Theft of MacBook running El Capitan: Security Implications

Security

My MacBook running El Capitan just got stolen. It was in hibernation, and will display a password prompt on opening the lid next. Assuming a not-very-technical attacker and a solid login password, how likely is it that my account passwords from keychain will leak?

Best Answer

To answer your main question - they are very unlikely to leak if you stored them in keychain.

The attacker would have to know your login password to access every keychain item.

However - you still need to change them (as you said you would) - especially your email password!

First and foremost the attacker may gain access to your email through your MacBook, if they find a way to circumvent the password prompt! This is your biggest concern in general as most passwords can be reset through email verification.

Regarding the live-Linux-boot or safe-boot options to access your data, this depends entirely on the question if you have enabled FileVault, which would prevent this (your hard-drive is encrypted in this case) and can't be loaded without knowing the password.

Regarding the "safe" password idea. You mentioned you are at a conference, where possibly many other people could have easily recorded you entering your password or watched you enter it. If you have been targeted specifically, a simply video taken with a smartphone could have easily gone unnoticed by you and your login may be compromised...

Best Answer

Related Solutions

MacOS – Preparing the MacBook Pro in case it is ever stolen

MacOS – Keychain Access is empty

Related Question