AAPL Stock: 111.31 ( + 0.53 )

Printed from

Apple boosts firmware password security on newer Macs

updated 12:20 pm EST, Thu March 10, 2011

Users may need Apple-certified tech for bypass

Apple is increasing the hardware security present on Macs, a new support document hints. For some time Apple has had extra security built into the EFI (Extensible Firmware Interface) of its computers, allowing people to set a special firmware password. Theoretically this prevents someone from circumventing access restrictions using an external or DVD boot drive and options like Target Disk Mode.

In reality, methods for bypassing EFI safeguards can be found online. The new support document, though, claims that "only Apple retail stores or Apple Authorized Service Providers" can unlock the latest MacBook Air and MacBook Pro models if a person forgets their password. The change may suggest an upgrade to Mac EFIs that requires proprietary Apple tools.

Even with more secure barriers, only casual or less technically savvy thieves may be stopped. Firmware passwords cease to be useful if a drive can be physically removed from a computer and attached to another one. Hackers may also discover a way of breaking through the new security, though no reports of this are circulating so far.

by MacNN Staff



  1. enjourni

    Joined: Dec 1969


    Not EFI. It's because you can't change the RAM

    You can't do the normal firmware reset technique (change the total RAM by adding or removing a RAM stick, then immediately zap the PRAM on the next restart) with the Macbook Air, because the Air's memory is soldiered onto the logic board. Therefore apple had to create a totally different way for you to reset the firmware password, which involves apple tech support.

    I still have no idea how they locked down the new macbook pros, since they still use normal SO-DIMM RAM sticks.

  1. Feathers

    Joined: Dec 1969


    Use with caution

    Like the older Open Firmware password, it has to be a password that you are unlikely ever to forget which also makes it more guessable. Firmware passwords need to be used with caution.

  1. testudo

    Joined: Dec 1969



    How does Apple make sure that you are the owner of the MacBook before unlocking it?

    Even with more secure barriers, only casual or less technically savvy thieves may be stopped

    And regardless of that, this only helps the most technically savvy user, as most people would never even know there was some type of password protection at the computer level. h***, I'd guess most home users don't even bother having their computer set to require to log in when you turn it on.

  1. SockRolid

    Joined: Dec 1969


    FileVault is there for the paranoid

    "Firmware passwords cease to be useful if a drive can be physically removed from a computer and attached to another one."

    Unless data on the drive has been encrypted. FileVault currently encrypts a user's home directory, and in Lion it will be able to encrypt the entire disk.

  1. Feathers

    Joined: Dec 1969


    Encryption is great but...

    Encrypted data is far more difficult to recover from a failed hard-disk. With reliability issues from many manufacturers, I'd think twice about encrypting an entire disk unless you also have an unencrypted back-up... which kind of defeats the ultimate purpose.

Login Here

Not a member of the MacNN forums? Register now for free.


Network Headlines

Follow us on Facebook


Most Popular


Recent Reviews

Polk Hinge Wireless headphones

Polk, a company well-established in the audio market, recently released a new set of headphones aimed at the lifestyle market. The Hin ...

Blue Yeti Studio

Despite being very familiar with Blue Microphones' lower-end products -- we've long recommended the company's Snowball line of mics ...

ZTE Spro 2 Smart Projector

Home theaters are becoming more and more accessible these days, but maybe you've been a bit wary about buying a home projector. And h ...


Most Commented