1) First of all – do not lose your head.
2) If you have other devices linked to this iCloud account and they still work, then go to Settings > iCloud and turn off the Find My iPhone / iPad / Mac function. After all, this function allows you to lock devices remotely.
3) If the email for iCloud was created on a third-party service, gmail, Hotmail, etc, make sure that you have access to this email account, and change the password for that email and connect the backup email account to your phone number.
4) If you do not have access to the email, you need to restore access to it, because it will be needed to receive instructions from Apple.
5) Make sure that there are no filters to block incoming messages from Apple, check the mailbox settings. Sometimes hackers leave email as is, they just create a filter to block letters from Apple and they just do not reach you.
6) Next, you need to try to reset the password from the iCloud account, by clicking on appleid.apple.com, and try to restore the password from the Apple ID. If everything worked out well, then you got off with an easy fight and you can start unlocking your devices.
7) If you failed during the previous step, and the system says that your Apple ID has been changed, then it’s time to call Apple’s tech support and ask for help from them. Make sure that you have a bill from the store for the device or at least a payment card tied to the account. You will need to know the answers to control questions.
8) Use dedicated security software to scan all your devices for inappropriate apps.
Create an additional account with the rights of a normal user.
On any new Mac, there already exists an account for which an “empty” password is set and automatic login is allowed. If you understand that this account has administrator rights, you can safely say that by default we have the worst of all options in terms of security.
Any person who has received physical access to a device is endowed with unlimited power over it. The whole system and all your personal files are in his hands. Do you like this option? I think no…
Therefore, the first thing you need to do after you make a decision to bring a new Mac Air to the university is to set a strong password for the existing account, write it down to a secret place and … stop using this account! The only time you need it is to create a day-to-day account with limited rights.
There are no totally safe operating systems, sooner or later your device will have to feel the impact of this or that malware. The consequences will be much less noticeable if the Trojan that you pick up does not get administrator rights. And for this, you always and everywhere should work logged in as a user with limited rights.
Account management is done in the System Settings (gray icon with gears) on the Users and Groups tab. In the white column on the left, where your only user appears (it’s also the administrator), at the bottom, find the button with a “+” sign and click it. In the appeared window, in the first drop-down list, select the Standardtype, then enter the name and password of the new user and, if necessary, a phrase that can serve as a hint in case you forgot this password safely.
I think such precaution is superfluous, but if you decide to create this hint, remember that it will be visible to anyone who tries to enter the account. So, do not enter the password there directly, but use some tricks.