Mac OS X Password Recovery
Instructions for the Mac OS X Password Recovery.
Although there’s no real way to recover a lost root password, you can change the root password even if you do not know the current one. You must have physical access to the machine in order to accomplish this task.
1. Click Restart at the login window
2. While the computer is restarting, hold down “Command-S” until you see text scrolling through the window. This boots the computer into single user mode.
3. At the Localhost% prompt type:
/sbin/fsck -y
/sbin/mount -uw /
/sbin/SystemStarter
You will then see various services starting up.
4. When the Localhost% prompt reappears, type:
passwd [username]
It will then ask you to type the new root password twice, so do so.
(Though I’ve not tried it, it appears you can type niutil -list . /users to get a list if users if you do not know the username….if someone wants to verify this, I would be most appreciative).
5. After entering the new password, type:
reboot
6. At the login window, enter the username with the new password. Once you are logged in, you can use the Multiple Users application (/Applications/Utilities) to change your user’s password, or create a new user account.
Note: this may not work for newer versions of OS X; I think they did something about it in a security update.
% niutil -list . /users
11 nobody
12 root
13 daemon
14 unknown
15 smmsp
16 www
17 mysql
18 sshd
52 user1
53 user2
54 user3
63 news
64 pgsql
…
Thanks for the info! You couldn’t have posted at a better time. I just had my osx box rooted. I enabled internet forwarding (wireless sharing to ethernet) with 128 bit wep password. The next day I brought up fink to update a package to find out my user is no longer an admin. I had a backup admin account too. It was also changed to a standard user. Now I am debating whether or not I should do a complete reinstall… know any good rootkit id packages?
Brilliant thanks. the username thing works too. one thing – for people not used to script language etc. you don’t see your password as you type, type it, hit return and typr it again and hit return again and then type reboot – it seems like it’s not working but it is.
in my PowerBook not work
/sbin/fsck -y —— ok
/sbin/mount -uw —— ok
/sbin/SystemStarter — ok
niutil -list . /users —- the PBook not response and no see prompt
sorry sned yhis before to end coment…
to retur to prompt i push Ctr + Z
passwd [user] delay 15 secont and return prompt ndot ask password
you sugestion, i need recovery the password my DVD not work, my song create a game whit it ;)
Thanks
I tried. I typed what you said at the localhost:/ root# prompt after that it just keeps on repeating waiting on apache server. What do I do about that??
i tried. I typed what u said and it works until step 4. It says that the startup is complete. But the Localhost% prompt dont reappears. I typed passwd [username] and nothing happend, but localhost:/ root# reapears. I retyped it again but theres no results…what can i do…???
Um, guys.. I think you need a space and a period after passwd [username]. It should end up being:
passwd [username] .
I think.
Hey, your directions are working fine for me up until step 4. Whenever I type in passwd [username] (both with and without the space & period), all that comes up is: “usage: passwd [-i infosystem] [-l location] [name]” and a bunch of other stuff, but it is not prompting me to enter a new root password. Any suggestions? Thanks.
Hi guys,
Whenever I enter password [username] I get the error “command not found”. I have tried both with and without the period and am really stumped. Please anyone reply back if you have found the solution.
The command is not password. It is passwd (no “or”)
Read the instructions more carefully and be sure to copy the commands exactly (down to the letter!)
Hope this helps
Sorry about the confusion, I was actually typing “passwd”. Here is what I did step-by-step:
fsck -y (to check for errors)
mount -uw / (to mount the drive)
SystemStarter
After I type in “SystemStarter” , it starts scrolling through but hangs on “Java HotSpot” and then does not go any further. To get a prompt, I hit “Enter” and then I type in “passwd root” After I type that in I get the response “Command Not Found” Has anyone else experienced this.
BTW, thanks for replying back Elliot, I appreciate it.
“Sorry about the confusion, I was actually typing “passwd”. Here is what I did step-by-step:
fsck -y (to check for errors)
mount -uw / (to mount the drive)
SystemStarter
After I type in “SystemStarter” , it starts scrolling through but hangs on “Java HotSpot” and then does not go any further. To get a prompt, I hit “Enter” and then I type in “passwd root” After I type that in I get the response “Command Not Found” Has anyone else experienced this.
BTW, thanks for replying back Elliot, I appreciate it. ”
hmm, my reply to that post didnt get added,
so here it is: “thats the exact same problem i have. I’m running the first version of mac os x.”
I was havign the same problems it varies with which version of OSX you are using. I got this from http://www.westwind.com/reference/OS-X/commandline/single-user.html
Starting system daemons and components:
Depending on what you need to accomplish in single-user mode, you may (or may not) need to start up more of the operating system’s normal components ( access to disks other than the boot volume, networking, etc). This part of the process works a bit differently depending on what version of Mac OS X you’re using. Under 10.0 through 10.2, the SystemStarter command is all it takes. Under 10.3, you need to register the Mach services, then launch netinfod manually, then finally invoke SystemStarter to finish the job. After running any of these commands, do not attempt to continue the boot with the exit command. If you aren’t sure what version you have, use sw_vers to find out.
