Restart the Mac with a Leopard (or whatever OS) disk in the drive.
Click on the CD option.
At the install screen use the Reset Password tool.
Shouldn't the question be:
Why are you trying to gain access to a computer you don't have authorisation for?
I thought that you had to enter the original password to be able to reset it.
If you needed to know the original password to reset it then what would be the point?
Then it would just be change password.
As for what you use it for, someone is going to know you've done it as you'll now have an account with no, or a different password.
The user asking the question has been a member for a while & wanted to see the "Internet history", sounded like a concerned parent to me.
Plus AFAIK this process is on the Apple page anyway.
So can you insert any Leopard install disc or does it have to be the same one it was installed with?
The reason I ask is because this seems like a security flaw. If I could take my Leopard disc and change someones password so I can get all their personal/secure information, that's crazy!
So can you insert any Leopard install disc or does it have to be the same one it was installed with?
The reason I ask is because this seems like a security flaw.
What I think is required to reset the password with an install disk, is an admin password. If that is so, of course it is no security flaw (since if having an admin password, you do not even need that reset to peek into the other account's content).
What I think is required to reset the password with an install disk, is an admin password. If that is so, of course it is no security flaw (since if having an admin password, you do not even need that reset to peek into the other account's content).
Another way is if you have enabled a master FileVault password, you can reset any account's password on the Mac, including root. Another reason to make sure this master password is long (over 20 characters) but yet memorable, because forgetting it can bring a world of hurt.
Locking the firmware is another good idea. This prevents someone from booting anything but the main OS drive without a password. (Well, there are other methods to get access, but I'll leave that as an exercise for the reader.)