Working with the Open Firmware is about as secure as it gets right? Possibly.  Even with this super-low level password restriction in place, there are no guarantees.  I’ll show you how to bypass it.

This trick is squarely in a moral grey area.  It’s not common knowledge, but in order to fully understand security you have to know how to break it right? That’s the only way to truly be secure

The Open Firmware Password there to block unscrupulous people from messing with your Mac in public.  But, like all security measures, it’s only as good as the resources those unscrupulous people have. If they steal it, you’re pretty much screwed.

Here is the trick: Change the RAM
By changing your Mac’s RAM configuration and restarting, you are given one chance to zap the PRAM to wipe out the Open Firmware Password.  If you don’t wipe it on that next boot, the Open Firmware Password will be reinstated for that RAM configuration (yes you could just change it again, but at this point you either know what you’re doing or you don’t).

The full set of steps to get past the Open Firmware Password and working again are as follows:

  1. Startup your Mac and notice the Open Firmware Password is required
    The password field looks like the image at the top of this topic
  2. Curse / Grunt / Complain that there an Open Firmware Password
  3. Power down your Mac
  4. Remove some (or all) of the RAM
  5. Zap the PRAM
  6. Replace the removed RAM
  7. Restart your Mac and continue what you were doing in the first place.

A word of caution: Remember the limits of an Open Firmware Password – it protects against changing the boot volume, it does not protect your data. If your Mac can be opened, the hard drive can be removed and then all your data is easily accessible.

There is one other problem with this procedure, the MacBook Air and it’s soldered-on RAM.  I’m unsure of how to get around that snag, do you?

' '

Care to comment on this Topic ... ?

' '