Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

User profile for user: OrangeMarlin
OrangeMarlin Author
User level: Level 5
5,210 points

Master Password

Two questions:

1. When I do a full erase of a Mac (for example, if I give an old one away), does the Master Password get erased?

2. When I migrate an older Mac to a brand new (using firewire), does the Master Password get transferred over?

Thanks.

MacBook Pro i7, 17". iPhone 4 (32GB). iPad 3G (64GB). Magic Trackpad., Mac OS X (10.6.4), No Windows here

Posted on Aug 28, 2010 11:17 AM

Reply
Question marked as Best reply
User profile for user: William Lloyd
William Lloyd
User level: Level 7
21,311 points

Posted on Aug 28, 2010 11:22 AM

Are you talking about the FileVault master password? That would get erased if you did a full erase and uninstall, yes. It's actually associated with your Filevault Sparse Image, and not the machine itself.
View in context
8 replies
User profile for user: OrangeMarlin
OrangeMarlin Author
User level: Level 5
5,210 points

Aug 28, 2010 11:24 AM in response to William Lloyd

William Lloyd wrote:
Are you talking about the FileVault master password? That would get erased if you did a full erase and uninstall, yes. It's actually associated with your Filevault Sparse Image, and not the machine itself.


I didn't know it was called the FileVault password. In System Preferences, it's called "Master Password", then says you can unlock any account with it. It is under the FileVault tab though. Anyways, if we're talking about the same password, then you're saying it's gone once the HD is erased?
Reply
User profile for user: William Lloyd
William Lloyd
User level: Level 7
21,311 points

Aug 28, 2010 11:28 AM in response to OrangeMarlin

That password is not for accessing "any account." There is no way to do that (well, you can log in as root and do things). The master password is specifically for FileVault. It is basically a second password which can decrypt any FileVault home directory on that machine, if you set it up (it's basically a "second chance."). If you are not using FileVault, then the Master Password does not apply. You cannot use the Master Password to log into a different account.

And if you erase and re-install the OS (you must go to disk utility and erase the disk), then all passwords, all data, everything (including the master password) are erased.
Reply
User profile for user: OrangeMarlin
OrangeMarlin Author
User level: Level 5
5,210 points

Aug 28, 2010 11:32 AM in response to William Lloyd

William Lloyd wrote:
That password is not for accessing "any account." There is no way to do that (well, you can log in as root and do things). The master password is specifically for FileVault. It is basically a second password which can decrypt any FileVault home directory on that machine, if you set it up (it's basically a "second chance."). If you are not using FileVault, then the Master Password does not apply. You cannot use the Master Password to log into a different account.

And if you erase and re-install the OS (you must go to disk utility and erase the disk), then all passwords, all data, everything (including the master password) are erased.


Actually, in System Preferences, it says "This is a "safety net" password. It lets you unlock any account on this computer." Unless I'm misreading it, it is not specifically for FileVault it has some greater power! 🙂

But you've answered my burning question about erasing it.
Reply
User profile for user: William Lloyd
William Lloyd
User level: Level 7
21,311 points

Aug 28, 2010 11:40 AM in response to OrangeMarlin

It is specifically for FileVault. Go to Help for System Preferences, and type in "Master." You'll get more details, specifically:

Creating a master password

You can create a master password to allow access to any account protected by FileVault. If users forget their passwords for a FileVault-protected account, you can use the master password to access the account and change the FileVault password. You should create a good, secure password for your master password.

WARNING:Don’t forget your master password. If you turn on FileVault and then forget both your login password and your master password, you won’t be able to log in to your account, and your files and settings will be lost forever.
Reply
User profile for user: jsd2
jsd2
User level: Level 5
6,245 points

Aug 28, 2010 12:48 PM in response to William Lloyd

I was curious and just tested this on a Snow Leopard startup volume that contained a FileVault account and therefore already had a Master Password. I created a new non-FileVault account there, and found that I could reset that account's password by using the Master Password which had been established for the FileVault account:

!http://i36.tinypic.com/5ofnly.jpg! ------->



!http://i33.tinypic.com/6yjnsm.jpg!


The wording in the documentation is not really clear. I agree that the Master Password is geared toward Filevault, and in fact the Master Password info is stored in these two files:
/Library/Keychains/FileVaultMaster.keychain
/Library/Keychains/FileVaultMaster.cer

Still, it doesn't say anywhere in the documentation that the Master Password won't work for non-FileVault accounts, and in fact it does work!
Reply

Master Password

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.
Learn more Sign up