Whether you’re in an open office where colleagues regularly wander past, or live somewhere—like a college dorm—where you may feel comfortable leaving your laptop unattended in the presence of relative strangers, it can be all too easy for someone else to sneak a look at your computer. If you want to keep your device secure in communal environments, your best bet is to understand how to stop unauthorized access in the first place. Still, there’s some detective work you can do if you suspect someone else has been using your device.
Lock your computer
Since prevention is better than a cure, you ideally want to prevent others from accessing your laptop in the first place. A simple way to do that is to lock your laptop behind a password whenever you step away from it. On macOS, you can get back to the lock screen at any point by opening the Apple menu and choosing Lock Screen, or hitting the keyboard shortcut Ctrl+Cmd+Q. It’s straightforward on Windows, too. From the Start menu, click the “user” button (the avatar icon), then choose Lock. Alternatively, the Win+L keyboard shortcut works as well. If you keep leaving your desk in a hurry or you just always forget to lock your computer when you step away from it, set your laptop to lock itself after a certain amount of idle time. On macOS, open the Apple menu and pick System Preferences, then go to Security & Privacy, and General, where you’ll check the Require password box and choose exactly when your computer will require a password after it goes to sleep or a screen saver appears. You can change the time it takes for a screen saver to appear under System Preferences > Desktop & Screen Saver > Screen Saver. To automatically lock Windows, click the Settings cog on the Start menu, then go to Accounts and Sign-in options to make sure the Require sign-in option is set to When PC wakes up from sleep. To set idle time duration, go to Settings and pick System then Power & sleep. How long you set this for is up to you—a shorter idle time is better for security and battery life, but also means your computer might lock itself while you’re still in front of it if you haven’t touched the keyboard or mouse for a few minutes. Start with something around five minutes, and adjust it if you feel that time is too short.
Check for recent activity
Let’s say you suspect someone might have been able to access your laptop while it was unlocked, or maybe even knows your password. Your next step should be to check for tell-tale signs of unusual activity inside the most commonly used apps. Start with your web browser and call up the browsing history to see if someone else has left a trace. From the Chrome menu, go to History, then History again; from the Firefox menu, choose History, then Manage history; from the Microsoft Edge menu, choose History, then either All to view recent pages in a dropdown menu or the three dots in the top right of that menu followed by Open history page; and from the Safari toolbar on macOS, choose History, then Show All History. Most programs on your computer have some kind of history or recent files list. In Microsoft Word, for example, click File, Open, then Recent. In Adobe Photoshop, you can choose File and Open Recent. Whatever the applications on your system, you should be able to find similar options. If you’re not sure what program a would-be laptop infiltrator might have used, check the file system—your intruder might have left something behind on the desktop or in your computer’s download folder, but you can dig deeper, too. On macOS, open Finder from the dock, then switch to the Recents tab to see all the files that have been edited lately. There’s a similar screen on Windows too, accessible by opening File Explorer and clicking Quick Access. You’ve got another screen on Windows you can check, too: the timeline. Click the Task View icon on the taskbar, which looks like two stacked rectangles with a scroll bar to their right. If you don’t see it, right-click your taskbar and choose Show Task View button. Scroll down your timeline to find any files that have been opened, websites that have been viewed, and Cortana commands that have been run. If you want to dig into absolutely everything that’s happened on your laptop recently, you can, though the utilities involved are quite difficult to decipher and you might have to run a few web searches to make sense of the information that’s presented. On macOS, you can do this in Console—find it by opening Spotlight (Cmd+Space) then typing “console” into the box. This will give you a comprehensive list of everything happening on your computer, but you can narrow down the entries via the Search box. Type “wake up” into the box to see all the times your Mac has woken up from sleep, for example. Over on Windows, you have Event Viewer—look for it in the taskbar search box. Again, it’ll provide you with a mass of information, presented in mostly technical language. Under Windows Logs, right-click on System, choose Filter Current Log, find the Event Sources dropdown menu, select Power-Troubleshooter and click OK. This should present you with a list of all the times your laptop was woken up.
Get some extra help from apps
If you’re serious about catching laptop snoopers in the act, some third-party software might be in order. One of the best we’ve come across is Spytech Realtime-Spy, which works for Windows or macOS through a simple web interface. You can test out a demo version online here. The program shows you the apps that have been used, the websites that have been visited, and the connections that have been made on your computer. It will even take screenshots for you and record individual key presses. It’s a comprehensive package but it will set you back $80 per year. Another option is Refog Keylogger, which concentrates mainly on logging keystrokes on your laptop’s keyboard, but which also monitors web usage and takes screenshots. The software costs about $30 per month for Windows or macOS, but there’s a free trial if you want to test it first. While these programs can alert you to potential snoopers, they can also be used to spy on other people. Of course, we’d strongly advise against doing this. Otherwise, you’re the creep.