I forgot my imac firmware password?

Discussion in 'iMac' started by bengrafik, Apr 21, 2013.

  1. bengrafik macrumors newbie

    Joined:
    Apr 21, 2013
    #1
    i would like to know if it has a minimum length and do you have to use both letters and numbers??
    plus is there a limit tries Please i need your help!! thanks in advance
     
  2. Nuke61 macrumors 6502

    Joined:
    Jan 18, 2013
    Location:
    Columbia, SC
    #2
    The last time I set a firmware password was years ago, and I don't remember it having any minimum requirements. This is the password box, and it doesn't list any requirements:
    [​IMG]
    I think that the only way to reset a 2011 or newer Mac if you can't remember the password is by taking it to an Apple Store.
     
  3. Acorn macrumors 68020

    Acorn

    Joined:
    Jan 2, 2009
    Location:
    macrumors
    #3
    the apple store will only remove firmware password if you have proof of purchase as well
     
  4. ZMacintosh macrumors 65816

    ZMacintosh

    Joined:
    Nov 13, 2008
    #4
    try removing a ram module and restarting...works in some notebooks, may work with the iMac.
     
  5. 7itanium macrumors member

    Joined:
    Apr 20, 2013
    #5
    Try this

    method one (doesnt delete any data)
    hold command S during boot

    mount -uw /
    launchctl load /System/Library/LaunchDaemons/com.apple.DirectoryServices.plist
    Ls /users
    dscl . -passwd /users/username password
    reboot

    replace username with your username and password with what you want the password to be


    Method two (ALWAYS works... but makes the computer think it is bran new so you may or may not lose data)

    command S
    mount -uw /
    rm /var/db/.AppleSetupDone
    shutdown -h now
     
  6. ThirteenXIII macrumors 6502a

    Joined:
    Mar 8, 2008
    #6
    No, this is NOT the correct method.
    And wont work since you dont have your firmware password anyway.

    Try the ram removal method, if not an Apple store is youre next bet.
     
  7. 7itanium macrumors member

    Joined:
    Apr 20, 2013
    #7
    how is that not a correct method? I have used it many times

    thought you may be right about it being different since its firmware-- that is definately a valid way of clearing a password
     
  8. ZMacintosh macrumors 65816

    ZMacintosh

    Joined:
    Nov 13, 2008
    #8
    that is not a firmware password reset and does not resolve the OP's problem.

    that may work for some admin accounts, but not firmware based passwords.
     
  9. 7itanium macrumors member

    Joined:
    Apr 20, 2013
    #9
    my appologies.... I assumed it would clear it based on theory

    I have never set a firmware password... I dont really understand why anyone would want to... but if the mac store is able to reset them there must be some sort of universal password out there
     
  10. Bear macrumors G3

    Joined:
    Jul 23, 2002
    Location:
    Sol III - Terra
    #10
    They wouldn't risk a universal password, it would be leaked easily. Firmware password resets (when you don't know the password) generally require doing something physical to the hardware.
     
  11. Weaselboy Moderator

    Weaselboy

    Staff Member

    Joined:
    Jan 23, 2005
    Location:
    California
    #11
    Here is what the Apple Genius does when you go in for a EFI PW reset. After you have proved the machine is yours, they will do the following.

    1. Option key boot which will result in the EFI PW entry screen.

    2. While still in that screen hit command+control+option+shift+s keys all at once. This will bring up a 33 character hash code that uniquely identifies your machine.

    3. The Genuis will email the Apple mothership that hash code with a request for a "keyfile" to reset the PW.

    4. The keyfile (about 350 bytes) is sent back to the Genius.

    5. The Genius puts the keyfile on a USB key and option key boots the machine.

    6. The machine reads the keyfile and resets the PW then reboots.

    No more EFI PW.
     
  12. Bear macrumors G3

    Joined:
    Jul 23, 2002
    Location:
    Sol III - Terra
    #12
    That is rather a fairly secure method for resetting the firmware password. And way better than what I knew of past methods for resetting firmware passwords on various computers.
     
  13. 7itanium macrumors member

    Joined:
    Apr 20, 2013
    #13
    so basically if you forget your firmware password.... and dont have a proof of purchase you are screweed?
     
  14. Badagri macrumors 6502

    Joined:
    Aug 9, 2012
    Location:
    UK
  15. Nuke61 macrumors 6502

    Joined:
    Jan 18, 2013
    Location:
    Columbia, SC
    #15
    Pretty much.
     
