or Connect
AppleInsider › Forums › Software › Mac OS X › Help! (Forgot Master password)
New Posts  All Forums:Forum Nav:

Help! (Forgot Master password)

post #1 of 39
Thread Starter 
Fun fun fun...I forgot my master password! I can't reset it with the OS X install CD, and logging in as root doesn't change anything.
I don't really need to fix this (I never use Filevault), but I'd like to know that everything on my comp is under control.

PS: I'd rather not reinstall the OS

Cheers
post #2 of 39
Quote:
Originally posted by Placebo
Fun fun fun...I forgot my master password! I can't reset it with the OS X install CD, and logging in as root doesn't change anything.
I don't really need to fix this (I never use Filevault), but I'd like to know that everything on my comp is under control.

PS: I'd rather not reinstall the OS

Cheers

Have you tried changing or cracking the password via Single User Mode or the CLI?

A step-by-step explaination for the exploit is here.

(And shouldn't this be in Genius Bar?)
C rm -rf windows/
Bad Command or File Name
Reply
C rm -rf windows/
Bad Command or File Name
Reply
post #3 of 39
Phroggy, Placebo is talking about the master password, not the root password. The master password decrypts the other passwords used by FileVault.

Placebo is screwed basically because OS X can no longer read the home directories. Having not used FileVault, and not intending to use FileVault, I don't know of any way of killing FileVault without knowing the master password.

Barto
Self Indulgent Experiments keep me occupied.

rotate zmze pe vizspygmsr minus four
Reply
Self Indulgent Experiments keep me occupied.

rotate zmze pe vizspygmsr minus four
Reply
post #4 of 39
Quote:
Originally posted by Barto
Phroggy, Placebo is talking about the master password, not the root password. The master password decrypts the other passwords used by FileVault.

Ah, thanks, Barto, my bad.


(I haven't used FileVault yet, nor do I plan to; too many horror stories.)
C rm -rf windows/
Bad Command or File Name
Reply
C rm -rf windows/
Bad Command or File Name
Reply
post #5 of 39
How can anyone "forget" their own password, master or otherwise? Unless you just made a weird random series of letters and numbers like the bank does? In which case, you might should've written it down somewhere.

My password is a simple word, but a word that doesn't really exist because it came to me in a dream years and years ago. I woke up and said "what in the hell is a...".



I think the word you're looking for, Placebo, is "screwed". Apple makes it a point of saying in several places "if you lose or forget this, your data is gone forever" or words to that effect.

post #6 of 39
vieiriafairuzaloaf, Paul?

post #7 of 39
Thread Starter 
Quote:
Originally posted by pscates
How can anyone "forget" their own password, master or otherwise? Unless you just made a weird random series of letters and numbers like the bank does? In which case, you might should've written it down somewhere.

My password is a simple word, but a word that doesn't really exist because it came to me in a dream years and years ago. I woke up and said "what in the hell is a...".



I think the word you're looking for, Placebo, is "screwed". Apple makes it a point of saying in several places "if you lose or forget this, your data is gone forever" or words to that effect.


No. no you don't understand. I've set my master password, but I'm not using flevault on any of my accounts. So I'm really not screwed in anyway, but I'm losing sleep thinking of what I set my password.

Can anyone think of synonyms to "decrypt"? That's what my hint is.
post #8 of 39
Ah, I see, Placebo.

Damn you, murbot!



That's NOT it...but it's better than mine!
post #9 of 39
decrypt = decode, break, crack, cryptanalyze, decipher

post #10 of 39
but it's probably 1337 like d3c0d3, or d3cryp7 etc.
post #11 of 39
Hmmm

Look, if i clone my hd onto a fw hd, then connect it to any other mac i can read all my files without any passwords...

That makes me think...

WHY IS THIS POSSIBLE? are permissions ignored on external hds?

or am i imagining things?
What contemptible scoundrel has stolen the cork to my lunch? _(W.C. Fields)
Reply
What contemptible scoundrel has stolen the cork to my lunch? _(W.C. Fields)
Reply
post #12 of 39
Quote:
are permissions ignored on external hds?

Yes! That is, if you want them to be:



Mind the 'ignore ownership' checkbox.

No sign yet of a larger HD, btw, keeping my fingers crossed.
post #13 of 39
der Kopf

YOU DIDN'T GET IT YET?!?!?!

i will dig up tracking # for you.
(probably tomorrow, as today i have to work...after work)


And back to ignoring ownership... It doesn't make too much sense, because...

What's the point of password protecting my stuff if someone can just make a copy of it and access it?
It should retain permissions, possibly with an option of changing them, but you would need your password for it.

