Welcome to the MacNN Forums.

xerep67 · Jan 14, 2004, 06:36 PM

can anyone tell me how I can find my login password.

Mac OS 10.2.8

I've tried everything

pendragon · Jan 14, 2004, 07:02 PM

I think the easiest and quickest way, is just to create a new password. To do that, follow the steps in Apple Knowledge Base Document 61945. http://docs.info.apple.com/article.html?artnum=61945

tooki · Jan 15, 2004, 03:44 AM

It is impossible to read out the password (the mathematics of the encryption make it impossible). You can only reset it as described above.

tooki

Detrius · Jan 15, 2004, 11:11 PM

Originally posted by tooki:
It is impossible to read out the password (the mathematics of the encryption make it impossible). You can only reset it as described above.

tooki

Actually, it's not impossible; but it is incredibly difficult. If you have a non-secure password, it can be cracked in a matter of days (password made up of real words, that is).

awaspaas · Jan 16, 2004, 12:20 AM

there's also a really fun UNIX-y way to do it without the CD, but we won't get into that if we don't have to

chris_h · Jan 16, 2004, 01:59 PM

Originally posted by awaspaas:
there's also a really fun UNIX-y way to do it without the CD, but we won't get into that if we don't have to

can you still just startup in single user mode (cmd-s) and passwd away like a madman?

car1son · 03:24 PM

Or you can use the nicl command to remove the password from the Netinfo database. (Playing with this command is also a great way to **** your system beyond hope of recovery.)

Adendum:
Okay, now I have to know why this BBS translated the innocuous "m.u.n.g." into ****? I've never heard of this as a profanity. The Jargon file has a simple hacker definition, and Merriam-Webster thinks its a legume. (Ha! I can't even post a link to its defintion.)

tooki · Jan 16, 2004, 03:25 PM

Originally posted by Detrius:
Actually, it's not impossible; but it is incredibly difficult. If you have a non-secure password, it can be cracked in a matter of days (password made up of real words, that is).

Retrieved, or simply cracked? No, it wouldn't take too long to discover an insecure password.

But it is absolutely impossible to read out the password. I'll tell you why:

1. user sets up a password
2. the OS takes that password and runs a mathematical algorithm on it, which involves discarding some of the information of the password
3. the result of the algorithm is called a "hash", and this is what is stored on the drive

When the user attempts to log in, their entered password is put through the same algorithm. This again produces a hash, and if it matches the hash stored on disk, access is granted.

The actual passwords are never compared.

Think of it like this super-simplified theoretical example: pretend the password was a number.

Say, 22.

The hashing algorithm in this simplified case simply divides by 5, resulting in 4 with a remainder of 2.

Then it takes the 2 as the hash, and stores the 2 on disk.

As you can see, you cannot reconstruct the original number -- 22 -- from the hash. (In this super-simple example, of course, any number that was 2 larger than any multiple of 5 would result in the same hash, but we'll ignore that.)

When the user tries to log in, it re-hashes the entered password, sees that the hash matches, and allows access.

Real-life hashing algorithms are of course much more complex, but they do rely on remainders, modulus, etc to create hashes from which the original password cannot be extracted because important parts of it have been discarded. (Contrast this with encrypted passwords, which are quite a different matter, since the entire password is contained within the cryptogram. Those can indeed be broken, and the password extracted.)

tooki

P.S. in Mac OS X, you can see a user's password hash in NetInfo Manager. Not that you can do anything useful with it.

car1son · Jan 16, 2004, 07:42 PM

Originally posted by tooki:
P.S. in Mac OS X, you can see a user's password hash in NetInfo Manager. Not that you can do anything useful with it.

Sure there is. You can feed it into Mac Hacker Toolkit or any other Unix password cracker, and it will recover it (by exhaustively trying all possible values - whether you call that cracking or guessing is moot: you learn the password.) On a modern processor the exhaustive attack on password limited to a maximum of 8 characters (pre-Panther) takes about a day on average. A dictionary attack is much faster if the password is as simple as a word.

Angus_D · Jan 17, 2004, 04:53 PM

Originally posted by tooki:
1. user sets up a password
2. the OS takes that password and runs a mathematical algorithm on it, which involves discarding some of the information of the password
3. the result of the algorithm is called a "hash", and this is what is stored on the drive

So you run a brute force cracking application against the hash.

P.S. in Mac OS X, you can see a user's password hash in NetInfo Manager. Not that you can do anything useful with it.

Actually, in Panther they're properly shadowed and you can't do this any more.

coolmacdude · Jan 21, 2004, 03:47 PM

Originally posted by Angus_D:
Actually, in Panther they're properly shadowed and you can't do this any more.

You can still read the hash from single user mode and copy it down. It's better than having it available to anyone in Netinfo but it doesn't provide that much more protection if you pick weak passwords.