Welcome to the MacNN Forums.

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

You are here: MacNN Forums > Software - Troubleshooting and Discussion > macOS > 4 finger password bypass

4 finger password bypass
Thread Tools
MacNNUK
Grizzled Veteran
Join Date: Aug 2007
Location: U.K.
Status: Offline
Reply With Quote
Aug 30, 2009, 06:46 AM
 
My wife has locked herself out of her iMac, by messing around with passwords.

I understand that there is a 4 finger bypass for the password login page.

I cannot find it in search, could someone please enlighten me, thanks

iMac Intel Core i5, 2.5GHz, 4GB RAM, 500GB 21.5" Monitor 10.8.3.
iMac 17" 2.0ghz Intel Core 2 Duo w 3gb memory (White one) 10.6.8.
Internal 500gb / 8x external HDD's 250GB - 3TB (4x Time Machine)
     
Big Mac
Clinically Insane
Join Date: Oct 2000
Location: Los Angeles
Status: Offline
Reply With Quote
Aug 30, 2009, 07:09 AM
 
There's no such thing as a 4 finger password bypass. You can either change the password through the single user mode command line or by starting up with an OS disc and changing the password through the Installer's Utilities menu.

If you're comfortable with the command line, try this hint.

"The natural progress of things is for liberty to yield and government to gain ground." TJ
     
MacNNUK  (op)
Grizzled Veteran
Join Date: Aug 2007
Location: U.K.
Status: Offline
Reply With Quote
Aug 30, 2009, 07:14 AM
 
Originally Posted by Big Mac View Post
There's no such thing as a 4 finger password bypass. You can either change the password through the single user mode command line or by starting up with an OS disc and changing the password through the Installer's Utilities menu.

If you're comfortable with the command line, try this hint.
The hint looks really helpful, thanks

iMac Intel Core i5, 2.5GHz, 4GB RAM, 500GB 21.5" Monitor 10.8.3.
iMac 17" 2.0ghz Intel Core 2 Duo w 3gb memory (White one) 10.6.8.
Internal 500gb / 8x external HDD's 250GB - 3TB (4x Time Machine)
     
turtle777
Clinically Insane
Join Date: Jun 2001
Location: planning a comeback !
Status: Offline
Reply With Quote
Aug 30, 2009, 01:50 PM
 
Originally Posted by MacNNUK View Post
My wife has locked herself out of her iMac, by messing around with passwords.
You wife got skillz.

-t
     
Art Vandelay
Professional Poster
Join Date: Sep 2002
Location: New York, NY
Status: Offline
Reply With Quote
Aug 30, 2009, 02:02 PM
 
I believe the four finger password bypass you're referring to is part of the method for resetting a firmware password.
Vandelay Industries
     
chabig
Addicted to MacNN
Join Date: Jun 1999
Location: Las Vegas, NV, USA
Status: Offline
Reply With Quote
Aug 30, 2009, 02:44 PM
 
Nope. There isn't any way around a password (even a firmware password) except to reset using the installer disk or from single user mode.

It takes four fingers to reset the PRAM, though.
     
Art Vandelay
Professional Poster
Join Date: Sep 2002
Location: New York, NY
Status: Offline
Reply With Quote
Aug 30, 2009, 02:48 PM
 
Apparently you are unaware of how to reset the firmware password when you don't know it.
Vandelay Industries
     
chabig
Addicted to MacNN
Join Date: Jun 1999
Location: Las Vegas, NV, USA
Status: Offline
Reply With Quote
Aug 30, 2009, 03:03 PM
 
Sorry Art. I misread what you wrote. I thought you were saying there is a way to bypass the firmware password, which there isn't. The four finger keypress to which you refer is a way to change or disable the password. But to do that, you must know that password to begin with.
     
Spheric Harlot
Clinically Insane
Join Date: Nov 1999
Location: 888500128, C3, 2nd soft.
Status: Online
Reply With Quote
Aug 30, 2009, 03:05 PM
 
Originally Posted by chabig View Post
I thought you were saying there is a way to bypass the firmware password, which there isn't. The four finger keypress to which you refer is a way to change or disable the password. But to do that, you must know that password to begin with.
This is, I believe, not entirely correct.
     
