Security Aid

How to remove a user from a shared Mac

There will be times when you need to remove a user from a device. In this article we’ll show you how to remove a user from a Mac.

For a better understanding it’s good to understand the difference between an actual user of the device and a “sharing only user.” On a Mac, you can use Sharing Only User settings to create a user that has access to your files and folders over the network. You can also use these settings to limit their access to your shared information and system.

Both have very similar ways of removal:

Apple menu > System Settings

Click Users & Groups in the sidebar. (You may need to scroll down.)

Click the Info button next to the user or group you want to delete, then click Delete User or Delete Group. Note: If a user is logged in to this Mac now, you can’t select them.

This will delete sharing users immediately. For other users you’ll have to decide what you want to do with their Home folder first. You can delete it, keep it, or save it in a disk image.

To save it in a disk image, select Save the home folder in a disk image, then click Delete User. This archives all the user’s documents and information so the user can be restored later if needed. The disk image is saved in /Users/Deleted Users/.

To leave the user’s home folder as is, select Don’t change the home folder, then click Delete User. The user’s documents and information are saved and the user can be restored later if needed. The Home folder remains in /Users/.

To remove the user’s home folder from the computer: Select Delete the home folder, then click Delete User. The user’s folder will be deleted.

If you don’t delete a user’s home folder, you can restore the user and the contents of the home folder. (A sharing-only user doesn’t have a home folder.)

Did you know there’s a Malwarebytes for Mac? Give it a try!

 Read More 

 

How to remove a user from a shared Android device

Some of our loyal readers may remember my little mishap when I was able to track my wife by accident after inadvertently adding myself to her phone as a user.

For exactly that reason we want to warn against sharing devices and at least show you how to remove other people’s accounts from your device.

The steps may be slightly different depending on your Android version, device type, and vendor, but most users should be able to follow these steps.

For the primary user:

Open Settings

Tap System > Multiple users.

If you can’t find this setting, try searching your Settings app for users.

Tap the name of the user you want to remove.

Tap Delete user > Delete. If successful, the user will be removed from the list.

If you want to stay the only user, you can turn the Multiple users feature off.

If you’re not the primary user (you can’t delete the primary user):

Under Multiple Users tap More (three stacked dots).

Tap Delete [username] from this device. Important: You can’t undo this.

The device will switch to the owner’s profile.

Note: Android devices allow two types of additional users:

Secondary user: This is any user added to the device other than the system user. Secondary users can be removed (either by themselves or by an admin user) and cannot impact other users on a device. These users can run in the background and continue to have network connectivity.

Guest user: Temporary secondary user. Guest users have an explicit option to quickly delete the guest user when its usefulness is over. There can be only one guest user at a time.

Another privacy issue can be caused by having additional accounts on the device. Accounts are contained within a user but are not linked to a particular user. The tracking issue I discussed was caused by adding one of my Google accounts to my wife’s phone.

To remove unwanted accounts:

Under Settings, tap on Accounts and Backups

Then tap on Manage Accounts

Select the account you want to remove and you will see the option to do that.

If you’re having trouble finding any of these settings on your specific Android device, reach out through the comments and when we can, we’ll add as many specific instructions as possible to the post.

 Read More 

 

Atlassian Bitbucket artifacts can leak plaintext auth secrets

Threat actors were found breaching AWS accounts using authentication secrets leaked as plaintext in Atlassian Bitbucket artifact objects. […] Read More 

 

Rockwell Automation warns admins to take ICS devices offline

Rockwell Automation warned customers to disconnect all industrial control systems (ICSs) not designed for online exposure from the Internet due to increasing malicious activity worldwide. […] Read More 

 

Arrests made after North Koreans hired for remote tech jobs at US companies

US businesses are believed to have recruited thousands of North Korean IT workers, sending earnings (and potentially data) to North Korea.

Read more in my article on the Hot for Security blog. Read More