- Joined
- Apr 28, 2008
- Messages
- 3
- Reaction score
- 0
- Points
- 1
There is a widely distributed script to create hidden accounts on 10.5. The script uses the account name "easter" with the password "easter". I found on one of my computers that I can log in by selecting "other" in the log in window and then using this account name and password. This is apparently on some public computers as well. This is an admin account.
It is possible to create these hidden accounts in 10.5 (10.4.11 and later) These accounts can not be deleted. This gives the person who creates it or is aware of it, complete control of the computer. They are able to change passwords and access anything on the computer. No account, no information is secure except in file vault.
In previous versions, only accounts numbered below 500 were invisible. These could be seen in the accounts list in terminal and deleted.
Does any one have any ideas on how to detect and delete them?
It is possible to create these hidden accounts in 10.5 (10.4.11 and later) These accounts can not be deleted. This gives the person who creates it or is aware of it, complete control of the computer. They are able to change passwords and access anything on the computer. No account, no information is secure except in file vault.
In previous versions, only accounts numbered below 500 were invisible. These could be seen in the accounts list in terminal and deleted.
Does any one have any ideas on how to detect and delete them?