Sorry Placebo, for hijacking your thread.
What contemptible scoundrel has stolen the cork to my lunch? _(W.C. Fields)
Reply
What contemptible scoundrel has stolen the cork to my lunch? _(W.C. Fields)
Reply
post #14 of 39
The operating system is what recognizes and respects permissions.

Your concern with security is kind of what prompted FileVault.
post #15 of 39
Quote:
Originally posted by piwozniak
Hmmm

Look, if i clone my hd onto a fw hd, then connect it to any other mac i can read all my files without any passwords...

That makes me think...

WHY IS THIS POSSIBLE? are permissions ignored on external hds?

or am i imagining things?

this is inherent in unix (and unix-like, probably other systems') security. the users on your computer are stored in a special database, on your computer. for example, lets say you have 1 user "piwozniak". under the scenes the OS translates the name into an ID, example 501. these IDs are only valid locally. so, when a file is owned by piwozniak, under the scenes, it's owned by 501; and in the dirty 1s and 0s of the OS' mind, piwozniak, his home directory, his password, everything, is just a extra information, directly associated with that ID. But, when you pull out the hd, and pop it into another computer not as the root (boot/startup) partition, the OS has to think about the permissions.

it says to itself, "i have a file here, owned by 501. i wonder if they mean 501 as defined in my set of users, or 501 by some foreign set of users. afterall, i can't be certain that my 501 aligns properly with this foreign disk's 501, i don't even know if i can access a user database on this disk. and if i could, i don't know if the user really wants me to. maybe i'll just ignore the permissions on this drive, and let the users run willy nilly all over the place. or, i could force all files owned by 501 to refer to my 501, and assume that they align. even if i have an ID 501, i don't know if the passwords will match up. i just hope i dont run into any IDs on this hd that i don't have in my database. o woe is me, the lowly OS."
post #16 of 39
OK

I understand.

i was thinking about it for the last 30 min, and it makes sense,
Even if a file's owner is a user,(not system) how can an OS compare that users' password to the original password? it would have to be attached to the file itself.

How about disallowing access to files on external volumes, if not owned by system?

That would prevent anyone from accessing my stuff.

Right, but then how would i access my own files from external HD?


Thanks guys as always.
What contemptible scoundrel has stolen the cork to my lunch? _(W.C. Fields)
Reply
What contemptible scoundrel has stolen the cork to my lunch? _(W.C. Fields)
Reply
post #17 of 39
Thread Starter 
Quote:
Originally posted by Bill M
decrypt = decode, break, crack, cryptanalyze, decipher


Awesome! I think it's decipher! Thanks a bunch!
post #18 of 39
Quote:
Originally posted by Placebo
Awesome! I think it's decipher! Thanks a bunch!

Now that you've posted that to a world-readable board, change it.
"...within intervention's distance of the embassy." - CvB

Original music:
The Mayflies - Black earth Americana. Now on iTMS!
Becca Sutlive - Iowa Fried Rock 'n Roll - now on iTMS!
Reply
"...within intervention's distance of the embassy." - CvB

Original music:
The Mayflies - Black earth Americana. Now on iTMS!
Becca Sutlive - Iowa Fried Rock 'n Roll - now on iTMS!
Reply
post #19 of 39
Thread Starter 
Quote:
Originally posted by Amorph
Now that you've posted that to a world-readable board, change it.

Never mind. Didn't work. DAMMIT!

(BTW, my computer isn't online, which SUCKS!)
post #20 of 39
Quote:
Originally Posted by Placebo View Post

Never mind. Didn't work. DAMMIT!

(BTW, my computer isn't online, which SUCKS!)

There is an easy way to reset the master password on a mac. Visit
http://homepage.mac.com/bethanyoffic...20Corporation/ for instructions on how to reset a lot of passwords on a mac. I compiled it myself. IF you want' you can donate via PayPal for research on some of the matters that do not have answers. (I need another mac to test everything out on). Anyway, you will find how to reset the master password there.

Lomoco
Mac_Hack corporation
Mac_Hack.corp@yahoo.com
Lomoco
Mac_Hack Corporation
Mac_Hack.corp@yahoo.com
Reply
Lomoco
Mac_Hack Corporation
Mac_Hack.corp@yahoo.com
Reply
post #21 of 39
You are not required to donate though
Lomoco
Mac_Hack Corporation
Mac_Hack.corp@yahoo.com
Reply
Lomoco
Mac_Hack Corporation
Mac_Hack.corp@yahoo.com
Reply
post #22 of 39
I think you could also access all your data by booting from an external disk, with OS 9.

