Mac OS X Tip - No Password, No Root, No CD? No Problem.

by , 11:00 AM EDT, June 16th, 2003

Say you've lost your account password, you don't have a system CD on hand, and you didn't enable root. Say you have no other way to log into that machine. Say you need access to the files on that machine right now.

Say you're in deep you-know-what, bucko.

Fortunately, there's a five minute fix -- all it takes is a little digging into the command line, and you're on your way. We got this hint from a technician who found himself in the deep end while trying to recover data from a PowerBook on extremely short notice.

My problem was this: I had no MacOS X CD, no user password, and root wasn't enabled.

What I had was this: A MacOS X Laptop that automatically logged in as an administrative user, but prompted me to enter a password whenever I attempted to perform an administrative task. A password I didn't have.

I needed to either reset the password on the logged in account, or enable root access and authenticate as that user. The solution:

  1. Reboot the machine into single user mode (CMD+S on boot)
  2. Mount the root file system as read/write (mount -uw /)
  3. Edit the SUDOERS file (visudo)
  4. Change all occurences of "(ALL) ALL" to "NOPASSWD: ALL" (Note: You'll need to know your way around the text editor vi -- check out the vi tutorial in MacOS X Command Line 101 for more. -TMO)
  5. Save the SUDOERS file and reboot (ESC-w, ESC-q, 'reboot')
  6. Open a terminal and execute the command 'sudo passwd root'

Voila! I was able to change the root password without being prompted for any other password. This done, I could authenticate as root and do anything I wanted on the box.

Here's the kicker -- this guy is a Windows technician. Who'd have thunk it?

So there's one method, but we discovered this only works if you have an account that automatically logs itself in when you boot the Mac. We're not all so lucky. What to do? We'll one-up this method with a way that works for any user account.

  1. First, you'll need to reboot into single-user mode. This boots your Mac into a text-only mode (you might be familiar with this experience if you've ever had to run fsck). You'll see instructions on how to run the file system check -- fsck -- and then a command prompt. Enter the command mount -uw / so that we can make changes to the disk.
  2. Next, you need to be able to make changes to the users' accounts on your Mac in order to reset your password, and we'll do that with NetInfo. Start NetInfo by typing Systemstarter. You'll see a pile of messages appearing, which might seem familiar to you if you've ever watched the startup progress bar. When you see the message System started. and a stationary cursor, hit Return. You'll see the shell prompt appear again.
  3. Now that NetInfo is running, we can change our lost password. If you don't know the short username for your account (for example, 'jane' instead of 'Jane Doe'), you'll need that - enter the command niutil -list . /users and hit Return, to see the names of the accounts on your Mac.
  4. Now that you know the name of the account you want to use, enter the command passwd user -- where user is the short name of the account you're changing. You'll be told that you're changing the password for user and asked to enter it twice. Do this, being careful with your typing: you won't see the characters you're typing, or stars. Watch that Caps Lock key, while you're at it.
  5. Now type reboot and press Return once more to reboot your Mac. You should now have no problem logging in.

There you have it -- two really quick ways to get back into your machine when you're in a pinch. Now don't forget it this time!

The Mac Observer Spin:

On to the dark side of this silver-lined cloud. As the Windows tech noted in his blog entry, no system is secure when you have physical access to it. That's an old adage in the computer industry, and it holds just as true today as it did when security was first becoming an issue umpteen years ago. These two workarounds we are publishing can help you get into a system from which you have been locked out, but they can also help a bad guy get into your system.

Mac OS X is a very solid OS with a security record that Microserfs dream about in their fitful and guilt-ridden nights. It's nigh on impossible (at least right now) for someone to gain control of your system remotely, but if they have access to the box itself (or the notebook), and they are determined to do so, they can get your files. Heck, even starting up a Mac in FireWire Target Mode is going to let someone have your system, and if they have a Mac OS X CD, they can just reset the password through the utility included on that CD. So, if you want your system to be secure, mind who has access to it.