Make Your Mac Even More Secure With A Firmware Password [OS X Tips]



You probably have a regular login password for your Mac, which you type in when installing software or maybe even when you deactivate the screensaver. It’s fairly secure, but there are indeed ways around it.

If a malicious person with physical access to your Mac wants to get at your data, they can simply boot into a different mode, like Recovery Mode, Single User Mode or Verbose Mode. Or, they can boot your Mac using a USB drive and get around the password that way.

Setting a firmware password will add another, lower level of security to your Mac, and will make it so anyone who wants to boot into an alternate mode will need your second password. It’s fairly easy to enable, too.


First up, restart your Mac and hold the Command-R key down. This will put your Mac into Recovery Mode, which is how you’d recover from an OS X disaster or file corruption.

This time, however, after your Mac boots into Recovery Mode, click on the Utilities menu at the top of your screen and choose Firmware Password Utility. You’ll get a message window telling you that Password protection is off.


Click on the button labeled Turn On Firmware Password, and then enter a new password–not the same one as your login password, mind you–twice in the boxes provided.


Once you hit the Set Password button, you’ll want to go back up to the Apple Menu and choose Restart. When your Mac starts back up, your Firmware password will be active. The only way to see it is to try and boot your mac into one of the alternative boot modes, like Recovery Mode or Single User Mode.


To test this, just restart your Mac again, holding down the Command-R buttons on your keyboard. You should see a big lock and a place to type in your firmware password. Do so, and then hit the little arrow button. Your Mac should boot into Recovery Mode.

If you make a mistake and type in the wrong password, your Mac will just sit there, silently mocking you with the lock picture. So don’t forget this password, ok?

Via: OS X Daily

  • __DarkBlue

    The problem with this article is that it could instil a false sense of security in those who follow its advice. A firmware password is fairly easily overcome by someone who has physical access to the “protected” computer (which they would have if they were able to command-R). Simply changing the RAM configuration is enough to reset the firmware password. Or they could just pop out the HDD and take it with them. Heck, why not simply take the whole machine?

    If a user is *really* concerned about protecting their data then he/she should consider nothing less that OS-X’s whole disk encryption. This is easily enabled from the System Preferences and will protect your valuable data from all but the most sophisticated of thieves – providing they have NSA-levels of resources.

    Oh yeah, you do have backups right? On and off-site? You should – if you care about your data.