# Resetting firmware password?



## hazmat (Jan 17, 2003)

A friend said that a family friend got hold of an Apple laptop (no clue what it is or how old), but it seems to be password protected, and I guess on the firmware level, not the OS.  Anyone know how to reset the password?

Thanks.


----------



## seann (Jan 17, 2003)

http://www.macosxlabs.org/documentation/firmware_security/details/details.html
and more specificaly
http://www.osxfaq.com/Tutorials/lockdown/index.ws
The Open Firmware Password is almost hack-proof, but there is a back door. If you change the amount of physical RAM and double zap the P-RAM by holding "command-option-p-r" at startup till you hear three chimes, you can nix the Open Firmware Password. Basically, you are proving to the machine you have physical access to the system, therefore you should be allowed in. Let's face it; if someone has enough time to take out some RAM, they might as well just yank the hard drive


----------



## hazmat (Jan 17, 2003)

Thanks, Seann.  I would bet that this laptop has OS 9 or earlier on it.  Now if it has no extra RAM in it, what do you do?


----------



## ksv (Jan 17, 2003)

> _Originally posted by hazmat _
> *Thanks, Seann.  I would bet that this laptop has OS 9 or earlier on it.  Now if it has no extra RAM in it, what do you do?  *



Should work also if you just remove the RAM chip that's in it and hold down the CUDA reset button for 15 seconds. Then reinsert the RAM, start it up and reset the pram


----------



## hazmat (Jan 17, 2003)

CUDA?


----------



## ksv (Jan 17, 2003)

> _Originally posted by hazmat _
> *CUDA? *



Usually a red or black, small button located next to the logic board battery. But since it's a laptop, you'll probaby get a hard time trying to find it. What model is it?


----------



## hazmat (Jan 17, 2003)

I don't know what it us yet.  I'm not gonna put too much effort into it if nothing's obvious, since it's a friend's family' friend.  If I can't do anything, I'll tell them to take it to TekServe.


----------



## ksv (Jan 17, 2003)

> _Originally posted by hazmat _
> *I don't know what it us yet.  I'm not gonna put too much effort into it if nothing's obvious, since it's a friend's family' friend.  If I can't do anything, I'll tell them to take it to TekServe.  *



If it's an iBook, btw, I think you can just remove the battery and leave it out for a day or two, and it will erase the password protection. The iBooks don't have a backup clock battery.
Maybe it will work if you just disconnect the battery for a second, too, I'm not sure


----------



## seann (Jan 17, 2003)

http://www.securemac.com/openfirmwarepasswordprotection.php
FWSucker:
Retrieving the Password Used with Software

If you are allready booted into the MacOS the Open Firmware Password can be retrieved by using the application FWSucker created by mSec. We warn you of this program because many administrators believe that their Macs are secure at night when they shut them off just because they have the Open Firmware Password set. Be cautious of this application, and if you are using any desktop security software we suggest keeping this program restricted by it.
http://www.securemac.com/file-library/FWSucker.sit

does that help?


----------



## chabig (Jan 21, 2003)

Removing the battery will not work since the password is stored in non-volatile RAM (NVRAM).

If the machine has no extra RAM in it, add some, then reset the PRAM. It's a change in RAM configuration that proves to the firmware that you are in physical control of the machine.

Chris


----------

