apple ID password or Mac password is required “before anyone can turn off Find My, erase your Mac, or reactivate and use your Mac.” And if you remotely erase your Mac with Find My, “Activation Lock can continue to deter others from reactivating your Mac without your permission.”

In other words, thieves will have a much harder time selling your device. Pawn shops will know it was probably stolen. And if thieves try to sell an Activation-Locked Mac through a service like eBay, Facebook Marketplace, or Craigslist, they’ll either have to lie by omission—and risk a bad seller reputation—or list it for “parts only,” which is worth far less than a working Mac.

To enable Find My, go to System Settings, then click your name at the top of the sidebar. In the Apps Using iCloud section, click Show More Apps, then click Find My Mac.

If you haven’t enabled Find My yet, you should do so now. You can use the Find My app on any other Mac, iPhone, or iPad that you own to track your Mac, or you can log into your iCloud account and use Find My on the web.

Don’t try to get back your stolen Mac; ask law enforcement

Of course, just because you can see where your stolen Mac is located doesn’t mean it’s safe to try to recover it on your own. If your Mac is in a wide-open public place like a park, you might decide to try to retrieve it on your own, if you think it’s safe. But if your Mac appears to be inside someone’s house or any other private location, it’s best to report it to the police and see whether they will help you try to recover it.

 

While these features aren’t as comprehensive as Stolen Device Protection is for iPhones, they can help you protect your private data in case your Mac ever gets stolen.

Related: How to enable Stolen Device Protection for iPhone

How to enable Stolen Device Protection for iPhone

How can I learn more?

Each week on the Intego Mac Podcast, Intego’s Mac security experts discuss the latest Apple news, security, and privacy stories, and offer practical advice on getting the most out of your Apple devices. Be sure to follow the podcast to make sure you don’t miss any episodes.

You can also subscribe to our e-mail newsletter and keep an eye here on The Mac Security Blog for the latest Apple security and privacy news. And don’t forget to follow Intego on your favorite social media channels:       

Share this: