A friend brought her MacBook Air to me as she forgot her user account password and couldn’t login. I didn’t think it would be a huge deal to gain access to the laptop even though I’d never actually dealt with this problem before. Wow, what a mistake on my part. I soon found I had my work cut out for me.
DISK UNLOCK VIA ICLOUD
The first thing I noticed when I starting working on the machine was that the hard disk was encrypted. Not a huge problem because I had been provided with the iCloud password which meant I could unlock the disk remotely. Well, even this was a challenge because the machine had never been on my WiFi network before. So I had to boot the machine up holding down “Command” + “R” so that I could setup wireless access.
Once I had wireless connectivity I was able to unlock the hard disk. However, I still didn’t have the user account password so I couldn’t login to the machine.
I then accessed the Terminal and performed a user account password reset. I was able to login to the machine, but there were a ton of Keychain errors. I assume these came from having all of the password changes that were made before I was called in. I was unable to reset the Keychain as something in the OS was not quite right. Ultimately, I ended up backing things up, wiping the drive and reinstalling the OS and files.
WHAT DID WE LEARN?
Well, I believe there are several lessons here. I count the following:
– Apple security is good… damn good
– develop a password strategy so you don’t lose track of things
– encrypt your hard drive via File Vault!
– if you don’t encrypt your drive anyone with physical access to your machine can reset the password
– consider a firmware password if… you have sensitive data and you KNOW you won’t forget your password
Below is a link to the instructions that helped me resolve this issue:
And the steps I followed:
– Start up holding command-R.
– Choose Disk Utility.
– Choose the drive you need to decrypt and then click Unlock.
– Now quit Disk Utility and follow Eric’s instructions from step 2 over at this website. (NB – If you are NOT resetting the password, but instead resetting the ACLs, then be careful to instead follow the instructions in the link I have given above.)
Definitely a learning experience. I had no idea how easy it is to gain access to machine and my machines are now using File Vault encryption.