Your MAC can be purloined and your user account and password can be bypassed by nefarious individuals for accessing personal data, wiping your system clean and becoming its owner. So how can you prevent it?
Don’t get paranoid; two remedies are available for preventing intruders from taking over your MAC.
1. Use a software-based encryption tool called FileVault
2. Use the hardware-based encryption tool, which is firmware password you need to set in Recovery Mode
Both these features are found in the built-in utilities of OS X.
FileVault Disk Encryption
It encrypts data present on your MAC device and therefore, intruders cannot access your files. If you use OS X Yosemite, then most likely you already are using FileVault.
After you installed Yosemite, you must have been asked about enabling this utility in one of the setup screens.
To confirm if you are using this service, open System Preferences—Security & privacy—FileVault.
To manually enable this feature, click the lock present in the lower-left corner. It will unlock it and you will be asked to enter your admin name and password. Now click on the Turn On FileVault tab.
A recovery key will be provided which you will use in case you need to reset the password.
You Must keep this security key at a safe spot and if you don’t have any the store it with Apple.
To store the key on Apple you need to create three security Q&A, which will be asked from Apple for retrieving the key in future.
Once you are done, restart the device and FileVault will start encrypting the files present on your hard disk. You may continue to use your MAC while the software does its job.
Firmware Password
Even if FileVault has encrypted your files, it is also possible that some grab your laptop, enter into the Recovery Mode and format your hard drive to claim the device.
Thus, a drawback of FileVault is that it sure protects your data from prying eyes, it does not prevent it from being stolen by a thief since the device will become his after a fresh OS X installation.
This is why you need firmware password.