Toggle sidebar Toggle sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Possible to login to Mac with password? Urgent Help needed

H

h2009

macrumors member
Original poster
Hi there,


I need some help fast. I need to gain access to a Mac laptop which has a password set on it.

I have to gain access to the profile that is locked - is this possible? Or to view the web history?


Thanks
 
Restart the Mac with a Leopard (or whatever OS) disk in the drive.
Click on the CD option.
At the install screen use the "Reset Password" (or something like that) tool from the Tools menu in the top bar.
 
Shouldn't the question be:

Why are you trying to gain access to a computer you don't have authorisation for?
 
Or boot in Firewire mode (if it has firewire; press T before the display turns on), prey it does not have firmware password (in which case pressing T would do nothing) or FileVault is enabled for that user, and connect it through Firewire to another computer.
 
This reminds me of a post where a kid was trying to figure out how to look at his brother's internet history. I could care less what my brothers are looking at.
 
themoonisdown09 said:
I thought that you had to enter the original password to be able to reset it.
Click to expand...

If you needed to know the original password to reset it then what would be the point?
Then it would just be change password.

As for what you use it for, someone is going to know you've done it as you'll now have an account with no, or a different password.

The user asking the question has been a member for a while & wanted to see the "Internet history", sounded like a concerned parent to me.
Plus AFAIK this process is on the Apple page anyway.
 
Hierotochan said:
If you needed to know the original password to reset it then what would be the point?
Then it would just be change password.

As for what you use it for, someone is going to know you've done it as you'll now have an account with no, or a different password.

The user asking the question has been a member for a while & wanted to see the "Internet history", sounded like a concerned parent to me.
Plus AFAIK this process is on the Apple page anyway.
Click to expand...

So can you insert any Leopard install disc or does it have to be the same one it was installed with?

The reason I ask is because this seems like a security flaw. If I could take my Leopard disc and change someones password so I can get all their personal/secure information, that's crazy!
 
themoonisdown09 said:
So can you insert any Leopard install disc or does it have to be the same one it was installed with?

The reason I ask is because this seems like a security flaw. If I could take my Leopard disc and change someones password so I can get all their personal/secure information, that's crazy!
Click to expand...

exactly. You could install a Firware password, that would add a layer of security, but you can hack EVERYTHING.

see this for further info: http://support.apple.com/kb/HT1352
Even Apple states on there, that you can't prevent others from when they have physical access to the computer.

And this has been covered a dozens times here. I really have no idea why people don't find those threads. I mean as stated above, the OP has been a long time member, but doesn't find a topic which has been on here so many times?
 
themoonisdown09 said:
So can you insert any Leopard install disc or does it have to be the same one it was installed with?

The reason I ask is because this seems like a security flaw.
Click to expand...

What I think is required to reset the password with an install disk, is an admin password. If that is so, of course it is no security flaw (since if having an admin password, you do not even need that reset to peek into the other account's content).
 
elmimmo said:
What I think is required to reset the password with an install disk, is an admin password. If that is so, of course it is no security flaw (since if having an admin password, you do not even need that reset to peek into the other account's content).
Click to expand...

I agree. I don't think you should be able to reset the password without having an administrator password.

If someone forgets their password and loses all their data, that's their own fault. I would rather that be the case than for someone to be able to reset my password so they can take all my data (or even delete it).
 
Resetting a Filevault account from the system disc won't give you access to the encrypted files. It simply deletes the original account and saves it as a disk image, and creates a new account with the same username.
 
elmimmo said:
What I think is required to reset the password with an install disk, is an admin password. If that is so, of course it is no security flaw (since if having an admin password, you do not even need that reset to peek into the other account's content).
Click to expand...

No password needed for the install discs.
 
FileVault is good to prevent someone from resetting from OS media.

Another way is if you have enabled a master FileVault password, you can reset any account's password on the Mac, including root. Another reason to make sure this master password is long (over 20 characters) but yet memorable, because forgetting it can bring a world of hurt.

Locking the firmware is another good idea. This prevents someone from booting anything but the main OS drive without a password. (Well, there are other methods to get access, but I'll leave that as an exercise for the reader.)

Finally, there is always PGP Whole Disk Encryption if one wants to keep people from even getting to the OS.
 
mlts22 said:
Another way is if you have enabled a master FileVault password, you can reset any account's password on the Mac, including root. Another reason to make sure this master password is long (over 20 characters) but yet memorable, because forgetting it can bring a world of hurt.
Click to expand...

I actually disable the Master Password on my Macs. It reduces the effective security of FileVault, and introduces yet another secret key that I have to keep track of. I'd rather just write down the damn password in the first place and not reduce the strength of the system.

Locking the firmware is another good idea. This prevents someone from booting anything but the main OS drive without a password. (Well, there are other methods to get access, but I'll leave that as an exercise for the reader.)
Click to expand...

That's only really a useful protection mechanism when you've got good physical security (such as a machine in a locked kiosk). Otherwise an attacker will just remove some RAM and power cycle the machine.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back