tsites computer tuition, website design, network security

how to clear firmware password (lock icon at boot). Tested under OSX 10.10

You will need a USB boot disk with OSX 10.10 on it. (this would be a cloned OSX install that has a working desktop).

Boot up the machine from your external USB (it will be slow!). You do this by holding 'alt' / or 'opt' when you turn the computer on.

Open the Terminal in Utilities.

Type these commands followed by return:

diskutil list

This should return a few lines similar to this example: (ignore the dots)

3: .... Apple_Boot .... Recovery HD .... 650MB .... disk0s3

In this example the Recovery partition is named "Recovery HD" and is located on disk identifier "disk0s3". Make a note of the name and disk id and type (where disk0s3 is the name of this partition)

diskutil mount disk0s3

You should now see your Recovery HD partition mounted on your Desktop or in Finder (Go menu, > Computer to check is shows up as a drive in the window).

Enable root access (if you've already done this before, ignore this step).

sudo passwd root

(type admin password from whatever it was on your clean 10.10 USB-imaged boot disk you've booted up from). – Not the password you need for the actual machine as we don't know this.

Set a new root password (1234 is easy) and press return. You'll have to do this twice.

Now we have root access, do the following:

sudo nvram -c

The firmware password is now cleared.

Now we'll tell the Mac to boot to the Recovery partition, which should allow you to go in and remove the EFI password. Again, in the example the partition name is Recovery HD but yours may be different.

sudo bless -mount /Volumes/Recovery\ HD -setboot -nextonly

The bless command is enabling the Recovery HD volume to be used as a boot drive, the setboot flag tells your Mac to use it as the startup volume and the nextonly flag tells your Mac to only apply this command for the next boot, subsequent boots will revert to the original startup disk.

When the recovery partition boots, go to the Utilities menu and choose 'Terminal'. Type:


Now press enter.

A new utility window will open.

Choose the original internal HD and choose a username to reset that password.

Restart and boot the mac. Enter your new password you just set.

Ignore keychain errors. – it will no doubt come up with loads. To get around this, move the dialog to one side. Open Utilites folder, Keychain access, and type your admin password you reset if prompted. Unlock all the keychains (padlock icons) and choose to reset the password if required by right-clicking.

You now have entire root access, administrator access, and have removed the firmware password. You will also no longer see any new keychain errors (once you've closed all the already open dialogs)

Back to Forum Listing