Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!

Recovering a lost root password System
Although there's no real way to recover a lost root password, you can change the root password even if you do not know the current one. You must have physical access to the machine in order to accomplish this task. The following steps were originally noted on this MacNN forum, which contains a number of follow-up messages about security in general - well worth the reading time.

NOTE: The following information has been publicly disclosed on a number of Internet sites, and is not a new find. I'm simply repeating it here for the sake of completeness.

Read the detailed section of this article for step-by-step instructions on regaining access to your root account.

Originally posted by QuantumFusion on the MacNN forums, and repeated with slight readbility changes, here are the steps to regain access to root:
  1. Click Restart at the login window
  2. While the computer is restarting, hold down "Command-S" until you see text scrolling through the window. This boots the computer into single user mode.
  3. At the Localhost% prompt type:
    /sbin/mount -uw /
    /sbin/SystemStarter
    You will then see various services starting up.

  4. When the Localhost% prompt reappears, type:
    passwd root
    It will then ask you to type the new root password twice, so do so.

  5. After entering the new password, type:
    reboot
At the login window, enter username root wih the new password. Once you are connected, you can use the Multiple Users application (/Applications/Utilities) to change your normal user's password, or create a new user account.
    •    
  • Currently 3.65 / 5
  You rated: 4 / 5 (31 votes cast)
 
[254,983 views]  

Recovering a lost root password | 17 comments | Create New Account
Click here to return to the 'Recovering a lost root password' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Yikes
Authored by: Jay on Dec 18, '00 03:40:26PM
This is dangerous!

[ Reply to This | # ]
Completely standard
Authored by: Anonymous on Dec 19, '00 08:49:40PM

This is a standard feature of all unix implementations, as it should be. There is essentially no way of securing a
computer against someone with physical access to it; at the very most, you may introduce the inconvenience of
removing the hard drive from your machine and mounting it on some other computer which they already control.

Given that you cannot trust any computer, running any existing operating system, to be safe against an attacker
with physical access, this really is a feature, and not a bug.



[ Reply to This | # ]
Different, though, for Mac OS users!
Authored by: robg on Dec 19, '00 09:15:07PM

I guess I just need to start thinking that way (that it's normal). My first thought was "geez,
someone could steal all my data files." Well, of course they can do that under 9.0 as well,
and I never worried about it there!

I was also considering how will I get back into the machine if this were to happen ... guess
that's simple; just repeat the process!

It is indeed a brave new world for the longtime Mac OS crowd - and it's quite interesting!



[ Reply to This | # ]
huuh?
Authored by: charon on Mar 31, '02 10:38:23PM
No, it is not. I know SCO OpenServer5, which is a Unix system that can be installed according to different safety standards (with C2 = 'military grad' as the highest safety level). Even on the lowest (traditional Unix) safety level, it is not possible to boot SCO5 in single user mode and get to a shell without entering the root password. AFAIK, Linux and other Unix systems behave this way. If not, breaching system security (worse) undetected (much worser!!!) would be very, very easy. While it is always possible to break system security when you have physical access to a server, on SCO5 you have to remove the disk array and mount it on a different system. In this case, a security breach can be at least detected (missing drives; broken drive hatches, if locked; ..).* If booting into single user mode gives you some or all root privileges without root password, an attacker would simply install a backdoor mechanism to the system, which might be very difficult to detect. No need to change the root password or remove disks.. IMHO if you "lose" the root password and there is a way to get it "back" (reseting or changing it) without having to reinstall the system from ground up, the system is not trustworthy in terms of security.. Just my $0.02 *) You can prevent that stolen disks are "useful" for thieves, if you encrypt the filesystem (don't know, if this is possible on OS X).

[ Reply to This | # ]
Help on commands
Authored by: shadowmyst on Jul 29, '04 09:58:08PM

i am running 10.3.4 and i did not do the initial installation on this machine.. I have an account with admin rights.. but as far as root i dont know the password.. when i try the above steps it a doesnt go to localhost% is goes to root# when i enter the commands as stated it mounts the drive successfully and it also initializes through the SystemStartup then on the passwd root it just drops the carrier down and provides no information to enter the new password or any errors.. just allow to type continuously until hitting ctrl-c at which you return to the prompt.. please help



[ Reply to This | # ]
change root passwd with Install CD
Authored by: Anonymous on Mar 23, '01 05:16:36PM

I have just received the final release and all you will need to change root password is to reboot your Mac with the Installer CD.

Before you install, go to the menu and you will see an option to reset all user + root passwords.

Would not like a CD to get into the wrong hands!

