Make Your Mac Even More Secure With A Firmware Password [OS X Tips]

IMG_1544

You probably have a regular login password for your Mac, which you type in when installing software or maybe even when you deactivate the screensaver. It’s fairly secure, but there are indeed ways around it.

If a malicious person with physical access to your Mac wants to get at your data, they can simply boot into a different mode, like Recovery Mode, Single User Mode or Verbose Mode. Or, they can boot your Mac using a USB drive and get around the password that way.

Setting a firmware password will add another, lower level of security to your Mac, and will make it so anyone who wants to boot into an alternate mode will need your second password. It’s fairly easy to enable, too.

IMG_1543

First up, restart your Mac and hold the Command-R key down. This will put your Mac into Recovery Mode, which is how you’d recover from an OS X disaster or file corruption.

This time, however, after your Mac boots into Recovery Mode, click on the Utilities menu at the top of your screen and choose Firmware Password Utility. You’ll get a message window telling you that Password protection is off.

IMG_1545

Click on the button labeled Turn On Firmware Password, and then enter a new password–not the same one as your login password, mind you–twice in the boxes provided.

IMG_1546

Once you hit the Set Password button, you’ll want to go back up to the Apple Menu and choose Restart. When your Mac starts back up, your Firmware password will be active. The only way to see it is to try and boot your mac into one of the alternative boot modes, like Recovery Mode or Single User Mode.

IMG_1548

To test this, just restart your Mac again, holding down the Command-R buttons on your keyboard. You should see a big lock and a place to type in your firmware password. Do so, and then hit the little arrow button. Your Mac should boot into Recovery Mode.

If you make a mistake and type in the wrong password, your Mac will just sit there, silently mocking you with the lock picture. So don’t forget this password, ok?

  • __DarkBlue

    The problem with this article is that it could instil a false sense of security in those who follow its advice. A firmware password is fairly easily overcome by someone who has physical access to the “protected” computer (which they would have if they were able to command-R). Simply changing the RAM configuration is enough to reset the firmware password. Or they could just pop out the HDD and take it with them. Heck, why not simply take the whole machine?

    If a user is *really* concerned about protecting their data then he/she should consider nothing less that OS-X’s whole disk encryption. This is easily enabled from the System Preferences and will protect your valuable data from all but the most sophisticated of thieves – providing they have NSA-levels of resources.

    Oh yeah, you do have backups right? On and off-site? You should – if you care about your data.

About the author

Rob LeFebvreAnchorage, Alaska-based freelance writer and editor Rob LeFebvre has contributed to various tech, gaming and iOS sites, including 148Apps, Creative Screenwriting, Shelf-Awareness, VentureBeat, and Paste Magazine. Feel free to find Rob on Twitter @roblef, and send him a cookie once in a while; he'll really appreciate it.

(sorry, you need Javascript to see this e-mail address)| Read more posts by .

Posted in OS X, Tips & Tricks | Tagged: , , , , |