  16. Weaselboy Moderator

    Weaselboy

    Staff Member

    Joined:
    Jan 23, 2005
    Location:
    California
    #16
    Nuke61 is correct, but just to clarify, that is not quite what is going on with the OP in this thread. Someone used iCloud's Find my Mac remote lock feature to lock down that machine, and that locks down the firmware like we are seeing here. Removing either the PIN lock (without the PIN) or a firmware PW will require a visit to the Apple Store on newer machines. Even on older machines (pre-2010) where removing a RAM chip would reset the PW, that still does not get around the PIN lock. The two are interconnected security features.

    I use Filevault2 and a firmware password on my Macbook Air. If someone steals it they get no data and a pretty much worthless, stolen Macbook that won't work.
     
  17. Nuke61 macrumors 6502

    Joined:
    Jan 18, 2013
    Location:
    Columbia, SC
    #17
    I bought my iMac in a local Apple Store and my sales slip was sent by email, so proof of purchase is easy, but what does someone do who bought used on EBay or locally?
     
  18. Weaselboy Moderator

    Weaselboy

    Staff Member

    Joined:
    Jan 23, 2005
    Location:
    California
    #18
    Good question. I have never really talked to anybody that went to the Apple Store to do this so I don't know what they ask for as proof.
     
  19. moose232 macrumors newbie

    Joined:
    Apr 6, 2013
    #19
    For anyone still reading this thread I have been to the Apple store in Bluewater in the UK today (Tuesday 2nd October 2013) and took my MacBook Air (mid 2012) model in as I had set a firmware password but couldn't get it to work. I purchased the MacBook Air from eBay (it was sealed when I bought it) and Apple did not ask me for any proof of purchase, they simply inspected the unit for damage, asked me to write my password down or log in and enable the Guest account, took my mobile number and had it done within 30 minutes.

    I'll certainly be a lot more careful about setting such passwords in future!
     
  20. elithrar macrumors 6502

    elithrar

    Joined:
    May 31, 2007
    #20
    God help anyone in here that forgets their FileVault password and doesn't write down the recovery code ;)
     
  21. flynz4 macrumors 68040

    Joined:
    Aug 9, 2009
    Location:
    Portland, OR
    #21
    This is not a very assuring practice. Basically... they just trusted you, vs requiring proof of purchase.

    /Jim
     
  22. flynz4 macrumors 68040

    Joined:
    Aug 9, 2009
    Location:
    Portland, OR
    #22
    Setting a FW password along with using FileVault 2 can be used to stop many types of security attacks... such as the "Evil Maid Attack" and others.

    It is not perfect... but does give a pretty effective next line of security. I use FV2 + FW Passwords on all of my machines. When I need to leave my machine in a hotel room... I fully shut it down, and store it in the safe.

    /Jim
     
  23. moose232 macrumors newbie

    Joined:
    Apr 6, 2013
    #23
    While it is true that they didn't ask for any photo ID they did ask me to log in which I'm assuming that anyone smart enough to want to enable a firmware password wouldn't then be stupid enough not to have a password on their account or any other account with admin privileges, which means that if I had stolen it, in theory I wouldn't have been able to log in at all.

    I'm not saying that they shouldn't have asked for some form of ID but I'm just thinking that perhaps they tried to determine of the laptop was mine using a more subtle method?! Still bad I know.

    Just out of curiosity how/why is the use of a firmware password combined with a FV2 password not perfect?
     
  24. flynz4 macrumors 68040

    Joined:
    Aug 9, 2009
    Location:
    Portland, OR
    #24
    I am not a crypto expert... and when I talk with experts, they make my head hurt. ;)

    I just know that security is a very tough problem... and I personally do not have faith that anything is 100% foolproof. So, I settle for doing everything reasonable under my control to make things as secure as possible. That includes:
    • Using FV2
    • Setting a FW password
    • Fully shutting down my laptop when left "semi-unsecured", such as a hotel room safe
    /Jim
     
  25. Bear macrumors G3

    Joined:
    Jul 23, 2002
    Location:
    Sol III - Terra
    #25
    For a laptop, it may make sense to use a firmware password. For a desktop Mac at home, FileVault 2 should be enough, unless you're sharing with people you don't trust. All I care about is protecting the data. If the system gets stolen, all they can do is wipe the disk. If I had a firmware password it won't get me the computer back.
     

Share This Page