Cheers



[ Reply to This | # ]
Easier way..
Authored by: cpaden on Mar 31, '02 03:24:07PM
I havent seen this here, but it is easier just to type this in the terminal:


sudo sh
At prompt enter admin (your) password
passwd root   
Now, fix your root password.
exit  

Now you're all set!

[ Reply to This | # ]
Easier way..
Authored by: Thom on Oct 17, '02 04:00:48PM

if you've forgotten every single password, then you're SOL using your method.
the one in the tip is for desperation, last-ditch efforts.



[ Reply to This | # ]
forgot to fsck, and don't use SystemStarter
Authored by: Thom on Oct 17, '02 04:04:50PM

There are _two_ commands at boot time -- one is to check the filesystem,
I think it's fsck -y
THEN you do mount -uw /

(regardless, you'll get prompted to do both of these things when you boot into single user mode.)

instead of SystemStarter I'd suggest only running NetInfo, since that's where the password is getting stored...

cd /var/db/netinfo
netinfod -s local
passwd username
<type the password in>
exit

the system now boots into normal multi user mode.

I'd just say that it'd take a lot longer and be kind of silly to start a whole bunch of services when all you need is access to netinfo. ;)



[ Reply to This | # ]
Security issues...
Authored by: tuxedobob on Feb 09, '03 12:08:24AM

For those bothered by this who would like to be able to prevent someone from doing this, you may want to use the Open Firmware password application. The page on Apple's support site to download it is found here. Installing this prevents starting up in single user mode, resetting the PRAM, and other things insanely useful when stuff goes wrong. Be careful, though, because if you forget this password, you're screwed.



[ Reply to This | # ]
Lost Open Firmware Password
Authored by: RichB on Apr 04, '03 06:10:49PM

Yes you are screwed if you forget the Open Firmware Password, however, a quick trip to your Apple Authorized Service Provider can fix it for a small fee and lecture!



[ Reply to This | # ]
Lost Open Firmware Password
Authored by: embee on Oct 05, '03 10:02:57AM

You can save yourself a trip to an Authorized Apple service center if you change the physical configuration of the machine (i.e. remove/add RAM). This forces a reset of any password applied to the Open Firmware. This is what the linked KB article says.



[ Reply to This | # ]
Recovering a lost root password
Authored by: puqq on Dec 14, '03 02:34:57PM

Does this apply to any other OS, like, OS 9, Panther???



[ Reply to This | # ]
Recovering a lost root password
Authored by: Tigershark on Oct 14, '04 07:57:38AM

In Panther you have to run the netinfo one. Mac 10.1, and 10.2 you are able to use single user mode with mount -uw and system starter. However, you will need to run the netinfo one for Panther. Panther loads Apache Web server when you do normal startup. Therefore, when it goes to open it, it is available. In single user mode, you must run systemstarter to load the users into the OS. But, in SU mode, Apache hasn't been loaded so it will keep waiting for it and you will not have access to the passwd command.



[ Reply to This | # ]
Change a lost root password using sudo
Authored by: mhrivnak on Sep 22, '06 03:57:18PM
Interesting info. Using 10.3, I was not able to use passwd while in single user mode. Likewise, all of the netinfo command line utilities would just hang. I ended up using sudo to change the root password. Note that this only works if a user account is setup to automatically log in, and is only necessary if you don't know the root password or a user password. Once in single user mode with the filesystem mounted and writeable...

# visudo

Add an entry like this:

someuser ALL=(ALL)NOPASSWD: ALL

Reboot, fire up a terminal, and...

$ sudo -s
# passwd

Now you've changed the root password, and you can do whatever you need. Remember to use visudo to remove that entry from /etc/sudoers, because it is dangerous!

[ Reply to This | # ]

Recovering a lost root password
Authored by: giogioforums on Feb 26, '08 04:32:17PM

This is the solution I found it has no limitations but you need to have a windows PC and any macDisk software:
MacDisk is a software that allows to look into any Mac HardDisk and read/modify/delete its content without any need for any passoword.
Once you installed on the Windows PC your MAC Hard Disk (make sure Windows do not write any signatures on it by cancelling its request)
go on the preferencies folder (this work for both OS 9 and OS x) and then in the System Folder locate the file named Multi-User Prefs and delete it. Then do a normal restart.
Note thas this procedure will also allow the recovery of your files from the PC
Enjoy it
G



[ Reply to This | # ]
Recovering a lost root password
Authored by: qdbest123 on Jul 21, '10 06:20:37PM

Thanks for the info. It work perfect. It did take a few trys and figure out what I was doing then it all fell into place. Thanks again.



[ Reply to This | # ]