Art Vandelay
Professional Poster
Join Date: Sep 2002
Location: New York, NY
Status: Offline
Reply With Quote
Aug 30, 2009, 03:08 PM
 
Wrong. You can reset the firmware password without knowing it.
Vandelay Industries
     
chabig
Addicted to MacNN
Join Date: Jun 1999
Location: Las Vegas, NV, USA
Status: Offline
Reply With Quote
Aug 30, 2009, 03:10 PM
 
Not from the keyboard alone. You also have to open up the machine.
     
Art Vandelay
Professional Poster
Join Date: Sep 2002
Location: New York, NY
Status: Offline
Reply With Quote
Aug 30, 2009, 03:12 PM
 
And with the keyboard. Both are required.
Vandelay Industries
     
CharlesS
Posting Junkie
Join Date: Dec 2000
Status: Offline
Reply With Quote
Aug 30, 2009, 03:16 PM
 
Are you talking about pulling out the PRAM battery and changing the RAM configuration?

Ticking sound coming from a .pkg package? Don't let the .bom go off! Inspect it first with Pacifist. Macworld - five mice!
     
Art Vandelay
Professional Poster
Join Date: Sep 2002
Location: New York, NY
Status: Offline
Reply With Quote
Aug 30, 2009, 03:27 PM
 
I guess that method would work too, provided you have access to the battery. However, that is not the recommended method nor practical on laptops.
Vandelay Industries
     
CharlesS
Posting Junkie
Join Date: Dec 2000
Status: Offline
Reply With Quote
Aug 30, 2009, 03:51 PM
 
Well, I would assume it would involve a fair amount of hassle, because otherwise it would render the firmware password fairly useless.

So, what's the method?

Ticking sound coming from a .pkg package? Don't let the .bom go off! Inspect it first with Pacifist. Macworld - five mice!
     
Art Vandelay
Professional Poster
Join Date: Sep 2002
Location: New York, NY
Status: Offline
Reply With Quote
Aug 30, 2009, 03:57 PM
 
Technically, it's not supposed to be public knowledge since Apple only lets ASPs know it. However, it is easily found online.

Change the ram configuration
Reset PRAM via the keyboard (Option+Command+P+R). The four finger bypass that started this whole digression.
Vandelay Industries
     
seanc
Moderator Emeritus
Join Date: Apr 2005
Location: Cambridge, UK
Status: Offline
Reply With Quote
Aug 30, 2009, 04:02 PM
 
I think I read that on here back when the first Intel machines came out Art, I wasn't aware it wasn't public knowledge...
     
Art Vandelay
Professional Poster
Join Date: Sep 2002
Location: New York, NY
Status: Offline
Reply With Quote
Aug 30, 2009, 04:16 PM
 
It also applies to PPC Macs too. It's become public knowledge even though it's not supposed to be.
Vandelay Industries
     
Art Vandelay
Professional Poster
Join Date: Sep 2002
Location: New York, NY
Status: Offline
Reply With Quote
Aug 30, 2009, 04:18 PM
 
This KB article details the procedure.

http://support.apple.com/kb/HT1352?locale=en_US

The public can only see half of it. ASPs can see the whole article with the reset section.
Vandelay Industries
     
CharlesS
Posting Junkie
Join Date: Dec 2000
Status: Offline
Reply With Quote
Aug 30, 2009, 05:34 PM
 
Originally Posted by Art Vandelay View Post
Technically, it's not supposed to be public knowledge since Apple only lets ASPs know it. However, it is easily found online.

Change the ram configuration
Reset PRAM via the keyboard (Option+Command+P+R). The four finger bypass that started this whole digression.
Zapping the PRAM clears the firmware password?! That would make the password almost 100% useless!

I thought you were blocked from key combinations such as ⌥⌘PR, ⌘S, etc. if the firmware password was on!

Ticking sound coming from a .pkg package? Don't let the .bom go off! Inspect it first with Pacifist. Macworld - five mice!
     
