Mac OS X Tip - No Password, No Root, No CD? No Problem.
by , 11:00 AM EDT, June 16th, 2003
Say you've lost your account password, you don't have a system CD on hand, and you didn't enable root. Say you have no other way to log into that machine. Say you need access to the files on that machine right now.
Say you're in deep you-know-what, bucko.
Fortunately, there's a five minute fix -- all it takes is a little digging into the command line, and you're on your way. We got this hint from a technician who found himself in the deep end while trying to recover data from a PowerBook on extremely short notice.
My problem was this: I had no MacOS X CD, no user password, and root wasn't enabled.
What I had was this: A MacOS X Laptop that automatically logged in as an administrative user, but prompted me to enter a password whenever I attempted to perform an administrative task. A password I didn't have.
I needed to either reset the password on the logged in account, or enable root access and authenticate as that user. The solution:
- Reboot the machine into single user mode (CMD+S on boot)
- Mount the root file system as read/write (mount -uw /)
- Edit the SUDOERS file (visudo)
- Change all occurences of "(ALL) ALL" to "NOPASSWD: ALL" (Note: You'll need to know your way around the text editor vi -- check out the vi tutorial in MacOS X Command Line 101 for more. -TMO)
- Save the SUDOERS file and reboot (ESC-w, ESC-q, 'reboot')
- Open a terminal and execute the command 'sudo passwd root'
Voila! I was able to change the root password without being prompted for any other password. This done, I could authenticate as root and do anything I wanted on the box.
Here's the kicker -- this guy is a Windows technician. Who'd have thunk it?
So there's one method, but we discovered this only works if you have an account that automatically logs itself in when you boot the Mac. We're not all so lucky. What to do? We'll one-up this method with a way that works for any user account.
- First, you'll need to reboot into single-user mode. This boots your Mac into a text-only mode (you might be familiar with this experience if you've ever had to run fsck). You'll see instructions on how to run the file system check -- fsck -- and then a command prompt. Enter the command mount -uw / so that we can make changes to the disk.
- Next, you need to be able to make changes to the users' accounts on your Mac in order to reset your password, and we'll do that with NetInfo. Start NetInfo by typing Systemstarter. You'll see a pile of messages appearing, which might seem familiar to you if you've ever watched the startup progress bar. When you see the message System started. and a stationary cursor, hit Return. You'll see the shell prompt appear again.
- Now that NetInfo is running, we can change our lost password. If you don't know the short username for your account (for example, 'jane' instead of 'Jane Doe'), you'll need that - enter the command niutil -list . /users and hit Return, to see the names of the accounts on your Mac.
- Now that you know the name of the account you want to use, enter the command passwd user -- where user is the short name of the account you're changing. You'll be told that you're changing the password for user and asked to enter it twice. Do this, being careful with your typing: you won't see the characters you're typing, or stars. Watch that Caps Lock key, while you're at it.
- Now type reboot and press Return once more to reboot your Mac. You should now have no problem logging in.
There you have it -- two really quick ways to get back into your machine when you're in a pinch. Now don't forget it this time!
The Mac Observer Spin:
On to the dark side of this silver-lined cloud. As the Windows tech noted in his blog entry, no system is secure when you have physical access to it. That's an old adage in the computer industry, and it holds just as true today as it did when security was first becoming an issue umpteen years ago. These two workarounds we are publishing can help you get into a system from which you have been locked out, but they can also help a bad guy get into your system.Mac OS X is a very solid OS with a security record that Microserfs dream about in their fitful and guilt-ridden nights. It's nigh on impossible (at least right now) for someone to gain control of your system remotely, but if they have access to the box itself (or the notebook), and they are determined to do so, they can get your files. Heck, even starting up a Mac in FireWire Target Mode is going to let someone have your system, and if they have a Mac OS X CD, they can just reset the password through the utility included on that CD. So, if you want your system to be secure, mind who has access to it.
Observer Comments
CMD+S on boot does not work due to open firmware. I'm very limited in utilizing my 12" Ibook G4 1.07 GHz Power PC 256 MB built-in. I don't have the password or admin user name to the admin account. I purchased this computer through Ebay and now I'm unable to contact the seller. I even tried removing the Hard Drive. I did not replace the drive just removed it for a few hours. I read this advice online. I've also read to take out the Vram but I didn't do this step. After taking this apart I wish I would have. Wow what a chore to get to the hard drive. How can I gain control of my new but slightly used computer. Any help would be greatly appreciated. I do have the CD but I'm prompted to give the open firmware admin user name and pw when I try and boot from the CD. Everything I've tried will not give me access to the computer. Help would be greatly appreciated
Fri Feb 17, 2006 5:14 pm Subject:
QuoteIntruder wrote:
You can try this:
1) Add or remove DIMMs to change the total amount of RAM in the computer.
