Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Setting a Firmware Password to Prevent Macbook Theft/Reformat

M

midgetsanchez

macrumors regular
Original poster
Jun 9, 2009
174
0
Ok, so I was looking through anti-theft solutions for the MBP, but all of the ones I've found so far are software-based, which would be rendered useless by a smart thief, who would probably just reformat the drive immediately.

While on orbicule's site, I found a guide for setting a "firmware password". Supposedly it prevents thieves from reformatting your hard drive or installing a new one(it'll ask them to input the firmware password), and the only way to get around it is to bring it to apple(which in the case of a stolen laptop, is a no-no).

It requires no installation of any software, and is a built-in feature hidden in your mac. Instructions for setting a firmware password can be found below:

http://www.orbicule.com/blog/2007/05/what-you-need-to-know-about-apple.html

http://support.apple.com/kb/HT1352

106482_1.jpg


"When turned on using an Intel-based Mac, Open Firmware Password Protection:

* Blocks the ability to use the "C" key to start up from an optical disc.
* Blocks the ability to use the "N" key to start up from a NetBoot server.
* Blocks the ability to use the "T" key to start up in Target Disk Mode (on computers that offer this feature).
* Blocks the ability to use the "D" key to start up from the Diagnostic volume of the Install DVD.
* Blocks the ability to start up a system in Single-user mode by pressing the Command-S key combination during startup.
* Blocks a reset of Parameter RAM (PRAM) by pressing the Command-Option-P-R key combination during startup.
* Blocks the ability to start up in Verbose mode by pressing the Command-V key combination during startup.
* Blocks the ability to start up in Safe Boot mode by pressing the Shift key during startup.
* Requires the password to use the Startup Manager, accessed by pressing the Option key during startup (see below).
"


In case you're wondering what the point of this is, by enabling a firmware password, if your MBP is stolen a thief won't be able to boot off a DVD or reformat or boot off another hard drive...combine this with a secondary "guest" user account with no admin privileges that has an antitheft program installed on it(like orbicule or lojack). The thief will have no way of disabling it(since he doesn't have admin priv's) and will be screwed as the antitheft program hidden on the guest account secretly sends his data to authorities.

Anyone know anything about this? Does it sound like a good idea?
 
doesn't sound like it'll thwart a smart thief. if i stole a laptop that had this installed i'd just replace the hdd with a new one...problem solved
 
littleasian said:
doesn't sound like it'll thwart a smart thief. if i stole a laptop that had this installed i'd just replace the hdd with a new one...problem solved
Click to expand...

It will not let you use that new hd without knowing the efi/firmware password..
Only way around it would be to replace the mlb (uneconomical)
 
I can see this causing some major headaches if you ever ran into trouble and needed to do diagnosis or even just get data off the drive. Especially if you don't live near an Apple store. And I doubt a thief will simply return your notebook.

OTOH, I can definitely see the value of a firmware password to protect your information and make life frustrating for a thief.
 
Demosthenes X said:
I can see this causing some major headaches if you ever ran into trouble and needed to do diagnosis or even just get data off the drive. Especially if you don't live near an Apple store. And I doubt a thief will simply return your notebook.

OTOH, I can definitely see the value of a firmware password to protect your information and make life frustrating for a thief.
Click to expand...

You realize though, unless you somehow manage to forget the password, you'll be fine. It'll simply ask you for the password if you need to do diagnostics or anything. And no, this won't convince a thief to return the notebook, but instead force him to use the 'guest' user account which you can install antitheft software(lojack or orbicule) on and no admin privileges. The software will capture pictures of his face through iSight and send those, along with his location, back to you/authorities, making recovery much more likely.
 
Sounds a good plan, must get this for my shiny new MacBook Air but what about somebody just replacing the HDD.....and flashing the EFI /switching the jumpers ??? Surely if they have physical access to the machine they can bypass this firmware password??
 
MacFanNoob said:
Sounds a good plan, must get this for my shiny new MacBook Air but what about somebody just replacing the HDD.....and flashing the EFI /switching the jumpers ??? Surely if they have physical access to the machine they can bypass this firmware password??
Click to expand...
Most thieves are opportunists, and I'd highly doubt they're that technically savvy. They just see the laptop as either a "free" Mac, or something they can quickly exchange for cash. Seriously, someone who has enough intellect and technical training to bypass the firmware password probably has a good job, or at the very least isn't out there ripping off people's laptops. It's a good way to go to jail, which for a geek isn't a fun place to be...

The "guest" account is a must if you want to do this, however. Hopefully the idiot who steals your laptop will be tempted to try it out at first, and that's the only way he'll get on your machine.
 
I remember my dad talking something about the bios, idk what part, but something about how it saves your password to the motherboard and so it basically makes the computer useless if stolen or password is forgotten. He said how its on pcs so i assume macs have it too. But apparently if you set it, there is noone who can save the computer if the password is lost.
 
by pass lock screen (EFI)

Sorry folks but there is no way to by pass lock screen (EFI) if you have got a new mac (air, book pro, or what ever) since early 2011. The main reazon is that every singel password is saved in to the bios (i know, i know…) well the little chip that serves as a bios (still it is actually a bios) that you have to remove and then get a new flashed one.
 
Biocobi said:
Sorry folks but there is no way to by pass lock screen (EFI) if you have got a new mac (air, book pro, or what ever) since early 2011. The main reazon is that every singel password is saved in to the bios (i know, i know…) well the little chip that serves as a bios (still it is actually a bios) that you have to remove and then get a new flashed one.
Click to expand...
This thread is 3 years old, so your post doesn't apply to the Macs being discussed here.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back