Big Mac
Clinically Insane
Join Date: Oct 2000
Location: Los Angeles
Status: Offline
Reply With Quote
Aug 30, 2009, 05:43 PM
 
It's always been known that altering the installed RAM defeats the firmware password. If the person wanting to circumvent it has access to the inside of the computer, he can just remove the hard drive or take the whole machine with him, so short of encryption no password will protect anything in that instance.

"The natural progress of things is for liberty to yield and government to gain ground." TJ
     
Art Vandelay
Professional Poster
Join Date: Sep 2002
Location: New York, NY
Status: Offline
Reply With Quote
Aug 30, 2009, 05:46 PM
 
Originally Posted by CharlesS View Post
Zapping the PRAM clears the firmware password?! That would make the password almost 100% useless!

I thought you were blocked from key combinations such as ⌥⌘PR, ⌘S, etc. if the firmware password was on!
You can only reset PRAM if you change the RAM configuration with a password enabled.
Vandelay Industries
     
Clivey
Fresh-Faced Recruit
Join Date: Feb 2006
Status: Offline
Reply With Quote
Mar 5, 2010, 11:12 AM
 
Originally Posted by Art Vandelay View Post
You can only reset PRAM if you change the RAM configuration with a password enabled.
Meaning that there is NO WAY to bypass the firmware password?
PowerBook G4 12" 1.5GHz / 1.25GB DDR RAM / 100GB HDD - OSX 10.4.11
     
Simon
Posting Junkie
Join Date: Nov 2000
Location: in front of my Mac
Status: Offline
Reply With Quote
Mar 5, 2010, 11:18 AM
 
Originally Posted by CharlesS View Post
Well, I would assume it would involve a fair amount of hassle, because otherwise it would render the firmware password fairly useless.
The firmware password is fairly useless.

As always, if you cannot control physical access you aren't entirely safe.


Some AASPs used to like to show off (especially on anonymous boards) about how they knew this secret trick when actually everybody knew it (including your average google-savvy 12 year old). The AASPs were actually the ones that didn't have a clue about what was really going on.
( Last edited by Simon; Mar 5, 2010 at 04:26 PM. Reason: typo)
     
turtle777
Clinically Insane
Join Date: Jun 2001
Location: planning a comeback !
Status: Offline
Reply With Quote
Mar 5, 2010, 04:15 PM
 
I dont understand why people still think the FP password is any good.

Once someone has *physical* access to your machine. All bets are off.

The only way to keep your data safe is some file or folder encryption scheme.

-t
     
P
Moderator
Join Date: Apr 2000
Location: Gothenburg, Sweden
Status: Offline
Reply With Quote
Mar 5, 2010, 08:14 PM
 
The firmware password is very useful in a public computer. You can probably manage to reboot a public computer with a DVD if you're subtle enough, but you cannot open the machine and mess around with the RAM config without getting caught.
The new Mac Pro has up to 30 MB of cache inside the processor itself. That's more than the HD in my first Mac. Somehow I'm still running out of space.
     
Clivey
Fresh-Faced Recruit
Join Date: Feb 2006
Status: Offline
Reply With Quote
Mar 6, 2010, 07:25 AM
 
What I'm interested in is protecting the data on my PowerBook, and also making sure that any thieving bar-stewards can't simply replace the HDD and sell it on as a working machine.

I suppose I want the limited satisfation, in the event of a theft, of knowing that my laptop is useless to anyone else.
PowerBook G4 12" 1.5GHz / 1.25GB DDR RAM / 100GB HDD - OSX 10.4.11
     
turtle777
Clinically Insane
Join Date: Jun 2001
Location: planning a comeback !
Status: Offline
Reply With Quote
Mar 6, 2010, 10:40 AM
 
Originally Posted by Clivey View Post
What I'm interested in is protecting the data on my PowerBook
Like I said, you have various options:

* FileVault (not necessarily recommended)
* TrueCrypt
* Espionage
* data in encrypted DMG

Originally Posted by Clivey View Post
and also making sure that any thieving bar-stewards can't simply replace the HDD and sell it on as a working machine.

I suppose I want the limited satisfation, in the event of a theft, of knowing that my laptop is useless to anyone else.
Doesn't exist. And for sure, FP does not deliver this.

