Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the 'A stolen Mac and Keychain Access really secure?' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
A stolen Mac and Keychain Access really secure?
Authored by: szabesz on Sep 24, '04 06:02:43AM

I am just wondering: what is going to happen when you use the Mac Os X install CD to boot, change the passwords, so you have a complete control over anyone else's system. With the new password you login and use the Keychain Access. Is it secure? Anyone with some experience?



[ Reply to This | # ]
A stolen Mac and Keychain Access really secure?
Authored by: JKT on Sep 24, '04 07:27:38AM

This is one of the purposes of FileVault. As it stands, if you have a normal account set-up without a Master password and FileVault activated, anyone with physical access to your machine can easily access your account using the method you described - boot from Install CD, change the admin password and then access the admin's Keychain to see all their passwords.

If you use FileVault this is no longer possible as changing the password with the install CD disconnects the FileVault from the user - all that the person hacking into the system would get is access to an encrypted image for which they would need the Master Password to mount. The Master Password itself is set in stone and cannot be changed. See the Security panel in System Preferences (in 10.3.x) for more info.

As an alternative to FileVault, you can choose to use a password for your Keychain that is not the same as your login password, so that it remained locked even if someone changed your login password. That is, you would have to type in another different password after login to allow the system and applications to access the keychain.

---
PB G4, 1.5 GHz, 2x512MB RAM, 128MB VRAM, 80 GB 5400rpm HD, SuperDrive, MacOS X 10.3.5



[ Reply to This | # ]
A stolen Mac and Keychain Access really secure?
Authored by: VirtualWolf on Sep 24, '04 11:55:18PM

If you boot from the install disc and reset a user's password, their Keychain password isn't changed at all. It remains as the original password.



[ Reply to This | # ]
A stolen Mac and Keychain Access really secure?
Authored by: davidefrank on Sep 24, '04 03:57:04PM

This gets awkward to explain, but here goes.

Let's say Fred and Barney both have accounts on a Mac OS X system. Suppose Fred wants to break into Barney's account. If Fred is an administrator, he can just change Barney's password via the Accounts pane of System Preferences. If Fred is NOT and administrator, or perhaps Fred has stolen Barney's machine, he could change Barney's password by booting the system from the Mac OS X installer CD. (Unless booting from the CD is disabled in Open Firmware.)

Now Fred can log in as Barney. But Fred still cannot unlock Barney's keychain! Fred only has access to Barney's local account, NOT to every account defined in Barney's keychain.

Here's why. When a user changes THEIR OWN password in the Accounts pane of System Preferences, their keychain password is changed to match. BUT if an admin user changes ANOTHER user's password, the keychain password is NOT automatically updated. The same is true for passwords reset via the startup disk.

(A "normal" user - ie not an administrator - can't change another user's password. Thank goodness!)

I had to be convinced that Keychain represented a net gain in security. Overall I believe it does in fact increase the security of the user's many login identities, while it also adds to the convenience of accessing many accounts. Not a bad accomplishment!

-Dave Frank



[ Reply to This | # ]