2) Then, the PRAM must be reset 3 times. (Command + Option + P + R).
See if that will reset the Open Firmware password. If not, post again, and we'll see what else can be tried.
I am a troll. Ignore me.
Sun Mar 12, 2006 6:30 am Subject: Re: Thanks!
Sun Dec 31, 2006 8:34 am Subject:
I tried this on an eMac with 10.3.5 on it last night. It auto-logins to a non-privileged parental controlled user. So
the first technique didn't work.
After running Systemstarter, I checked and netinfo still wasn't
started. I tried to manually start it, (cd /var/db/netinfo; netinfod -s local) but that wouldn't start it.
I ran out of time. So I couldn't get in.
I also had boxed set of 10.3 CDs (not the ones that came with
the eMac), and it wouldn't boot. It would start, then I would
get a dark grey circle with a slash (no sign) on the screen and nothing would happen. There was no password on the openboot prom.
I've since got the administrators password, so I can procede,
but I was curious why I couldn't get this to work.
Hi, I have a password protected iMac with 2002 on the bottom but I think it is summer ,01. It is Indigo and has either os x9 or 10.4. I never used a mac and someone was giving it away so I figured I'd give it a try. The install cd I have is from an eMac with 10.4.2. Everytime I try to boot from it ,it gets spit out. CMD S gets me to the command line but I'm not familier with it. How can I get in to reset te password or do a clean install. Any help would be great. Thanks, Joseph
Sat Jan 27, 2007 12:59 am Subject:
This is interesting, and welcome information. On the other hand, I wonder if advice like this helps people who should not be helped. I had my old 400 MHz G4 AGP stolen a while ago (how it happened is not important) and of course it was password protected on boot. I hope that whoever stole it can't use it . . . but here's a slew of advice on how to by-pass the password.
I know--like with all technology there's a potential good and a potential bad to whatever information is provided. I'm not really objecting, just venting a bit.
Sat Jan 27, 2007 12:28 pm Subject:
This saved me a lot of trouble. I got this mac from my dad who has type II dimentia and altzheimers and needless to say the password he gave me didn't work. If only I knew I could start it in a shell! after all these years using linux... I did notice that unlike linux you can't just alter the passwd file to create a blank password...
Wed Apr 18, 2007 3:19 pm Subject: typing passwd whoever hangs then brings back to prompt
Comments are currently closed. Please email the author instead.
Recent Headlines - Updated July 5th
- Fri, 10:29 AM
- News - Apple Warns of Learning Interchange Security Breach
- 7:30 AM
- News - Happy Fourth of July!
- Thu, 6:07 PM
- TMO Scoop - Psystar Moves to Drop Bankruptcy Ahead of Apple Legal Battle
- 5:37 PM
- News - Uncomfirmed Reports Say Apple & Nvidia On The Outs
- 4:57 PM
- News - Microsoft Sick Over Barf Ad
- 4:09 PM
- Product News - KRK Ships R6 Passive Studio Monitor for Recording
- 3:45 PM
- John Martellaro's Blog - Particle Debris (week ending 7/2) Juiced, Joost and Goosed
- 3:12 PM
- Product News - ExactScan 2 Pro Released
- 1:56 PM
- Deal Brothers - Apple TV with 160GB Hard Drive: $324.00 Delivered
- 12:46 PM
- TMO Appearances - TMO Appearances Jeff Gamet Shares iPhone Apps on MacJury
- 10:41 AM
- Product News - Art Text 2.2 Adds New Templates, Layer Options [Updated]
- 10:04 AM
- Hot Forum Topic - Deciphering Mac Sales
The Mac Observer Reader Specials
- Download Typestyler, still the Ultimate Styling Tool for Internet, Print and Video Graphics. Works great in Classic with a Native OS X Version on the way. Free Tryout: www.typestyler.com
OWC: Big Drives, High Performance - Not High Prices! SATA 3.5" up to 1.5TB. Notebook up to 500GB. FW up to 6.0TB. 1.0TB Drive Models from as low as $97.99 www.MacSales.com
If you're using a Mac, then you've gotta check out Full Tilt Poker for Mac. This Full Tilt Poker bonus code does the unthinkable, it actually rewards!
RamJet Memory: MacBook and MacBook Pro 4GB kits for $57.99! Mac Pro 4GB Kits $99.99! iMac and Mac mini 4GB Kits for $57.99! 1TB SATA Hard Drives for $109.99! Click hereFor the latest Apple products use Ciao, a price comparison website, to find laptops like MacBook Air. Then find the best prices on MP3 players and use our comparison tool to evaluate mobile phones like the Apple iPhone.
Laptop Hardware Provided by TechRestore - Overnight Mac & iPod Repairs.