I already did this a long time ago, under Panther. Booting with OS 9 gave me access to all the #@$%?porn stuff another user left in his personal account, and I trashed everything Muhahahahaaa !

Mac mini 2.53 GHz, 4 GB, NVidia's 9400M.
13" MacBook Pro 2.66 GHz, 8 GB, NVidia's 320M.
OS X Snow Leopard 10.6.8

Reply

Mac mini 2.53 GHz, 4 GB, NVidia's 9400M.
13" MacBook Pro 2.66 GHz, 8 GB, NVidia's 320M.
OS X Snow Leopard 10.6.8

Reply
post #23 of 39
Quote:
Originally Posted by Kali View Post

I think you could also access all your data by booting from an external disk, with OS 9.

I already did this a long time ago, under Panther. Booting with OS 9 gave me access to all the #@$%?porn stuff another user left in his personal account, and I trashed everything Muhahahahaaa !

Hmmmm. Sounds like a bug
Lomoco
Mac_Hack Corporation
Mac_Hack.corp@yahoo.com
Reply
Lomoco
Mac_Hack Corporation
Mac_Hack.corp@yahoo.com
Reply
post #24 of 39
No, not at all. OS 9 and OS X both use the same disk format, HFS+. OS 9 simply ignores all of the permissions. This is normal. You can do this with any OS X disk to bypass the permissions completely.
My brain is hung like a HORSE!
Reply
My brain is hung like a HORSE!
Reply
post #25 of 39
Quote:
Originally Posted by Kickaha View Post

No, not at all. OS 9 and OS X both use the same disk format, HFS+. OS 9 simply ignores all of the permissions. This is normal. You can do this with any OS X disk to bypass the permissions completely.

Wow. I never knew that. Thanks for the info. That might come in handy later on.
Lomoco
Mac_Hack Corporation
Mac_Hack.corp@yahoo.com
Reply
Lomoco
Mac_Hack Corporation
Mac_Hack.corp@yahoo.com
Reply
post #26 of 39
This is sort of why having physical access to the hard drive is generally considered a bypass for all security on it, unless you use something like FileVault. This is the same thing that happens if you place the drive in an external enclosure, and do as der Kopf posted above.

What, MacHack Corp doesn't already publish this info??
My brain is hung like a HORSE!
Reply
My brain is hung like a HORSE!
Reply
post #27 of 39
Quote:
Originally Posted by Kickaha View Post

This is sort of why having physical access to the hard drive is generally considered a bypass for all security on it, unless you use something like FileVault. This is the same thing that happens if you place the drive in an external enclosure, and do as der Kopf posted above.

What, MacHack Corp doesn't already publish this info??


Come-on! I am just getting started. I am just concentrating on password bypassing or resetting for now. I might publish that on my site later. You can contact mac_hack directly at mac_hack.corp@yahoo.com to make complaints and such.
Lomoco
Mac_Hack Corporation
Mac_Hack.corp@yahoo.com
Reply
Lomoco
Mac_Hack Corporation
Mac_Hack.corp@yahoo.com
Reply
post #28 of 39
I remember I was in a classic app not to long ago and while I was browsing for a folder, I came across the folder "var" and it was in italics. And of course everyone should know that "var" is what is considered a hidden Folder. (A folder name with a "." in front of it.) So I see what you mean.
Lomoco
Mac_Hack Corporation
Mac_Hack.corp@yahoo.com
Reply
Lomoco
Mac_Hack Corporation
Mac_Hack.corp@yahoo.com
Reply
post #29 of 39
So, How did it go? Were you able to reset the master password? You should have been able to.
Lomoco
Mac_Hack Corporation
Mac_Hack.corp@yahoo.com
Reply
Lomoco
Mac_Hack Corporation
Mac_Hack.corp@yahoo.com
Reply
post #30 of 39
Quote:
Originally Posted by Placebo View Post

Fun fun fun...I forgot my master password! I can't reset it with the OS X install CD, and logging in as root doesn't change anything.
I don't really need to fix this (I never use Filevault), but I'd like to know that everything on my comp is under control.

PS: I'd rather not reinstall the OS

Cheers

Is FileVault currently active?

If it IS active, fat chance getting your master password.

If it is NOT active, I think it can be gotten easily.

So here is what I recommend:

1) Open "Keychain" and browse all of your saved passwords to see if any of those may have been the one you forget for your master password.

2) Try "" (a completely blank password) and "password" to see if you set it up like that when you set up your computer. It's unlikely -- but it's possible.

