To quote Bob Marshall: “Security is always relative, never absolute”
When i started contracting, i thought it would be a good idea to make my macbook require a password on booting up or waking up from screensaver. For weeks i’ve been using it fine coming out of screensaver, but today i rebooted. I couldn’t log in. I think it must be something to do with the colemak keyboard layout. I entered the correct password, in colemak and qwerty, but it was having none of it.
Slightly flustered i turned to my phone and searched for “forgot osx password”. Very quickly i found a few articles on how to restart, hold down Cmd + s to get into single user command line mode, and then mount the filesystem for reading and writing.
Without entering a password, you now have superuser access to the whole system. You can reset people’s passwords. You can view and modify files. You can wipe the whole computer if you want to.
All i’m saying is, if you think an account password will protect you, you’re wrong. It may act as a deterrent, but if someone really wants access to your mac, they coud get it in less than 5 minutes.
It’s not just macs either: How To Reset Admin/Root Password gives easy to follow instructions for FreeBSD, Linux, OS X, Solaris and Windows. Ironically, Windows is the hardest one to crack on this point!
It’s a bit of a wake-up call for me.
I have a password on my Mac account because it encrypts the Keychain and secures 1Password. Store anything you seriously want to protected in an encrypted sparsebundle.
Thanks for the tip! :)
Well if you visit our site then you will see that we have proved Bob Marshall to be wrong. Our security IS absolute, as long as it is used properly :-)
Congratulations on reading the first sentence and deciding to make your comment just based on that.
Failspammer.
Yeah. If someone has physical access to your box you’ve pretty much leaked whatever is not encrypted.
Thanks Greg. This really is quite a wake-up call for me.