-t
     
Hal Itosis
Grizzled Veteran
Join Date: Mar 2004
Status: Offline
Reply With Quote
Mar 7, 2010, 05:54 PM
 
Originally Posted by P View Post
The firmware password is very useful in a public computer. You can probably manage to reboot a public computer with a DVD if you're subtle enough, but you cannot open the machine and mess around with the RAM config without getting caught.
Quoted.For.Truth.

There are probably a few variations... like a small office. Or a party at some house (whatever) where the Mac-owner needs to relieve their bladder. Or a college dorm, when one's roommate is asleep.

And there is a flip side to this coin as well: if some Mac does *not* have a firmware password set, then anyone can set it... thereby greatly inconveniencing the real owner. [fortunately, Intel Macs now require a boot DVD to do this. Setting one on a ppc Mac doesn't, and it can easily be done in under a minute.]
-HI-
     
israces
Mac Enthusiast
Join Date: Aug 2000
Location: Land of the Free
Status: Offline
Reply With Quote
Mar 18, 2010, 06:58 PM
 
Originally Posted by Clivey View Post

I suppose I want the limited satisfation, in the event of a theft, of knowing that my laptop is useless to anyone else.
When you finish using your laptop, pull the pin on a hand grenade and close it in your laptop between the screen and the keyboard, taking care not to allow the lever to release from the grenade. Back away slowly. When you hear the boom, smile and enjoy limited satisfaction.

This may violate certain treaties, so be sure to check the rules in your area before using this technique.
Backup your Backup
     
Clivey
Fresh-Faced Recruit
Join Date: Feb 2006
Status: Offline
Reply With Quote
Oct 20, 2010, 05:15 AM
 
Originally Posted by turtle777 View Post
Doesn't exist. And for sure, FP does not deliver this.
So BIOS passwords on even the cheapest netbooks stop thieves dead in their tracks (unless they have the skills to mess about with the motherboard and circumvent the password protection - it's not as simple as moving a jumper as in a desktop), yet you can't get the same level of security on a $2,000+ Apple laptop?
PowerBook G4 12" 1.5GHz / 1.25GB DDR RAM / 100GB HDD - OSX 10.4.11
     
turtle777
Clinically Insane
Join Date: Jun 2001
Location: planning a comeback !
Status: Offline
Reply With Quote
Oct 20, 2010, 07:39 AM
 
Originally Posted by Clivey View Post
So BIOS passwords on even the cheapest netbooks stop thieves dead in their tracks (unless they have the skills to mess about with the motherboard and circumvent the password protection - it's not as simple as moving a jumper as in a desktop), yet you can't get the same level of security on a $2,000+ Apple laptop?
I don't see your point. Either it's secure and can not be circumvented, or it's not secure. For me and my security needs, it has to be bullet proof or nothing.

Just because circumventing the netbook BIOS takes a little more effort doesn't really mean it's safe.

-t
     
Clivey
Fresh-Faced Recruit
Join Date: Feb 2006
Status: Offline
Reply With Quote
Oct 20, 2010, 12:53 PM
 
Originally Posted by turtle777 View Post
For me and my security needs, it has to be bullet proof or nothing.
OK; So which security measures do you use?

- No security is invincible / unbreakable. The trick is making it too difficult to be worthwhile for someone to try.
PowerBook G4 12" 1.5GHz / 1.25GB DDR RAM / 100GB HDD - OSX 10.4.11
     
Spheric Harlot
Clinically Insane
Join Date: Nov 1999
Location: 888500128, C3, 2nd soft.
Status: Online
Reply With Quote
Oct 20, 2010, 01:04 PM
 
If you have to remove the machine from the premises and take it apart, it's too difficult to be worthwhile to do on the fly.

Once you have to remove the machine from the premises to circumvent it, it's completely irrelevant whether it takes five or fifteen minutes.

It requires expertise and/or research, and time. Either it's something the thief can deal with (rare), or he just passes it on to the fence for pennies, who has someone who deals with it, or it just gets thrown away.
     
Clivey
Fresh-Faced Recruit
Join Date: Feb 2006
Status: Offline
Reply With Quote
Oct 20, 2010, 04:09 PM
 
Originally Posted by Spheric Harlot View Post
If you have to remove the machine from the premises and take it apart, it's too difficult to be worthwhile to do on the fly.

