OS X 10.7 & 10.8: Resetting Lost Account Passwords

If you forget an account password in Lion or Mountain Lion, there are lots of ways to reset it. The first, easiest way starts like this: Open System Preferences > Users & Groups, click on the lock at the bottom-left of the window to unlock the pane, and then enter an administrator's name and password so you can edit things.

After that, click on the account you've forgotten the password for and choose Reset Password.

Then OS X will ask you to enter the new password.

Seems simple, right? But there are a few caveats here. First, as the box above points out, resetting a lost password won't change the login keychain password for that account. This means that the user's keychain—which stores things like email passwords for Apple Mail, Wi-Fi passwords, and so on—won't be usable unless you recover that original password. Bummer. Unfortunately, you'll have to re-enter all of those passwords in a new keychain, which OS X will prompt your user to create the next time he logs in.

Second caveat: You can't reset the password on an account you're currently logged into unless you know the existing password, so log into a different user account if you need to make changes. (But if the sole administrator password is the one you've lost, see below.)

Lastly, the account you're trying to work with can't be logged in using fast user switching. See how my "karma" account is greyed out in the second screenshot above, with an orange checkmark next to its picture? That's because it's still logged in, so if I need to reset that user's password, I'll have to log him out first.

OK, so here's a pickle. What if the password you can't remember is your administrator password, and it's the only administrator account on your Mac? That'll mean that when you try to log in as a different user, you can't even unlock the System Preferences pane because you don't know the only existing administrator password! You're totally screwed, right? Well, maybe, but not where your Mac is concerned. If you set things up ahead of time, you can use your Apple ID to reset that password, and I wrote an article on how to do that a while back.

But if you didn't configure that before you forgot the password, you're still OK, because there's a super-secret ninja way to get around those restrictions. You're going to need to log in to your Mac's Recovery System, and you do that by holding down Command-R while your machine's restarting.

(Bear with me—as far as I know, you can't take screenshots in the Recovery System, and I just couldn't bring myself to take pictures with my phone and use them here.)

When you see the Apple icon appear on your screen, you can release Command-R. Once your Mac finishes booting, you should see a bunch of troubleshooting options that are very handy when your Mac's having trouble, like Restore from Time Machine Backup, Disk Utility, and Reinstall OS X. What you want to choose for our purposes, though, is Utilities > Terminal from the menu at the top of the screen.

When Terminal opens, type in the following, all lowercase with no spaces:

resetpassword

Afterward, you'll get a nifty little program in which you can choose the volume (usually "Macintosh HD") containing the user account with the missing password. You'll then select the account and enter a new password for it.

OK, so I totally lied. That's an ugly picture from my phone. I just can't be trusted, and I apologize.

Choose Save, and you're done! Then just go up to the Apple menu and hit Restart.

As before, resetting the password in this way will not change that account's keychain password, so the worst-case scenario is that you'll lose access to that. I sincerely hope that you know all of your email passwords if that's what happens. In any event, though, pretty much anything is better than not being able to log in at all. Except, perhaps, your Mac blowing up or becoming sentient or something.