raczylo.com blog ~ #

How to recover forgotten EFI password on your Mac

Created on 2014-11-27 in categories ops , mac
Tagged as: mac , osx , apple , security

Lost EFI password is a real pain in the butt

Forgotten EFI password

Shame - that’s all what I can say. As there was no Apple “Genius Bar” available I’ve decided to try on chat. Unfortunately Apple support chat operators don’t have enough power to help you with that, but if you really need to - you can always visit Apple Store or one of their Authorised Service / Retailers.

Authorized retailers

You need to bring few things with you ( or even pass them using ‘other communication methods’ )

  • Proof of ownership - good approach
  • Thing which I’m calling ‘magic hash’
  • Device serial number

Getting a proof of ownership

Well.. Simple as ‘buy your mac from the store, not craigslist’. If you were stupid enough to get yourself a stolen mac with EFI password - please leave a comment. There’ll be a ‘mac-darwin wink award’ draw at some point.

Getting serial number

  • Click on apple logo in upper left corner of your screen
  • … ‘About this mac’
  • More info… and there it is - ready for copy/paste

Getting ‘magic hash’

  • Shutdown your mac
  • Press alt and power button together, hold alt and wait for device to boot
  • You’ll see infamous EFI password ( padlock ) request
  • Press shift+ctrl+alt+cmd+s ( as normal people have only five fingers )
  • Take a picture / write down displayed hash

Bruteforcing forgotten password

That’s the method which I’ve used when chat support has failed. You can always try bruteforcing your password using ‘standard’ grey background with padlock, but hey - you’ve paid for that music from iTunes Store so why shouldn’t you enjoy it while trying to figure out which password has your drunk mind produced 2 years ago.

  • Open terminal
  • Paste following:

    defaults write com.apple.DiskUtility DUDebugMenuEnabled 1
  • Open Disk Utility

  • From top menu pick ‘debug’

  • From submenu pick ‘show all partitions’

  • Right-click and mount ‘Recovery’ partition present on your main drive ( greyed out one )

  • Go back to terminal and type

    open /Volumes/Recovery\ HD/com.apple.recovery.boot/BaseSystem.dmg
  • Navigate to Applications/Utilities in the window that appears

  • Start Firmware Password Utility

  • Great. You’re almost there. Now only few hours and hundreds of attempts and you’ll be in! :)

Good luck!

* Table of contents *

* Check other posts *

* Categories *

aws(1) cloud(3) dev(3) gems(1) howto(3) insights(1) internet(1) learning(1) lesson(1) mac(1) ops(8) post(1) projects(3) script(1) social(1) tools(1) tutorial(5)

* Tags *

api(2) apple(2) aws(3) bash(1) cloud(5) cluster(1) devices(1) docker(1) ec2(1) elasticsearch(1) gcp(1) gem(1) github(2) go(1) golang(2) google-authenticator(1) google-cloud(3) internet(1) iptables(1) kubernetes(1) linux(2) littleguardian(1) logging(1) mac(2) netgear(1) network(1) opensource(1) openvpn(1) osx(2) pci-compliance(1) review(1) ruby(2) security(2) ssh(1) tethering(1) tplink(1) ubuntu(1) wykop(1) yubikey(1)
comments powered by Disqus