Once you have to remove the machine from the premises to circumvent it, it's completely irrelevant whether it takes five or fifteen minutes.

It requires expertise and/or research, and time. Either it's something the thief can deal with (rare), or he just passes it on to the fence for pennies, who has someone who deals with it, or it just gets thrown away.
Precisely. The problem is that in certain of Apple's laptops, removing the RAM in order to reset the firmware password isn't that difficult / could potentially be done inside the premises very quickly.
PowerBook G4 12" 1.5GHz / 1.25GB DDR RAM / 100GB HDD - OSX 10.4.11
     
Spheric Harlot
Clinically Insane
Join Date: Nov 1999
Location: 888500128, C3, 2nd soft.
Status: Online
Reply With Quote
Oct 20, 2010, 04:15 PM
 
It invariably requires removing a couple of screws (ten, on most current 'Books).

Unless you're talking about the very early iBooks/Powerbooks G4 - which really aren't current enough to be of concern.
     
turtle777
Clinically Insane
Join Date: Jun 2001
Location: planning a comeback !
Status: Offline
Reply With Quote
Oct 20, 2010, 04:16 PM
 
Originally Posted by Clivey View Post
OK; So which security measures do you use?
128 or 256 bit encryption with a 17 digit alpha-numeric & special characters password.

I use TrueCrypt containers or Espionage.

-t
     
Clivey
Fresh-Faced Recruit
Join Date: Feb 2006
Status: Offline
Reply With Quote
Oct 20, 2010, 05:15 PM
 
Originally Posted by Spheric Harlot View Post
It invariably requires removing a couple of screws (ten, on most current 'Books).

Unless you're talking about the very early iBooks/Powerbooks G4 - which really aren't current enough to be of concern.
Note my signature...

The 'Old Faithful' is still in service. I also use TrueCrypt...gotta love freeware!
PowerBook G4 12" 1.5GHz / 1.25GB DDR RAM / 100GB HDD - OSX 10.4.11
     
Spheric Harlot
Clinically Insane
Join Date: Nov 1999
Location: 888500128, C3, 2nd soft.
Status: Online
Reply With Quote
Oct 20, 2010, 05:17 PM
 
The 12" requires removing four screws.
     
Clivey
Fresh-Faced Recruit
Join Date: Feb 2006
Status: Offline
Reply With Quote
Oct 21, 2010, 05:55 AM
 
Originally Posted by Spheric Harlot View Post
The 12" requires removing four screws.
Indeed. My point is that it's not exactly time consuming / difficult. It's as easy as stealing the HDD out of most laptops...which isn't ideal.
PowerBook G4 12" 1.5GHz / 1.25GB DDR RAM / 100GB HDD - OSX 10.4.11
     
SSharon
Professional Poster
Join Date: Jan 2003
Location: Teaneck, NJ
Status: Offline
Reply With Quote
Oct 26, 2010, 10:29 PM
 
Originally Posted by turtle777 View Post
Like I said, you have various options:

* FileVault (not necessarily recommended)
* TrueCrypt
* Espionage
* data in encrypted DMG
-t
I'm curious to know why you don't recommend file vault. I use it for one user on my MBP and I've been very happy with the performance. Are there relatively easy workarounds I don't know? I've heard of truecrypt, is it as transparent as filevault is after setup?
AT&T iPhone 5S and 6; 13" MBP; MDD G4.
     
turtle777
Clinically Insane
Join Date: Jun 2001
Location: planning a comeback !
Status: Offline
Reply With Quote
Oct 26, 2010, 10:38 PM
 
I read too many horror stories how file vault screwed up and everything was gone.

Plus, I don't need my whole HD encrypted, not even all my documents.
I just need some encrypted, that's it.

-t
     
   
Thread Tools
 
Forum Links
Forum Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Top
Privacy Policy
All times are GMT -4. The time now is 02:45 PM.
All contents of these forums © 1995-2017 MacNN. All rights reserved.
Branding + Design: www.gesamtbild.com
vBulletin v.3.8.8 © 2000-2017, Jelsoft Enterprises Ltd.,