Mac 101: Reset your Mac OS X password
We've all done this.* It's time to install something or run Software Update, but first we've got to enter our password. What was it again? Oops.You can reset your password with the CD (or DVD) that came with your Mac, but if you don't have it, try this tip from Hackszine. Restart your machine while holding down the Command Key (or "Apple Key") and the "S" key. This will start your Mac up in "Single User Mode."
Now it's command line time.** Don't worry, it's just three lines:
- #sh /etc/rc
- #passwd yourusername
- #reboot
*Well, not us, but, you know...our "friend."
[Via Lifehacker]
**Update: this post has raised some understandable security concerns among our readers. Our own Mike Rose had this to say:
"Not this caveat, from a commenter at Hackazine: if you have a FileVault-protected home directory, you cannot use this hack. Changing your password from the command line will render your home directory completely inaccessible, probably permanently."
Share
Categories
We've all done this.* It's time to install something or run Software Update, but first we've got to enter our password. What was it again?...
Add a Comment
I just bought an iMac which has been used as a demo for the last 6 months. ALL OF MY PC EXPERIENCE IS WITH WINDOWS MACHINES!! I bought it pre-loaded with plenty of goodies which I don't want to lose. I don't have an administrative password, but I do have the OSX disk.
I am curious about this password keychain. If I reset the password using the disk, will this enable me to use the other features or screw everything up?
Please be gentle, I JUST found this site, and I am trying to learn as fast as I can...
See, not everyone understands this. The second line of code says #passwd yourusername. Do you actually type this, or a new password and user name? See, it's not all that clear. I know that if you are in a command line you can really screw up your system. Any clarification out here? Please don't send e-mails about me being a retard and such. There are lots of people who would ask this question, but not have the stones to ask.
September 13 2007 at 4:55 PM Report abuse Permalink rate up rate down ReplyHow do I prevent people from entering into single user mode and open cd's all that stuffs.I think is to enable the firmware.How do I since I dont have the cd's.Is there a command line I need to type at firmware to enable it.Send it to me.
August 22 2007 at 11:17 AM Report abuse Permalink rate up rate down ReplyI've tried all of them but didnt work,I have also disable firmware password protection.What should I do?
August 19 2007 at 10:01 AM Report abuse Permalink rate up rate down Replyforgot my open firmware password. i tried reseting pram but i cant hear the chimes.can anyone help.i did change the amount of memory and tried to reset the pram, i am supposed to hear the chimes3 times but there is no chimes coming from g5 1.8 tower.
can anyone help me.
thanks
velipoja xxx
The idea of creating a new account that makes the mac boot from the welcome screen is great. By Cody Bromley.
I wanted to ask you guys, in case someone is to do that, would the computer logon as its brand new, or will we be able to use software previously installed on it.
For example..the computer had aftermarket software such as, MS Office or Final Cut etc preinstalled. And I were to go ahead and create a new account as outlined by Cody. Would I, under the new user account, be able to use this software that was preinstalled before I created this account??
Thanks in advance.
After reading this article I thought it was smart to activate FileVault. It wasn't smart. My MacBook (latest version) works crappy (iChat started up as if I had never used it before), starting up goes slower and now I can't open my own photos anymore. Photos that were perfectly fine a few hours ago are now unreadable in Photoshop CS3 after restarting.
To make things worse: the MacBook tells me that I need 4092GB (!) of disk space to be able to deactivate the damned FileVault.
I would be very thankful if anyone can tell me how to get rid of FileVault.
I am a Mac consultant. I've been doing this for a while.
Breaking into an account (except FileVault) is a trivial matter. There are several ways to do it, not just the one described. Regardless, breaking into the account does not break into the keychain.
If you have physical access to the box, clearing the firmware password is a trivial matter, well documented by Apple. (Hint: That's why we padlock our boxes shut.)
Your only security is:
1. Physical control of the box and
2. FileVault
My suggestions for laptop users:
1. Always set the Master Password.
2. Use a FileVault account for sensitive files, especially on a laptop. Use a normal account for every day files. And use FUS between them.
3. If you can, set up a home server and store sensitive files there, work directly off the server share and clear your caches frequently.
4. Backup
To all those under the misapprehension that this would be some kind of revelation to the bad guys: it isn't.
Once you have physical access to a machine, you own it, in computing terms. Sure, there are some people out there with bad intentions and are ignorant to this, but they're pretty few and far between. This isn't anything new, either: ALL Unix (and Unix-like) operating systems, as well most others outside of the embedded space, have the same âholeâ, which is why PCs traditionally often BIOS passwords and Macs had Open Firmware (and now EFI) passwords. Other types of computer had similar mechanisms for limiting the damage of physical access to those willing to remove the hard disk.
Booting single-user is pretty much Unix Recovery 101. Fortunately, most Mac users don't often need Unix Recovery 101, which is why all of this comes as a surprise to many Mac users.
Michael, as I mentioned originally, I recognise that this information is easily accessible; the difference is, though, that you have to look for it.
Obviously anyone even vaguely determined could gain access to your computer quite easily, with this or many other methods, but I'd be more concerned about the casual prankster/nosey dude in your office who fancies a glance through your files one day while you're out.
I can understand why you don't think there's an issue with this, and that's fine. Personally, I see it as the difference between Yale telling you how to open locks on request, and a national newspaper carrying an article on "How To Open a Yale Lock." One way, thousands of people can open your locks; the other way, *millions* of people can open your locks. There's more chance one of the millions is my neighbour :)
Hot Apps on TUAW
Deals of the Day
more deals- miFrame Picture Frame Dock for iPad for $64 + $8 s&h
- Refurb Apple iPod nano 8GB MP3 Player for $99 + free shipping, 16GB for $119
- Bling Diamond Snap-On Shell Case for iPhone 4 / 4S for $2 + $2 s&h
- Hannspree Apple-Shaped 28" 1080p LCD HDTV for $270 + free shipping
- Bracketron Stand with Headrest Mount for iPad 2 for $11 + free shipping
- Philips wOOx Alarm Clock Radio for Apple iPod / iPhone for $60 + free shipping
Software Updates
more updates- EFI Firmware Update brings Lion Internet Recovery to 2010-model Macs
- OS X Lion 10.7.3 released with Safari 5.1.3, Wi-Fi bug fix
- Aperture updated to 3.2.2, addresses Photo Stream issue
- Apple updates Keynote to address Lion issues
- Google Search app gets new look on iPad
- Apple releases Apple TV Software Update 4.4.3



30 Comments