EFI Firmware Password info regarding lockdown and removal

chscag

chscag

Well-known member
Staff member
Admin
Joined
Jan 23, 2008
Messages
65,246
Reaction score
1,834
Points
113
Location
Keller, Texas
Your Mac's Specs
2017 27" iMac, 10.5" iPad Pro, iPhone 8, iPhone 11, iPhone 12 Mini, Numerous iPods, Monterey
Ran across an interesting article about setting an EFI Firmware password for your Mac and how to remove it if forgotten. The article covers the old method used by Apple to set the Firmware password and now the newer method. It's important to note that from 2011 models onward, a forgotten EFI Firmware password can only be reset by Apple.

EFI Password Locks down newer Macs

From the above article, you can see how complex the process is and why an ordinary user or even someone with extended Mac knowledge is not going to be able to remove the password without Apple's help.
 
pigoo3

pigoo3

Well-known member
Staff member
Admin
Joined
May 20, 2008
Messages
44,242
Reaction score
1,463
Points
113
Location
U.S.
Your Mac's Specs
2017 15" MBP, 16gig ram, 1TB SSD, OS 10.15
Very interesting article Charlie. Like you mentioned…need to get Apple involved to reset things.

- Nick
 
Cr00zng

Cr00zng


Joined
Jan 1, 2014
Messages
629
Reaction score
52
Points
28
Your Mac's Specs
MacBookPro 13 v11.1, i5 2.4 GHz, 256 GBs SSD, 8 GBs DDRs
Interesting article, indeed, thanks for the link...

It sort of reminds me of Dell procedure of unlocking lost/forgotten hard drive password. Doing so required:

  • Poof of PC ownership
  • Service tag number
  • Drive's serial number
  • Support would email a 27 or 33 characters code to unlock
  • The code was PC/HDD specific
Contrary to popular believes... The HDD password is defined as part of the ATA specifications, and it's implemented in the drive's firmware. This is a simple lock, but since it's implemented in the drive, it can't be bypassed by clearing CMOS or connecting the drive to another system. Data recovery is still possible by some data recovery service, if the password cannot be recovered, but it's not cheap.

SED, or Self Encrypting Drive, is a different story. These drives, by default encrypt anything written to the drive utilizing randomly generated encryption keys at the time the drive manufactured. Access to these encryption keys are granted to everyone by default. Setting the HDD/SSD password for SED drive is establishing control for accessing the encryption keys. Data recovery service would have hard time to recover the data from the password protected SEDs. To my knowledge, the only option is to brute force the password. It may take some time, since after entering the password three times, the drive no longer accepts password. Rebooting the system will allow entering the password again.

Sort of reminds me this link on the subject of how to recover your own forgotten EFI password for your Mac. Basically, you brute force your own password, without the need to reboot. Maybe after a dozen or so tries you'll remember the password. Or maybe not...:Smirk:
 
Last edited:

Shop Amazon


Shop for your Apple, Mac, iPhone and other computer products on Amazon.
We are a participant in the Amazon Services LLC Associates Program, an affiliate program designed to provide a means for us to earn fees by linking to Amazon and affiliated sites.
Top