If you read my previous post, "How to Hack into a Mac Without the Password", you know that it is very easy to break into someone's Mac if you have physical access to the computer. Now the question that lies is, how do we protect ourselves from this happening to us? Well, here is a way that guarantees that no one will be able to change your password through OS X Recovery.
But before we get started, why would you want to do that?
Well, if it's not to impress your girlfriend, or boyfriend, then maybe pay close attention to this.
My friend and I were finishing up a report in the library. The guy sitting next to us needed to use the restroom so he asked my friend if he could keep an eye on his laptop. My friend said sure. Funny thing is that previous to that, I was telling my friend about how easy it is for someone to hack into a Mac as long as you have physical access to it. We were also talking about some exploits, and how with a couple of bad clicks, one can give full access to the system.
Let's say I open up that guy's laptop, go into the OS X Recovery, change the password, and leave it alone. I just want to play a prank, not steal it. Of course, I didn't do that, but I could if I really wanted to. And maybe install some sort of backdoor for future access.
But what if that were you? If that was your computer and someone accessed it? And the worst part is you may have pictures of you credit card on there or maybe a text file with your usernames and passwords. It is dangerous to leave this hole open, so what we need to do is set a firmware password.
What is a firmware password?
A firmware password is a password that is asked when launching Recovery mode. It protects access to the Recovery. If you do not have this password set, anyone can access your Recovery and make changes to your computer.
Here is how to set a firmware password for Mac OS X.
- Launch the Recovery (hold Command + R at boot-up).
- On the top menu bar, go to Utilities -> Firmware Password Utility
- Click on "Turn On Firmware Password…."
- Type in a password, then hit "Set Password."
Note: Make sure it is different from your OS X password.
WARNING: Please do not forget your password, as there is no way of resetting it. I've heard that Apple may be able to help if you are in such a scenario, but I can't confirm that myself.
- Click on "Quit Firmware Password Utility."
- Shut down the computer by going to the Apple logo -> Shut Down.
When you boot into Recovery again, you will now see this screen:
You now have a firmware password. No one but you can access the Recovery. Note that this password is only asked when you try to boot into the Recovery. Otherwise, your computer will operate as normal.
There is another way to prevent someone from changing your password and it doesn't involve a firmware password. Instead, it uses a program included with OS X called FileVault. With FileVault, you can encrypt your whole hard drive. This will prevent someone from seeing the drive and changing the password. This method, however, brings some negatives into the equation, but we will talk about that another day.
Want to start making money as a white hat hacker? Jump-start your white-hat hacking career with our 2020 Premium Ethical Hacking Certification Training Bundle from the new Null Byte Shop and get over 60 hours of training from ethical hacking professionals.