Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

What is to stop someone from using the reset password utlity?

astromoose

astromoose

macrumors member
Original poster
Jul 27, 2008
79
9
NC. SF.
Sorry if this is a stupid question. I have my home folder encrypted using filevault. What is to stop someone from booting the OS X install disc and running password reset to change the password on my username?
Even if I had a firmware password set, could they just stick the drive in another machine and reset the password?
 
astromoose said:
Sorry if this is a stupid question. I have my home folder encrypted using filevault. What is to stop someone from booting the OS X install disc and running password reset to change the password on my username?
Even if I had a firmware password set, could they just stick the drive in another machine and reset the password?
Click to expand...

They could change the password on your login account like these approaches, but it wouldn't change the password your data was encrypted with.

To decrypt, they will simply have to know the filevault password -- either yours or the master FileVault password. If they do not know either password, then they simply cannot decrypt the data.
 
electroshock said:
They could change the password on your login account like these approaches, but it wouldn't change the password your data was encrypted with.

To decrypt, they will simply have to know the filevault password -- either yours or the master FileVault password. If they do not know either password, then they simply cannot decrypt the data.
Click to expand...

For example if my macbookpro were to get stolen: could someone not change the login password for the encrypted account with password reset, then reboot, login to that account, and have access to everything in that accounts home folder?
 
you can also set a firmware password which would prevent booting from any source without that password
 
melchior said:
you can also set a firmware password which would prevent booting from any source without that password
Click to expand...

Read the OP again…

astromoose said:
Even if I had a firmware password set, could they just stick the drive in another machine and reset the password?
Click to expand...

And OP, here you said…

astromoose said:
For example if my macbookpro were to get stolen: could someone not change the login password for the encrypted account with password reset, then reboot, login to that account, and have access to everything in that accounts home folder?
Click to expand...


But as electroshock said…

electroshock said:
They could change the password on your login account like these approaches, but it wouldn't change the password your data was encrypted with.

To decrypt, they will simply have to know the filevault password -- either yours or the master FileVault password. If they do not know either password, then they simply cannot decrypt the data.
Click to expand...

All sorted out? The password you login with is part of how FileVault encrypts your files. So even if you change your password using the reset utility, the password they’re encrypted with is needed to decrypt them. That’s why this warning is there:

Screen shot 2009-10-08 at 12.43.16 AM.png

WARNING: Your files will be encrypted using your login password. If you forget your login password and you don’t know the master password, your data will be lost.
Click to expand...

The short answer, or if you don’t understand all the technical stuff, is that they still wouldn’t be able to get your data if it was encrypted with FileVault.
 
You are right.
If you try and do what i described it comes up with a dialogue that says "Your user account password is different from your FileVault password." And you must enter the old password to gain access...

Thanks!
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back