PDA

View Full Version : Resetting Forgotten Admin Password?




doubledee
Jun 10, 2013, 08:39 PM
Pardon the dumb questions, but I am really confused about how seemingly easy it is to reset a lost Administrator Password.

In the article Resetting a forgotten administrator's password in Lion (http://www.macworld.com/article/1164599/reset_password_lion.html), it says...


Restart your MacBook Pro with the Option key held down and choose Recovery HD in the startup screen. From the Utilities menu in the Mac OS X Utilities screen that appears, choose Terminal. In the Terminal window that appears enter “resetpassword” (without the quotes) and press Return. A Reset Password window will pop up. Select your startup volume in the top of the window and then, from the pop-up menu below, select a user account—Lee, for example.

In the fields below that enter and confirm your new password.

(I'm actually interested in how this works in "Mountain Lion", but am guessing it is the same process as this article describes...)


I don't get it?! All you have to do is "Restart your MacBook Pro with the Option Key held down" and you can reset the Administrative - and subsequently all Other Passwords - with just those keystrokes??? :eek:


If that is the case, then *every* Mac could have it's Admin Password reset by anyone walking by...

Why even have any passwords on your Mac???? :confused:

Sincerely,


Debbie



chown33
Jun 10, 2013, 09:36 PM
Set an EFI password. This will prevent the selection of the Recovery HD partition until the EFI password is entered.

If you're asking as a more general question, the answer is "Not everyone needs that level of security". By default, no Mac (or Windows, or Linux) computer is safe from an attacker with physical access. If you want that level of security you can enable it. Otherwise you get the default, which is good enough for many people.

All security is a tradeoff between cost, convenience, and risk.

doubledee
Jun 10, 2013, 09:59 PM
Set an EFI password. This will prevent the selection of the Recovery HD partition until the EFI password is entered.

If you're asking as a more general question, the answer is "Not everyone needs that level of security". By default, no Mac (or Windows, or Linux) computer is safe from an attacker with physical access. If you want that level of security you can enable it. Otherwise you get the default, which is good enough for many people.

All security is a tradeoff between cost, convenience, and risk.

But what would be lost if Apple made it so anyone with access to a Mac couldn't reset the Admin Password and steal everything?!

I can't believe that for the last 5 years that I have owned a Mac that I actually believed that my Username and Password *worked*?! :rolleyes:

Sincerely,


Debbie

benwiggy
Jun 11, 2013, 08:16 AM
Physical access to the machine beats nearly every form of security. Someone could boot your Mac into Target mode while connected to another Mac and access your entire disk from there. They could boot into single user mode and access the filesystem from there.

FileVault will protect against most physical intrusions, of course.

There has to be a way of resetting the password, because people will forget it. As said, most security is about the amount of effort required to get at the information. Are most people willing to spend time cracking your Mac? No.

People can see you walking down the street. People can look through your windows. The government knows your SSN!!!

doubledee
Jun 11, 2013, 09:26 AM
Physical access to the machine beats nearly every form of security. Someone could boot your Mac into Target mode while connected to another Mac and access your entire disk from there. They could boot into single user mode and access the filesystem from there.

FileVault will protect against most physical intrusions, of course.

On my new cMBP, if I set up File Vault 2 using a secure Pass Phrase - and nothing else - is there any way that someone with Physical Access to my laptop could break into it? (We'll assume the FDE can't be hacked.)

For example, could someone bootup my cMBP into some mode and reset the Admin Password?

Or could they use a Bootable External Drive and somehow circumvent File Vault 2??


There has to be a way of resetting the password, because people will forget it.

I disagree.

If you have a Username and Password, and you forget the *Administrative* Password, then you SHOULD BE screwed for good!!!

(The way Apple has it, it's sorta like how in the U.S. "Life in Prison" means "20 Years"... ) :rolleyes:



As said, most security is about the amount of effort required to get at the information. Are most people willing to spend time cracking your Mac? No.

If it's that easy, I don't see why not.

(You could have a lot of fun at the local library, at college, or at a friend's place where you want to get "revenge" on some people... Just walk up to an unattended Mac, reboot, set a new Admin Password and maybe an EFI Password fo good measure, and you've just locked someone out of their Mac for good?! That is insane!!!!!!!!!)

Sincerely,


Debbie

benwiggy
Jun 11, 2013, 09:39 AM
I really don't know. Perhaps resetting the admin password will allow access to the user account(s) on a FileVault 2 disk. Perhaps there is another level of hoops that must be confronted first.

For most people the admin password IS their user password. Condemning them to losing their data would be unacceptable from a business point of view.

Of course, the easiest thing would be to see if the backup disk is also encrypted, and if not, get the data from there.

There's also a very simple method of cracking ANY encryption:

http://imgs.xkcd.com/comics/security.png