You can make a difference in the Apple Support Community!

When you sign up with your Apple Account, you can provide valuable feedback to other community members by upvoting helpful replies and User Tips.

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

user password/missing Recovery Key/FileVault turned ON

mac device is removed from Jamf pro and no recovery key to unlock device and user password is missing, no other account is created on that device, how to reset password and unlock the device. please help us if any suggestions i have tried all the method from google search but no luck.

Posted on Feb 1, 2022 4:20 AM

Reply
Question marked as Top-ranking reply

Posted on Feb 1, 2022 6:03 PM

Hi Venkateshgilead,


Unfortunately, FileVault doesn't include any additional backdoors. You might be forced to erase the Mac and reinstall macOS.


If the user set up FileVault and stored a recovery key in their iCloud account (Apple ID), contact the user and ask them to complete these steps on the device:


  1. Start up from macOS Recovery.
  2. If the Mac prompts for an admin password, check if there is a "Forgot All Passwords" option at the bottom.
  3. If the Mac prompts you to reset the password, skip to step 6. If an Activation Lock screen appears instead, the user must enter their Apple ID and password, or you can provide the MDM Bypass Key as the password. (Leave the Apple ID field blank in this case.)
  4. The list of utilities should now appear. At the top of the screen, select Utilities -> Terminal.
  5. Enter this command: resetpassword
  6. The Password Reset Assistant should now appear. Select "I forgot my password" and continue.
  7. If the user stored the recovery key in iCloud, they will be prompted to provide their Apple ID and password to retrieve the recovery key. Otherwise, the only way to reset the password is to provide the personal recovery key, which was escrowed to Jamf.

Similar questions

2 replies
Question marked as Top-ranking reply

Feb 1, 2022 6:03 PM in response to Venkateshgilead

Hi Venkateshgilead,


Unfortunately, FileVault doesn't include any additional backdoors. You might be forced to erase the Mac and reinstall macOS.


If the user set up FileVault and stored a recovery key in their iCloud account (Apple ID), contact the user and ask them to complete these steps on the device:


  1. Start up from macOS Recovery.
  2. If the Mac prompts for an admin password, check if there is a "Forgot All Passwords" option at the bottom.
  3. If the Mac prompts you to reset the password, skip to step 6. If an Activation Lock screen appears instead, the user must enter their Apple ID and password, or you can provide the MDM Bypass Key as the password. (Leave the Apple ID field blank in this case.)
  4. The list of utilities should now appear. At the top of the screen, select Utilities -> Terminal.
  5. Enter this command: resetpassword
  6. The Password Reset Assistant should now appear. Select "I forgot my password" and continue.
  7. If the user stored the recovery key in iCloud, they will be prompted to provide their Apple ID and password to retrieve the recovery key. Otherwise, the only way to reset the password is to provide the personal recovery key, which was escrowed to Jamf.

Feb 1, 2022 6:16 PM in response to Venkateshgilead

If this was a business laptop managed by your employer that you now own, then perform a clean install of macOS by erasing the whole physical drive before reinstalling macOS. While booted to the macOS installer launch Disk Utility and select the physical drive on the left pane of Disk Utility (usually identified by the make & model of the drive such as "Apple SSD....") and erase it as GUID partition. For macOS 10.11 to 10.13 select MacOS Extended (Journaled). For macOS 10.14+ select APFS (top option). You may need to click "View" within Disk Utility and select "Show All Devices" so that the physical drive appears on the left pane of Disk Utility. This procedure does not require unlocking the Filevault since it will erase the whole drive. Erasing the drive will destroy all data on the laptop that was not backed up.


You can use Internet Recovery Mode using Command + Option + R to access the online macOS installer if this is a 2010+ Mac or you can create a bootable macOS USB installer if you have access to another Mac which is compatible with an OS the locked Mac uses. Here is an article which shows which Macs are compatible with which versions of macOS:

https://eshop.macsales.com/guides/Mac_OS_X_Compatibility


The procedure is slightly different if you have an M1 Mac. If you have an M1 Mac or a 2018+ T2 Mac, then "Restoring" the firmware is a better option as it will also reset the secure enclave of the security chip as well as perform a clean install of macOS with Internet Recovery Mode.

Revive or restore an Intel-based Mac using Apple Configurator 2 - Apple Support


Revive or restore a Mac with Apple silicon using Apple Configurator 2 - Apple Support



If none of this helps, then contact your IT department for assistance.


user password/missing Recovery Key/FileVault turned ON

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.