Different initial log in and user passwords

Discussion in 'Mac Basics and Help' started by robgendreau, May 24, 2015.

  1. robgendreau macrumors 68030

    Joined:
    Jul 13, 2008
    #1
    AFAICT the password one sets for the user in System Prefs>Users and Groups for a user is utilized for initial log in to the computer, after sleep if that option is used, and for installing software and other administrative tasks.

    Can one assign different passwords for those functions?

    Can one have say an initial login password, but then use a different one when that same user with the same privileges does stuff like installing software?

    I realize I could do stuff like log in as root, but that's not what I'm looking for.
     
  2. 0d085d macrumors regular

    Joined:
    Apr 23, 2015
    #2
    The idea of the user system is that you can give different real physical people different abilities on the computer. The user's password identifies who they are, and thus what permissions they have. Having different passwords correspond to different sets of permissions for the same user account is not possible as it doesn't fit with the user model.

    If, however, what you're trying to do is let your children wake the computer from sleep but have only you be able to install software or turn it on then there may be ways of doing what you want.

    What are you actually trying to achieve?
     
  3. robgendreau thread starter macrumors 68030

    Joined:
    Jul 13, 2008
    #3
    Too long a story to recount here, but basically I am doing a bunch of stuff requiring that I have admin permissions to do installations and such, and yet don't wanna accidently leave the machines sitting around with root access. I thought it might be easier to just have a screen lockout password that was different so I could prevent any access, and yet not have to reenter the password over and over and over as I modify things.

    Turns out I'll just change the password instead, and then change it back. Using root works, but it's easy to make a little mistake and leave something inaccessible from the regular admin account.

    But this has lead me to some questions, like under what circumstances a lockout will occur in the face of a brute force attempt to crack the password.

    What I think is the solution to my problem, however, is a two-factor authentication at start up, which just normal password authentication once the machine is booted. But I need something that'll work offline, so I'll start looking. Thanks.
     
  4. Taz Mangus macrumors 68040

    Taz Mangus

    Joined:
    Mar 10, 2011
    #4
    If you have an admin account you don't need to physically be logged in to do installs. If admin permission is required a password box will popup where you enter the admin name and password which should allow the software to be installed from a standard user account.
     

Share This Page