below is the correct way to remove the firmware password, i have the scbo file, i am not aware if the scbo is unique to each machine and password. i can provide my scbo file to whom ever to help figure out how to bypass apples security. also, if you send me a pm i can get you the correct scbo file for you machine, just send me a pm.
Format a Flash drive GUID partition scheme and Mac OS Extended format. Name it Firmware.
Drag the binary file named SCBO to your Desktop.
Open Terminal.
Execute this command in Terminal:
cp ~/Desktop/SCBO /Volumes/Firmware/.SCBO
You should get a new line, no errors.
Execute this command in Terminal:
cp ~/Desktop/SCBO /Volumes/Firmware/._SCBO
You should get a new line, no errors.
Eject the Flash drive.
Turn off the customers computer.
Insert the Flash drive into the customers computer.
Turn on the customers computer while pressing and holding the Option key.
You should see the lock symbol for a moment, and then the computer should restart to the Startup Manager.
If you still see a four-digit passcode lock after these steps at startup, reset the NVRAM by holding down Command-Option-P-R while restarting the computer.
The EFI password is now removed.
You have for your machine or altered for all machines
For the MacBook Air (Late 2010) and later, MacBook Pro (Early 2011) and later, iMac (Mid 2011) and later, and Mac mini (Mid 2011):
Use the new Firmware Password Reset scheme:
Start up the computer to the password entry screen by pressing and holding the Option key.
Press the key sequence Shift + Control + Command + Option + S at this screen. A one-time use "Hash" code will appear. The code is case-sensitive, so provide TSPS with the Hash exactly as it appears on the customer's screen.
Shut down the customer's computer.
Contact TSPS via chat. Select Yes for the pre-chat question regarding firmware reset and provide the Hash to the advisor assisting you.
TSPS will provide a signed binary file to be copied to a USB storage device (such as a flash formatted FAT or a USB hard drive with Mac OS Extended with GUID partition table).
Insert the drive into the computer while it is off.
Start up the computer while pressing and holding the Option key. Continue holding the Option key until the boot picker in EFI appears and confirm the password has been removed.
Note: If the computer does not start up without the password prompt after following these steps and while you are holding down the Option key, either the Hash was provided incorrectly to TSPS or the file did not read off the drive successfully. The file may have been read correctly but confirmed it does not belong in the computer. Work with TSPS to troubleshoot these issues if necessary.
This process is completely non-destructive to data or settings on the target computer.
Note: If a customer has multiple computers with this issue, TSPS can handle up to 500 in one file. To escalate multiple computers, follow the steps above with the following additional step:
Provide all the Hash keys in a new-line delimited text file (not RTF, but pure plain text) with no new line at the end. These files can be produced in TextEdit on Mac OS X, or files with multiple entries using vim on the command line.
For example:
V400300C1231MED144431A4F414420DDE5F1
C455300Z555ABJ1118713148F413390ACE341
C891200J18334D1099A3B6DD004E3F1A0122
(No new line after the last entry.)
After you receive the signed binary file from TSPS, use this procedure to reset the EFI firmware password
Format a Flash drive GUID partition scheme and Mac OS Extended format. Name it Firmware.
Drag the binary file named "SCBO" to your Desktop.
Open Terminal.
Execute this command in Terminal:
cp ~ / Desktop / SCBO / Volumes / Firmware / .SCBO
You should get a new line, no errors.
Execute this command in Terminal:
cp ~ / Desktop / SCBO / Volumes / Firmware / ._SCBO
You should get a new line, no errors.
Eject the Flash drive.
Turn off the customer's computer.
Insert the Flash drive into the customer's computer.
Turn on the customer's computer while pressing and holding the Option key.
You should see the lock symbol for a moment, and then the computer should restart to the Startup Manager.
If you still see a four-digit passcode lock after these steps at startup, reset the NVRAM by holding down Command-Option-PR while restarting the computer.
The EFI password is now removed.