|
|
how do i retrieve my admin password
|
|
|
|
Fresh-Faced Recruit
Join Date: Jan 2004
Status:
Offline
|
|
can anyone tell me how I can find my login password.
Mac OS 10.2.8
I've tried everything
|
|
|
|
|
|
|
|
|
Mac Enthusiast
Join Date: Mar 2000
Location: Georgetown, TX USA
Status:
Offline
|
|
|
Harv
27" i7 iMac (10.10.3), iPhone 5 (iOS 8.3)
Those who can make you believe absurdities can make you commit atrocities. ~Voltaire
|
|
|
|
|
|
|
|
Admin Emeritus
Join Date: Oct 1999
Location: Zurich, Switzerland
Status:
Offline
|
|
It is impossible to read out the password (the mathematics of the encryption make it impossible). You can only reset it as described above.
tooki
|
|
|
|
|
|
|
|
|
Professional Poster
Join Date: Apr 2001
Location: Asheville, NC
Status:
Offline
|
|
Originally posted by tooki:
It is impossible to read out the password (the mathematics of the encryption make it impossible). You can only reset it as described above.
tooki
Actually, it's not impossible; but it is incredibly difficult. If you have a non-secure password, it can be cracked in a matter of days (password made up of real words, that is).
|
ACSA 10.4/10.3, ACTC 10.3, ACHDS 10.3
|
|
|
|
|
|
|
|
Mac Elite
Join Date: Apr 2001
Location: Minneapolis, MN
Status:
Offline
|
|
there's also a really fun UNIX-y way to do it without the CD, but we won't get into that if we don't have to
|
|
|
|
|
|
|
|
|
Mac Elite
Join Date: Mar 2001
Location: East Texas (omg)
Status:
Offline
|
|
Originally posted by awaspaas:
there's also a really fun UNIX-y way to do it without the CD, but we won't get into that if we don't have to
can you still just startup in single user mode (cmd-s) and passwd away like a madman?
|
|
|
|
|
|
|
|
|
Mac Enthusiast
Join Date: Nov 2001
Location: Arizona
Status:
Offline
|
|
Or you can use the nicl command to remove the password from the Netinfo database. (Playing with this command is also a great way to **** your system beyond hope of recovery.)
Adendum:
Okay, now I have to know why this BBS translated the innocuous "m.u.n.g." into ****? I've never heard of this as a profanity. The Jargon file has a simple hacker definition, and Merriam-Webster thinks its a legume. (Ha! I can't even post a link to its defintion.)
(
Last edited by car1son; Jan 16, 2004 at 03:24 PM.
)
|
|
|
|
|
|
|
|
|
Admin Emeritus
Join Date: Oct 1999
Location: Zurich, Switzerland
Status:
Offline
|
|
Originally posted by Detrius:
Actually, it's not impossible; but it is incredibly difficult. If you have a non-secure password, it can be cracked in a matter of days (password made up of real words, that is).
Retrieved, or simply cracked? No, it wouldn't take too long to discover an insecure password.
But it is absolutely impossible to read out the password. I'll tell you why:
1. user sets up a password
2. the OS takes that password and runs a mathematical algorithm on it, which involves discarding some of the information of the password
3. the result of the algorithm is called a "hash", and this is what is stored on the drive
When the user attempts to log in, their entered password is put through the same algorithm. This again produces a hash, and if it matches the hash stored on disk, access is granted.
The actual passwords are never compared.
Think of it like this super-simplified theoretical example: pretend the password was a number.
Say, 22.
The hashing algorithm in this simplified case simply divides by 5, resulting in 4 with a remainder of 2.
Then it takes the 2 as the hash, and stores the 2 on disk.
As you can see, you cannot reconstruct the original number -- 22 -- from the hash. (In this super-simple example, of course, any number that was 2 larger than any multiple of 5 would result in the same hash, but we'll ignore that.)
When the user tries to log in, it re-hashes the entered password, sees that the hash matches, and allows access.
Real-life hashing algorithms are of course much more complex, but they do rely on remainders, modulus, etc to create hashes from which the original password cannot be extracted because important parts of it have been discarded. (Contrast this with encrypted passwords, which are quite a different matter, since the entire password is contained within the cryptogram. Those can indeed be broken, and the password extracted.)
tooki
P.S. in Mac OS X, you can see a user's password hash in NetInfo Manager. Not that you can do anything useful with it.
|
|
|
|
|
|
|
|
|
Mac Enthusiast
Join Date: Nov 2001
Location: Arizona
Status:
Offline
|
|
Originally posted by tooki:
P.S. in Mac OS X, you can see a user's password hash in NetInfo Manager. Not that you can do anything useful with it.
Sure there is. You can feed it into Mac Hacker Toolkit or any other Unix password cracker, and it will recover it (by exhaustively trying all possible values - whether you call that cracking or guessing is moot: you learn the password.) On a modern processor the exhaustive attack on password limited to a maximum of 8 characters (pre-Panther) takes about a day on average. A dictionary attack is much faster if the password is as simple as a word.
|
|
|
|
|
|
|
|
|
Addicted to MacNN
Join Date: Mar 2000
Location: London, UK
Status:
Offline
|
|
Originally posted by tooki:
1. user sets up a password
2. the OS takes that password and runs a mathematical algorithm on it, which involves discarding some of the information of the password
3. the result of the algorithm is called a "hash", and this is what is stored on the drive
So you run a brute force cracking application against the hash.
P.S. in Mac OS X, you can see a user's password hash in NetInfo Manager. Not that you can do anything useful with it.
Actually, in Panther they're properly shadowed and you can't do this any more.
|
|
|
|
|
|
|
|
|
Senior User
Join Date: Feb 2003
Location: Atlanta
Status:
Offline
|
|
Originally posted by Angus_D:
Actually, in Panther they're properly shadowed and you can't do this any more.
You can still read the hash from single user mode and copy it down. It's better than having it available to anyone in Netinfo but it doesn't provide that much more protection if you pick weak passwords.
|
2.16 Ghz Core 2 Macbook, 3GB Ram, 120 GB
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Forum Rules
|
|
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
|
HTML code is Off
|
|
|
|
|
|
|
|
|
|
|
|