3) If all else fails; call Apple -- I'm sure they can help somehow.
post #31 of 39
Quote:
Originally Posted by icfireball View Post

Is FileVault currently active?

If it IS active, fat chance getting your master password.

If it is NOT active, I think it can be gotten easily.

So here is what I recommend:

1) Open "Keychain" and browse all of your saved passwords to see if any of those may have been the one you forget for your master password.

2) Try "" (a completely blank password) and "password" to see if you set it up like that when you set up your computer. It's unlikely -- but it's possible.

3) If all else fails; call Apple -- I'm sure they can help somehow.

Actually, if you just delete the file /Library/Keychains/FileVaultMaster.keychain, it will reset the master password as long as you don't have filevault on which this person doesn't. So Placebo is lucky in this case. OR oyu could go into terminal and type "sudo rm /Library/keychains/filevaultmaster.keychain" and your problem is solved.
Lomoco
Mac_Hack Corporation
Mac_Hack.corp@yahoo.com
Reply
Lomoco
Mac_Hack Corporation
Mac_Hack.corp@yahoo.com
Reply
post #32 of 39
You can't browse the filevault keychain without the master password.
Lomoco
Mac_Hack Corporation
Mac_Hack.corp@yahoo.com
Reply
Lomoco
Mac_Hack Corporation
Mac_Hack.corp@yahoo.com
Reply
post #33 of 39
Quote:
Originally Posted by Lomoco View Post

You can't browse the system keychain without the master password.

Not true!!

IF the keychain is locked, you cannot browse it without the password. IF it is NOT locked, browse away. By default, it is not locked on start-up once it has been unlocked and quit.
post #34 of 39
Quote:
Originally Posted by icfireball View Post

Not true!!

IF the keychain is locked, you cannot browse it without the password. IF it is NOT locked, browse away. By default, it is not locked on start-up once it has been unlocked and quit.


Are you referring to the "FileVault" keychain, or the "login" Keychain? The "login" keychain is by default unlocked yes, but not the "FileVault" keychain. Go back and check.
Lomoco
Mac_Hack Corporation
Mac_Hack.corp@yahoo.com
Reply
Lomoco
Mac_Hack Corporation
Mac_Hack.corp@yahoo.com
Reply
post #35 of 39
Quote:
Originally Posted by Lomoco View Post

Are you referring to the "System" keychain, or the "login" Keychain? The "login" keychain is by default unlocked yes, but not the "System" keychain. Go back and check.


I mean the FileVault keychain. Not the system one. oops
Lomoco
Mac_Hack Corporation
Mac_Hack.corp@yahoo.com
Reply
Lomoco
Mac_Hack Corporation
Mac_Hack.corp@yahoo.com
Reply
post #36 of 39
Quote:
Originally Posted by Lomoco View Post

Are you referring to the "FileVault" keychain, or the "login" Keychain? The "login" keychain is by default unlocked yes, but not the "FileVault" keychain. Go back and check.

I meant the system keychain as in the application, "Keychain Access."

But my point was that maybe he used the same password that he used for the master password as another password and by browsing the list of stored other passwords, he would find the one that was his master password.
post #37 of 39
Quote:
Originally Posted by icfireball View Post

I meant the system keychain as in the application, "Keychain Access."

But my point was that maybe he used the same password that he used for the master password as another password and by browsing the list of stored other passwords, he would find the one that was his master password.

Or he could just reset it and make a new one instead of trying to recover it by browsing through keychains, hoping that he used the same one for something else. However, your suggestion is a good one and if he wants to use the same password, then I would recommend that too. And also to check key-logs to see if he typed it in plain text ever. (If he has a key-logger)
Lomoco
Mac_Hack Corporation
Mac_Hack.corp@yahoo.com
Reply
Lomoco
Mac_Hack Corporation
Mac_Hack.corp@yahoo.com
Reply
post #38 of 39
E-mail Changed! It is now Lomoco.MacHack@gmail.com
Lomoco
Mac_Hack Corporation
Mac_Hack.corp@yahoo.com
Reply
Lomoco
Mac_Hack Corporation
Mac_Hack.corp@yahoo.com
Reply
post #39 of 39
I am really confused, I put file vault on, stupidly and quite unnecessarily, and yes, have forgotten my password, it was some combination of parts of words and i cant find the exact one, I cant even really see what filevault is meant to be doing, other than slow my laptop use right down, I guess i can just backup my files and re install the os?

will that reset on mack hack work safely, with file vault on, and not destroy/lose any data?

Thankyou
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Mac OS X
AppleInsider › Forums › Software › Mac OS X › Help! (Forgot Master password)