/usr/libexec/register_mach_bootstrap_servers /etc/mach_init.d – (10.3 only) Register a bunch of programs to be triggered by mach-init, which take care of setting up networking, directory services, disk arbitration, etc. — see the config files in /etc/mach_init.d/ and Apple’s web page on the boot process (look for the section on Bootstrap Daemons) for more information.
(cd /var/db/netinfo; netinfod -s local) – (10.3 only) Start up a netinfo server to handle the local domain (i.e. users, groups, etc defined on this computer).
SystemStarter – Start up more of the system, including networking, NFS, and many background daemons (basically, it runs all of the StartupItems). It does not, however, start the Aqua interface; it leaves you with the single-user command line when it’s done.
Note: under 10.2 and before, this command also starts networking, directory services, netinfo… everything that register_mach_bootstrap_servers and netinfod are needed for under 10.3.
I tried that but my Mac always crashes at these lines.
Startup complete.
2005-03-29 18:33:56.336 open[200] LSCopyItemInfoForURL() returned -35 for path /System/Library/CoreServices/ARD Agent.app
2005-03-29 18:33:56.655 open[200] Couldn´t open file: /System/Library/CoreServices/ARD Agent.app
2005-03-29 18:34:04.755 open[222] LSCopyItemInfoForURL() returned -35 for path /System/Library/CoreServices/ARD Agent.app
2005-03-29 18:34:04.774 open[222] Couldn´t open file: /System/Library/CoreServices/ARD Agent.app
2005-03-29 18:34:12.923 open[223] LSCopyItemInfoForURL() returned -35 for path /System/Library/CoreServices/ARD Agent.app
2005-03-29 18:34:12.942 open[223] Couldn´t open file: /System/Library/CoreServices/ARD Agent.app
Baxter,
Thanks for putting up that extra info! I was able to change the root password, then, change my login password.
If you have 10.3, Baxter’s method should work.
Here’s the same info Baxter put up, just a little easier to see,
EXCLUDE THE QUOTATION MARKS, but make sure to type in the spaces.
First type in: “/sbin/fsck -y”
Followed by: “/sbin/mount -uw /”
Then, type in:
“/usr/libexec/register_mach_bootstrap_servers /etc/mach_init.d”
Next: “cd /var/db/netinfo”
Then: “netinfod -s local”
Followed by: “SystemStarter”
Finally, type: “passwd root”
You’ll be asked to come up with a new password. If you want to change a login’s password, substitute ‘root’ with the username.
After that, type “reboot”
Remember, to EXCLUDE the quotations marks, but type in all the junk inbetween –even the spaces!
Thanks again Baxter and Elliot.
Hi guys,
I was having the problem where I would get the passwd usage screen when I typed in passwd root . So out of curiosity I followed the usage guidelines and typed in the command:
passwd -i file -l /etc/master.passwd root
and it worked the first time. This was after I had entered the netinfod command from the previous post but I’m not sure if that mattered.
I’m running on 10.3.7
after i get to through the SystemStarter, it just pauses/freezes where the line “Startup Complete”. what should i do now? also, the “niutil -list ./users” dosen’t work for me either, should i do that before going into fsck?
HELP! i got this ibook from a fami;y member who has passed on, and don’t know the log in or have the original software.
Anonymous Says:
March 3rd, 2005 at 1:39 am
Hey, your directions are working fine for me up until step 4. Whenever I type in passwd [username] (both with and without the space & period), all that comes up is: “usage: passwd [-i infosystem] [-l location] [name]” and a bunch of other stuff, but it is not prompting me to enter a new root password. Any suggestions? Thanks.
It is happening to me as well
please anny clue?!
please
Just forgot
it was os x 10.3.8
thanx…… My iBook is f***up . i just writed down something like
bless -folder9 “/System Folder” -use9 with my stupid intuite replaced with
bless -folder9 “/Combo” -use9
and now i can’t see the hd annymore.
can somebody tell what’s happening?!
Thanks for teh information.
Thanks! Just bought a mirror drive G4 from a buddy, and it was too late to call him for his password!
Okay guys, I’ve never had to type code or reboot my computer. But with two young boys who seem to wreak havoc on everthing they touch, I now need to reboot with a new password. So two questions. One, when I type one line, like, “/sbin/fsck -y” do I hit “return” key first and type in the next line thereafter? I assume that’s how it is done, but when I do it the system automatically writes more text. After the text is written by the system, I then type the next line.
Second, do I have to be connected to the internet to do this? I ask because, I get the same “waiting for apache server” message that another user complained of.
Any help would be appreciated.
Thanks,
Geoff