Do Macs have password protected bootup screens?

Discussion in 'Mac Basics and Help' started by appledu, Nov 4, 2006.

  1. appledu macrumors member

    appledu

    Joined:
    Jun 16, 2006
    Location:
    Somewhere. I don't remember ...
    #1
    Hello all,

    On a PC, I can set a bios password that would stop someone changing settings or booting from a live cd or some external drive.
    Do Macs have the same or something similar?

    Thanks,

    appledu
     
  2. WildCowboy Administrator/Editor

    WildCowboy

    Staff Member

    Joined:
    Jan 20, 2005
    #2
    Yes, you can set a firmware password on Macs.
     
  3. appledu thread starter macrumors member

    appledu

    Joined:
    Jun 16, 2006
    Location:
    Somewhere. I don't remember ...
    #3
    Thanks!

    Out of interest, has anyone ever managed to crack it, or find someway to bypass it?

    appledu
     
  4. WildCowboy Administrator/Editor

    WildCowboy

    Staff Member

    Joined:
    Jan 20, 2005
    #4
    Yes, it can be bypassed by someone with physical access to the machine if they know what they're doing.
     
  5. appledu thread starter macrumors member

    appledu

    Joined:
    Jun 16, 2006
    Location:
    Somewhere. I don't remember ...
    #5
    Thanks,

    So I gather that not your regular hacker wannabe can then...

    On a slightly different topic, is it possible for Mac OS X to notify you each time that you login the OS if a wrong password has been entered in a previous login attempt - with the password tried and date and time?
    Can it display a list of all the latest logins (both successful and not) with date and time?

    Thanks,

    appledu
     
  6. WildCowboy Administrator/Editor

    WildCowboy

    Staff Member

    Joined:
    Jan 20, 2005
    #6
    It's pretty easy to bypass the firmware password and the method can be found by Googling (though people are pretty good about not posting it), so it just depends on whether the hacker with physical access to your machine is savvy enough to figure it out.

    The new Intel machines use EFI instead of Open Firmware, and there's been some confusion about how firmware passwords work on the new Macs, but for the most part they seem to behave as they used to. (Most of the confusion seems to stem from the fact that you can't have an Open Firmware password on a machine without Open Firmware, but Apple seems to have implemented a similar password method on the Intel Macs.)

    I don't know if there's a way to generate a list of attempted logins.

    You're pretty serious about security, aren't you? :D :cool:
     
  7. appledu thread starter macrumors member

    appledu

    Joined:
    Jun 16, 2006
    Location:
    Somewhere. I don't remember ...
    #7
    Yeah...
    A little paranoid too...:D

    If anyone knows, let me know...:)

    appledu
     
  8. Graeme A macrumors 6502

    Graeme A

    Joined:
    Aug 6, 2003
    Location:
    Melbourne, Australia
    #8
    a word of wisdom though.

    set up your machine so that it does not automatically log you in. have a strong password set and don't allow yourself to be admin by default.

    keep a spare admin account, and if you have mega sensitive numbers, keep it in the admin account with filevault on for that user.

    my computer was stolen and i got it back from the police after 5 months. the first night, i spent hours going through the log files and laughing. i could see when the machine was stolen and first trial login took place. i could see that the guy was getting frustrated because the system would suspend logins for a while after 5 attempts. not once did i see anything which indicated that they managed to gain access to the files.

    i was also amazed by the fact that they fixed the dent in the case of the powerbook, and they left the 1.5Gb of RAM in... i guess that they paid a shop to fix it as its a good job too - thank you, you thieving gits. pity they didn't get the rubber feet fixed up too.

    again, dont let the system login automatically. because they couldnt login, they couldnt wipe the fact that it was my computer! thanks to that, i have it back in my rightful possession.

    the hassle of these far outweigh the hassle of not having a computer and your data at all.

    </sermon>
     
  9. FFTT macrumors 68030

    FFTT

    Joined:
    Apr 17, 2004
    Location:
    A Stoned Throw From Ground Zero
    #9
    If you're serious about access to your data, you should probably be using PGP Desktop.

    You can also use Stuffit Deluxe 11.0 to compress and encrypt sensitive files.

    Like the others mentioned, you should only run your adminstrative account for installs and maintenance. For regular daily use, you should log on to a secondary
    super user account with limited priviledges.
     
  10. nightelf macrumors 6502

    Joined:
    Mar 25, 2003
    #10
    I use a password protected disk image to store important data.

    Here is how to do it:

    Creating a blank disk image

    You can use Disk Utility to create a blank disk image to store files. Usually, when you create a disk image, you gather the files you want to include into a single location before you create the disk image. With a blank disk image you can add files to the image at any time.

    1. Choose File > New > Blank Disk Image.
    2. Type a name for the disk image and select where you want to save it.
    3. Choose the size of the disk image from the Size pop-up menu.
    4. To require a password to open the disk image, choose "AES-128 (recommended)" from the Encryption pop-up.
    5. Choose "read/write disk image" from the Format pop-up menu.
    6. Click Create.

    To add files to the disk image, open the image in the Finder, which creates a volume on your desktop, then drag files to that volume.

    I think is better than StuffIt because you can read and write, without having to recompress, and is built-in to Mac.
     

Share This Page