MobileMe: Keeping your MobileMe account secure

Passwords

• Keep your MobileMe password unique.
  Don't use the same password for multiple services or websites. If someone gets your password for another site they would also know your MobileMe password.
  Note: Your MobileMe email address can also be your Apple ID for things like the iTunes Store, iPhoto print ordering, the Apple Online Store, or Apple Discussion. In that case, your Apple ID password will be the same as your MobileMe password (which is ok).
• Never give out your password to known or unknown sources.
  Even if you need assistance with your MobileMe account, Apple will never ask for the password of your account, nor should you ever volunteer it. It is recommended that you do not even give your password to family members, and that you don't send emails to any source (including yourself) stating your password information.
• Create a strong password.
  MobileMe passwords can be up to 32 characters in length. You can create a strong password by making sure it is at least 8 characters in length and using a combination of numbers, upper and lower case letters, and special characters. See Choosing good passwords in Mac OS X for more password tips.
  Note: Some special characters can't be used in your MobileMe password.
• Change your MobileMe password frequently.
  It's a good idea to change your password every 6 months. You can change your password at secure.me.com/account or by using iForgot. Be sure to create new and unique passwords rather than reusing old passwords.
• Make sure your password is up-to-date on all computers and devices.
  MobileMe or other related features (such as Find My iPhone) may not function as expected after changing your MobileMe password until you enter your new password on all of your computers and devices that use MobileMe (such as iPhone, iPad, and iPod touch).
  
• Use the passcode lock feature.
  If you are using an iPhone, iPad, or iPod touch, consider using the passcode lock feature (available in Settings > General). The passcode lock feature will help protect any data you are syncing with MobileMe, as well as any other private information on your iPhone or iPod touch. 
• Set your computer to require a password on waking from sleep.
  Setting your computer to require a password on waking from sleep will help protect any data you are syncing with MobileMe, as well as any other private information on your computer.

Email

• Do not respond to emails from unknown sources.
  Responding to emails from unknown sources can deliver header information which can be used to target you or specific server client software.
• Do not download files or attachments from anyone you do not know.
• Do not post your MobileMe email address on a search engine or social network site.
  Publicly posting your email address makes it easier for someone to search for names and email addresses so they know what email account to exploit or attempt to access.

Using me.com

• Make sure only you know the answer to your security question.
  Create a unique challenge question that cannot be researched by using Google, Facebook, MySpace, or any other search engines or social networking sites. A challenege question should be obscure and only answerable by you. For example, it should not be a birthday as it could be answered by searching social networking sites. Most social networking sites list your birthday, your hometown, and your interests, which are often what are used as security/challenge questions. As a general rule, do not use questions like "where was I born" or "what is my dog's name." Also, do not use questions with yes or no as the answer.
• Log out of MobileMe when you are using a public computer or shared network (such as at a hotel or Starbucks).