Does OS X Require a Password?

Discussion in 'Mac Basics and Help' started by Mark D, Jul 15, 2012.

  1. Mark D macrumors member

    Joined:
    Jun 21, 2012
    #1
    I don't know how much this is going to be scoffed at here as it is technically illegal, but to finalize my decision about getting a Mac I tried out OS X some in a VM. But it was just briefly for experimentation. Reason I'm bringing it up here is that I discovered something perplexing that I want to know if it is true about the OS. Anytime it installed something or updated it asked my password, even though I had never set a password. It was impossible to make any administrative changes to the "computer" unless I went into preferences and made a password. And I couldn't find anything under preferences to make it not do this. Now I'm not a fan at all of account passwords especially for a desktop (I'm shopping for iMac) where I don't anticipate any security threats so I found it a bit troubling. I had one on my Windows laptop because I use it around school and everything but even then I just said the hell with this and took it off because it was so annoying having to do that every time I opened the lid.

    I'd like to know if this has something to do with the fact that it's virtual or does OS X really force one to use a password if they want to do anything other than what it's shipped with?
     
  2. pdjudd macrumors 601

    Joined:
    Jun 19, 2007
    Location:
    Plymouth, MN
    #2
    OSX is a UNIX based operating system and as such (for security reasons) requires you to create user accounts. Windows works the same way but that is a something that is added on. User accounts are a fact of life for UNIX based systems so that programs cannot make arbitrary changes to the OS without the OK of the computer operator. It’s called user escalation.

    Now you are not required to have an password (it can be blank which is a really bad idea) but you cannot get around the user concept. It’s been that way since OSX was built and it is not going away.
     
  3. mobilehaathi macrumors G3

    mobilehaathi

    Joined:
    Aug 19, 2008
    Location:
    The Anthropocene
    #3
    Exceptionally bad idea not to set a password.
     
  4. ixodes macrumors 601

    ixodes

    Joined:
    Jan 11, 2012
    Location:
    Pacific Coast, USA
    #4
    Secure, well thought out passwords with a selection of different characters in upper & lower case, are essential in my business.

    There's absolutely no downside.

    Nothing but great security when you're willing to do it right.

    It takes far less effort to do it right, than to be lazy & lose it all.
     
  5. vistadude macrumors 65816

    Joined:
    Jan 3, 2010
    #5
    Why is it bad to have no password on a desktop? It's not like it's in full admin mode, it will still pop up the password prompt for admin level actions.

    Btw, on a snow leopard laptop, you can have a password to login, but you can set it that you don't need a password to wake up from sleep mode (opening the lid).
     
  6. pdjudd macrumors 601

    Joined:
    Jun 19, 2007
    Location:
    Plymouth, MN
    #6
    Because I can’t trust people to not screw up my computer. If something is gonna get crewed up I want it to be me doing it.
     
  7. wordoflife macrumors 604

    wordoflife

    Joined:
    Jul 6, 2009
    #7
    You can change the settings so that OS X will not ask you for a password each time you open your computer from sleep (or each time you boot it, for that matter ... 'auto-login' setting).

    However, administrative changes such as deleting 'important' system files, viewing saved passwords, changing certain preferences, etc ... will require you enter your password. FYI, my computer rarely asks me for my administrative password (I have autologin and no password lock after waking up from sleep), so it's really not an issue.

    [​IMG]

    For example, if you click the lock on the bottom of that preference window ... you will have to type your admin password to "unlock" the preference window. Additionally, you can just keep it unlocked and not have to type in a password at all when changing that specific setting.
     
  8. Mark D thread starter macrumors member

    Joined:
    Jun 21, 2012
    #8
    So there's no way whatsoever to avoid the use of a password on a Mac? So much for simplicity and getting things done faster.

    But what I really didn't understand is why it lets you leave it blank on setup and then still requires you to enter the non-exisistent password to install anything. And there's no warning at the beginning, it just says the computer won't be secure. Not being "safe" and not being able to make any changes to the computer at all are two totally different things.
     
  9. gnasher729 macrumors P6

    gnasher729

    Joined:
    Nov 25, 2005
    #9
    Ahem... There _are_ security threats. That's what the passwords are there for, to _stop_ those security threats. Attackers _can_ quite easily get to the point where your Mac will ask you "do you want to run this application that comes from a completely unknown source and could be stealing your bank details and rob you blind? If yes, enter your password now". They just can't get past that point without active help by the user.
     
