Chapter 8 Chromebook Security
In some ways a Chromebook provides some security for you. Chrome OS has a number of security features that are constantly being improved by Google. We will discuss updating your Chromebook in a later section, but the updates ensure that at a basic level your Chromebook will have good security features. For example, data will be encrypted when passing through a web browser and each browser window will be sandboxed so a web app open in one browser window can’t access data from another window.
But there are still some steps that you can take to make sure that your Chromebook is secure. This will be particularly important if your Chromebook is lost or stolen, but will also be useful if you share your computer with family or friends. Since a data scientist is often working with data that may be private or sensitive, it is important that if they lose their computer, they don’t risk losing the data they are working on. Setting your Chromebook up to be secure from the start is an important step for any data scientist.
8.0.1 Setting your Chromebook password
One of the most important parts of securing your Chromebook is making sure that you have a good password. Good passwords are long, easy for you to remember, but hard for other people to guess. Don’t use simple passwords like “12345” or “password”, don’t use your name, your date of birth, or other details that would be easy to guess if someone saw your Facebook profile.
Good passwords have a few important characteristics:
- They are long, ideally more than 10 characters
- They are easy for you to remember.
- They are not a commonly used password.
One way to create relatively good passwords is to string together four or five random words. This approach was made popular by an xkcd cartoon. For example a password made with this approach would be “bikerainsmellblue”. This password has more than 10 characters, is easy for you to remember, and is unlikely to be used by a lot of other people. Try to pick words that aren’t related to each other. Then you only have to remember the four words to remember your password.
xkcd suggested a good password combines four random words.
Another way to create a password is to choose a line from a book or movie and choose the first one to three letters of each word. For example, you might use the line “Once upon a midnight dreary, while I pondered, weak and weary,” then you could change that to “onupamiddrwhipoweanwe”. You can then just remember the line that you have chosen and the fact that you used a certain number of letters from each word. Again, its a good idea to pick a line from a poem or a book that is less famous to do this.
You can improve either of those password schemes by capitalizing some letters or turning words like “too” into numbers to make them more unique. The key is just to have a password that is not very common, easy to remember, and would be hard for other people to guess.
8.0.2 Requiring password to wake from sleep
Now that you have set a good password you can make your Chromebook more secure by making sure that anyone will have to use the password to log in. To do this you need to again open up your personal settings by clicking on your personal avatar in the bottom of your screen and then click on the gear to open your personal settings.
Open your personal settings
Once you have your personal settings open you can click on the “Screen Lock” settings.
Open the Screen Lock settings.
You’ll be required to input your (hopefully good!) password.
Input your password.
Then you can turn on screen lock by clicking the option in the upper right hand corner of the screen for “Show screen lock when waking from sleep”.
Click on option to Show screen lock when waking from sleep.
Now if you close your Chromebook, put it to sleep, or log out, you will have to input your password to get access to your account. This will prevent other users from getting access to your Chromebook account even if they get a hold of the physical device.
8.0.3 Managing other people
Another thing that you can do to make your Chromebook more secure is decide in advance who can log into your Chromebook. To do this, open your personal settings by clicking on the personal avatar at the bottom right hand side of your screen, then click the gear to open your personal settings. The click on the option to “Manage Other People”.
Click on Manage Other People to manage users of your Chromebook.
If you are the owner of the Chromebook you can then click on the dot next to “Restrict sign-in to the following users”. If you are the owner of the Chromebook will then be able to input which users can and can’t log on to your computer.
Click on the option to restrict users.
8.0.4 Two step verification
If you are dealing with very sensitive data or want to be more secure about who can access your account, you can turn on two step verification. All this means is that you can set it up so that entering your password is not enough to unlock your computer. You will also need to get a text message to your phone with a special code each time that you log in. This means that even if someone gets ahold of your Chromebook, they would also have to have your phone to be able to log into your account. Two step verification is often required for data scientists working in industry and is a good idea to prevent loss of your account information.
To turn on two step verification first go to the website https://www.google.com/landing/2step and click on “Get Started” in the upper right hand corner of the screen.
Go to the two step verification page and click Get Started.
This will take you through the two step verification set up process. First you will again need to click “Get Started”.
Click Get Started.
Then you will be required to enter your password to confirm that it really is you trying to step two step verification.
Enter your password.
You will be asked to input your phone number. This is the phone number that will receive the text message every time you input your password and try to log in. This should be for your personal phone that you will have with you when you want to log in to your Chromebook. You won’t be able to log in without your phone after you set this up.
Enter the phone number of the phone you will use for two step verification.
Once you input your phone number, you will get a text message with a 6 digit number. Take this code and type it in to the next screen to confirm that you have the right phone number set up for two step verification.
Enter your verification code to confirm your phone.
After confirming both your password and your phone number you will be given the option to turn on two factor verification. You can do this by clicking “Turn On” on the next window.
Turn on two factor authentication.
Once this is turned on you can turn it back off by going through the same steps as before and then clicking “Turn Off” on the next screen.
You can turn off two factor verification by clicking Turn Off.
Finally, once you have enabled two step verification, you will need to have your phone with you every time you log in to your computer. This is good for security purposes, but will cause problems if you lose or replace your phone. Make sure you turn this feature back off if you are planning on getting a new phone.
8.0.5 Managing apps and devices
You can monitor and manage which apps and devices have access to your account information from your account security page at https://myaccount.google.com/security. You should check this information periodically (every month or so at least) to see if there are any events or activity that you don’t recognize. If anyone has gotten access to your password or log in information, you will be able to see here when they have logged into your account.
Your account security page.
First you can see any security events that have occurred. Security events can be found by looking under “Device activity & security events” in the section “Recent Security Events”. This will give you information on when your passwords are changed or when you have turned on or off two step verification.
Your security events tell you about when your password or two step verification settings have changed.
You can also see all the devices that have logged in to your Google account under “Device activity & security events” in the section “Recently used devices”. You will see the Chromebook you are currently working on, but you will also see any Android phones you have logged in to or other computers where you signed into your account.
Your recently used devices tells you what devices have logged into your account.
As we have discussed in other sections, all of the software running on your Chromebook will be either Chrome Apps or Extensions or Android apps. For a lot of this software you will use Google to log in. That way you don’t have to have a separate password for each app and website. But each time you do this, you give the app a little bit of your information. When you stop using an app you may no longer want them to have access to your information. You can look and see which apps have access to your Google information by looking under “Apps with Account Access” in the section “Apps with Access to your Account”.
You can see which apps have access to your account.
If you click on a particular app you can take away the permission of that app to use your Google information. It is a good idea to check these apps from time to time and remove those that you no longer need, so they don’t have access to your Google information anymore.
You can remove access for specific apps by clicking on them.