In thinking about this, it occurred to me that private info is scattered all over my machine. I also remembered, years ago, that when I shipped a laptop to a manufacturer (not Apple, of course) for repair, it never arrived. So, I came up with a security procedure that makes it as easy on the technician as possible -- but also tough on any thieves who may come in contact with the machine.
So, don't disable your administrator password or set it to automatic login. Instead, consider creating a special account for the technician. I created one called REPAIR with a four-digit password; I gave the password to AppleCare over the phone, and enabled automatic login or that account. I also used the MacPilot utility to modify the text that appear on the log-in screen to TECHNICIAN - PLEASE USE REPAIR ACCOUNT. THANKS!
You might consider putting a sticker on the case of the computer stating the same thing. Whether you do or don't create a repair account, put a label on the case, in a prominent location, saying FOR PASSWORD ASSISTANCE, PLEASE CALL nnn-nnn-nnnn. That's much better than writing your password on the form you'll be submitting to Apple.
Finally, back up your data. The best solution is to image your hard drive with a program like Carbon Copy Cloner or SuperDuper. I'd also recommend using Apple Backup to create a backup of your keychains, Address Book, etc., and any other personal data and settings you have.
Read on for some other things to consider if you're sending a machine away for service...
Here are some other things you may wish to do in the interest of general security, prior to sending your machine in for service:
- In the Security System Preferences pane, uncheck 'Require password to wake from sleep.'
- In the Sharing System Preferences panel, turn off all sharing options.
- Deauthorize your iTunes account. If your hard drive is erased by the tech, or if the machine gets pilfered, it's more of a pain to deauthorize iTunes without your machine than with, and you can simply reauthorize it when you get it back.
- Go to the Keychain Access program and delete all your keychains.
- After you've done all the above, do one more manual .Mac sync, then disable .Mac sync. You probably don't need to deauthorize it, since this makes a bit of a hassle when you get the machine back, and could result in duplicate data. Instead, when you get the machine back, make sure to set .Mac to a full reset -- .Mac overwrites your machine -- to restore your data.
- Consider deleting your iCal and Address Book info as well, and use .Mac to restore them, as above.
- In Safari, forget all passwords, delete cookies and history.
- In Firefox, use the Clear Private Data command.
- Take this opportunity to change the passwords on any online services you use that contain private information about you -- banking, eBay, .Mac, credit cards, etc. A pain, but you should have done that a few months ago anyway, right!
- I use a firmware password on my Mac, which I didn't disable. Again, I gave the password to the AppleCare agent, and put the sticker on the machine.
- Consider using Orbicule's Undercover software. This silently installs on your machine; if it is stolen, you notify Orbicule, and the machine sends a regular signal back to them anytime it goes online (and an iSight snapshot, if you have the camera.) In order to effectively use Orbicule, you need to have an autologin account set on your machine. So in this case, either use the REPAIR account, or set your Guest account to automatic login.
- Repeat the above procedures if you have multiple accounts.
- Check with your insurance company to see if your machine is covered for theft and damage in transit. Apple's shipping service provides coverage, but getting compensated could be a hassle.
- Don't forget to make a copy of the info sheet you filled out and sent back to Apple, and write down the tracking number for shipment.
[robg adds: There are some good ideas in here if you're taking a step-by-step approach to securing your personal data prior to sending your machine back. My approach is somewhat different: in the two cases where I've had to send machines back to Apple, I wiped the machine clean and reinstalled the OS with a dummy Repair account.
Obviously, before I did this, I built a bootable backup of the entier system using either Carbon Copy Cloner or SuperDuper. I then verified that the backup was complete and usable, and then reinstalled OS X with a format and install. When the machine came back, I simply restored my full backup, and I was right back where I started, without any fear of what might happen to my data if the machine were to be lost.]

