How important is a Firmware Password?

Discussion in 'Mac Basics and Help' started by yuanmoons, Mar 1, 2010.

  1. yuanmoons macrumors 6502

    Joined:
    Aug 7, 2008
    #1
    Can someone point me to a link or provide some clarity on what NOT having a firmware password means in terms of security and, as a home user, do i need to put on on?

    All my personal files are in 'Knox' dmgs - i work out of the dmgs - works perfectly. But i dont know for sure where else other background/usage info is stored on the computer.

    I did a search on google & these forums and nothing clear came up.... :confused:

    I remember i while back reading that without firmware password if someone got your mbp (physical possession) then they could reset the password and get into your user account (with mac osx cd) ... can someone confirm (im reasonably sure this is correct).

    I had the password on my last mbp but havent got around to putting it on this new one. I was about to today but its been awhile and maybe there is new information or perspective for me to consider.

    How many of you have a password installed?
    What are the pro's & con's?

    Many Thanks.
     
  2. angelwatt Moderator emeritus

    angelwatt

    Joined:
    Aug 16, 2005
    Location:
    USA
    #2
    Firmware password is little to no help in security. Apple even has a page on their site for getting around it. So, frankly, don't waste your time with it. As for a password on your machine, definitely yes you should. You should always password protect a machine/account unless you have a very good reason not to.

    Yes, a person with physical access can reset the password on accounts for the machine, and they can do so even with a firmware password in place as they can get around that first. An account with FileVault would not be accessible though if someone changed the password for the account. FileVault and full disk encryption are the only things that would keep them from getting into your account.

    Though, if you have your sensitive data inside an encrypted disk image, they would not be able to access that data, which is the more important thing for most people.
     
  3. yuanmoons thread starter macrumors 6502

    Joined:
    Aug 7, 2008
    #3
    Thanks for reply.

    Just to clarify - i DO have a USER password. It was just the firmware password i was pondering. But according to you its not all that important.

    Yes, all my data is encrypted in dmgs so they can have a go at that should the situation ever arise!! And even if they got in they wouldnt find anything of any real value....

    So at this moment in time - firmware password is deleted from my todo's!
     
  4. miles01110 macrumors Core

    miles01110

    Joined:
    Jul 24, 2006
    Location:
    The Ivory Tower (I'm not coming down)
    #4
    I'm not sure I'd go as far as angelwatt in saying there's zero security benefit from having one, but it's one of the more questionable aspects of OS X security. Yes you can get around it, but if you're robbed by a thief that will actually take the time to do so you probably have bigger problems in the first place.
     
  5. angelwatt Moderator emeritus

    angelwatt

    Joined:
    Aug 16, 2005
    Location:
    USA
    #5
    Not zero, little. ;) I was very disappointed when I found out how easy it was to get around the firmware password. Almost as disappointed by how easy it easy for someone to change my password with just an install disc.
     
  6. soup4you2 macrumors regular

    Joined:
    Apr 12, 2007
    #6
    Anybody with physical access to your machine can easily gain access. Your best option if you are paranoid is encrypted DMG files.

    But even encrypted DMG's can be brute forced. and you should always have a user password!

    Firmware and account passwords are useless with physical access.
     
  7. yuanmoons thread starter macrumors 6502

    Joined:
    Aug 7, 2008
    #7
    To clarify, im not paranoid and there is nothing extra sensitive about my data. I simply wish to follow best practice relative to benefits offered.
     
  8. polotska macrumors 6502

    Joined:
    Sep 23, 2007
    #8
    In that case, don't bother with a firmware password.
     
  9. yuanmoons thread starter macrumors 6502

    Joined:
    Aug 7, 2008

Share This Page