Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the 'How *not* to change account passwords in 10.3' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
How *not* to change account passwords in 10.3
Authored by: jmao on Aug 25, '06 04:51:57AM

If the act of changing your password from the Accounts pref pane in System prefs also then alters the filevault password, then why don't you just change your password again?

Create another user that has admin rights. Then use that account in terminal and use dscl to change the account password of the first account.

sudo dscl . -passwd /Users/username newpassword

Once reset this way, you would be able to return to the other account and reset the account password from the GUI.

Would this work? From the sounds of what you've been doing, your machine auto-logins to your main account, right? So, you are able to enter this account to create another? If not, then reset the password using a System CD or from Single-user mode,...either way, this might help.



[ Reply to This | # ]
How *not* to change account passwords in 10.3
Authored by: jmao on Aug 25, '06 04:53:22AM

In addition, I believe with VoiceOver enabled, you can enter the text field with the 7 bullets, and select the text. VoiceOver will attempt to read it to you,...



[ Reply to This | # ]
How *not* to change account passwords in 10.3
Authored by: Nem on Aug 25, '06 10:27:51PM
Sorry, but that wouldn't work.

As an administrator, when you change a user's password, it just overwrites whatever is stored in netinfo (on other UNIX boxes, it overwrites whatever is in /etc/shadow for a particular user).

In order to "fix" the FileVault, you must have the password/key it was encrypted with.

This actually begs another question. If you change your password, does OS X re-encrypt your entire FileVault (home directory) with the new password? I'm guessing not, actually. I'm guessing that the key used to encrypt the FileVault is more complex than what can be represented by your password. That means that the actual encryption key is stored somewhere else on the system and perhaps that is encrypted with your login password. This makes a lot more sense, since it would be a time (and disk) consuming exercise to re-encrypt your FileVault everytime you change your password.

This is actually quite interesting - I'm gonna have to go do some research on this. ;-)

---
Nem W. Schlecht
http://geekmuse.net/

[ Reply to This | # ]