Firmware Password is it foolproof and safe?

With the newer Mac's you can't reset the firmware password by removing the RAM, if you forget your firmware password you will need to take your Mac to Apple to get it working again. Thus if your someone took your MacBook they would need to take it to Apple to access the computer. If you also setup FileVault 2 then your data will be safe, it is virtual impossible to retrieve the data without the password. So is it foolproof? I would say yes!

Note: if you are purchasing a new MacBook Pro if should come pre-installed with Mac OS X 10.8 Mountain Lion.

Setting a firmware password does nothing to protect your data from a thief who steals the whole computer. What you want is FileVault.

You can no longer reset the Firmware pasword by removing Ram, it has to be done at an Apple Store, and proof of ownership is needed for that.

MacBook Air (Late 2010) and later, MacBook Pro (Early 2011) and later, iMac (Mid 2011) and later, Mac mini (Mid 2011): Recovering a lost firmware password:

Resolution

Only Apple retail stores or Apple Authorized Service Providers can unlock these computers protected by a firmware password.

If you search for it, you will find shady characters that claim the ability to remove firmware protection in exchange for a fairly significant fee. As I understand it, a hardware component (a tiny chip) has to be physically removed - unsoldered, and subsequently replaced. It obviously voids any warranty and there is no guarantee the procedure won't ruin the Mac.

ChangeAgent wrote:

Some other tips you guys might have?

Enable Find My Mac in iCloud, which conveys the ability to remotely lock or "wipe" it should you need to do so. If a thief anticipates that will occur, a pending lock or wipe request can be rendered inert with a little creativity, but a thief will still need to circumvent VileFault and firmware password protection - not trivial.

I suppose one of my questions is how foolproof can one make it for the average guy who snatches your bag, or breaks in and steals your machine?

Your Mac is as secure as can reasonably be engineered in a consumer product, but nothing is 100% tamper-proof. As a degree of protection against an average thief looking to dump a stolen Mac for a quick buck, it's more than adequate.

We're discussing two different things: data security and theft deterrence. Setting a firmware password is perhaps a deterrent to theft, at least if the thief knows about it. As for data security, it may help to defeat a certain kind of exotic attack on FileVault, although there are better ways to do that. The possibility is merely academic unless you're the target of espionage by a major government or multinational corporation. If you need that kind of security, you should consult the IT security staff of your organization.

ChangeAgent wrote:

... and I assume that Find My Mac in iCloud, need the machine to go online too, or?

Yes.

Securing Apple’s FileVault 2

What happens when one gets a mach_kernel file suddenly appearing in a window and then deleting it and I can not get to the Boot manager after pressing option key it boots into the start up volume and Firmware is turned on by 10.8 and I may not be able to use the Gre/ay original install disk to unlock the Firm ware protection.

I had Snow leaopard, Lion with FVP mountain Lion FVP and FWP enabled and it is out of ACPP.

And when I disabled the Lan cable it automatically switched on the WiFi !