  10. chown33 macrumors 604

    Joined:
    Aug 9, 2009
    #10
    If you're literally installing and updating programs all day, then I can see how a password requirement at each one would be a time-killer. But unless you're actually doing that all day, dozens or hundreds of times a day, then I don't see how it can be a serious productivity problem. A few minutes gained over the course of an entire day isn't worth the increased security risk.

    If you're absolutely determined, you can enable the root account, then login as root, regardless of the serious security consequences to those actions. If that's what you really want to do, then see Apple's support article. You now have enough rope to hang yourself.
     
  11. benwiggy macrumors 68020

    Joined:
    Jun 15, 2012
    #11
    In short, Yes. OS X does require the use of a password. The whole system is built on the notion of users (not just people, but processes and tasks running as different types of "user"), each of which have different permissions of what they are allowed to do.
    As an Admin user, you have wide-ranging power over the system, but you are still required to authorize that power at times.
    You could make the password a single letter if you really wanted. But you still need to type it in to confirm that this is something that you want to do.

    The alternative, as pointed out, is to run as the root user, in which case, everything is open and accessible, and everything can do anything to the entire system. So not only can malware sneak into your system more easily, it can also do more damage. And the prospect for you to damage the OS also increases.

    Running as root may save you a few moments: but it will almost certainly cost you dear.
     
  12. wethackrey macrumors 6502

    Joined:
    Feb 27, 2007
    Location:
    Redondo Beach, California
    #12
    I think you should rethink your idea of a security threat in a computing environment. You may have your computer physically secure so that the only people who have access to it are trusted. If you're in that situation, that's terrific. I live alone and I still don't trust my computer without a password, but that may just speak to my paranoia.

    Physically securing your computer does not eliminate all security threats however. For example, it doesn't eliminate the threat from malicious software. Forcing a user to approve a potentially harmful action, even if you've made the password blank, prevents malware from making hidden changes to your system. This is one of the reasons unix-based systems like MacOS are fundamentally safer than WinTel systems.

    One has to wonder how often you're installing applications that this seems like an issue to you.
     
  13. kpgh554 macrumors regular

    kpgh554

    Joined:
    Dec 29, 2011
    Location:
    iver england
    #13
    if leave password field blank whenever ask for password just have to click the allow or ok button. mac not as bad as pc's as if even sneeze ask if want to allow program to make changes to computer
     
  14. Mark D thread starter macrumors member

    Joined:
    Jun 21, 2012
    #14
    It's more having to do it every time I log on than it is installing things.

    I did that and it said the password was incorrect.



    Not the end of the world just wondered.
     
  15. wordoflife macrumors 604

    wordoflife

    Joined:
    Jul 6, 2009
    #15
    I already said that you can enable "auto-login" to bypass having to type your password.
    [​IMG]

    Where I put the arrow, is where you select which account you want to automatically login, or if you want to disable it at all.
     
  16. wethackrey macrumors 6502

    Joined:
    Feb 27, 2007
    Location:
    Redondo Beach, California
    #16
    I think we've managed to confuse you. You CAN set MacOS up to auto-login a particukar user, meaning you do not need to enter a user name and password every time you turn on or wake your computer. Auto-login skips the login process entirely.

    That's different than the requirement that a user with administrator privileges approve possibly disruptive system changes. It may be that the OS will no longer accept a blank user password. That would be a good thing and is entirely likely. I've not tried using a blank password on a Mac in years. With auto-login set, you'd only have to enter your password when making changes to the system.
     
  17. chown33 macrumors 604

    Joined:
    Aug 9, 2009
    #17
    Furthermore, there is a separate option to disable a password to wake from sleep or screen-saver. That option is under the Security pane of System Preferences, with most other security options.

    The particular user who gets automatic login is under the Accounts pane (Users & Groups on 10.7 Lion and up).
     
  18. Mark D thread starter macrumors member

    Joined:
    Jun 21, 2012
    #18
    Sweet. See, Windows requires a password at every login as a one-time pass and then you just get a yes-or-no dialog when making changes. Frickin annoying if I'm just browsing online and not making any administrative changes. Why I took the password off altogether. Still wish you could not ever have one in OS X but I guess this is a lot better than I initially feared.
     
  19. vistadude macrumors 65816

    Joined:
    Jan 3, 2010
    #19
    That's wrong, you don't need passwords in windows. You just need to click the right user get to windows. If you have a single user and no password, when you turn on your computer, it will goto windows without any password prompts.



     
  20. Mark D thread starter macrumors member

    Joined:
    Jun 21, 2012
    #20
    Right, but there's no way to have it just during system changes. You either have a password that you enter upon login, or you don't have a password at all.
     

Share This Page