dumb me forgot wife's OSX user pwd!

[karavite]

This is so embarrassing, but I set up a user account for my wife (complete with pretty flower background pictures for the desktop - what a guy!) and I forgot the darn password. How can I use my admin powers to find out what it is? I don't want to change it because I used the same password (whatever it is) for her new iTools account and one of the hints I put in iTools makes no sense to me! What the heck was I thinking? Now we can't get into her mail because I tried to change her password from the system preferences - user (it wouldn't let me change it, but now when I log on to her user account and open mail, it asks for the keychain password - same one I forgot).

If only I could live in a world where:

A. We could all just trust eachother
B. I could be less scatter brained

 

[aaike]

I think you can just give her a new password for her account on your mac if you are admin... If you are logged in yourself you go to the System Preferences ang go to Users and than edit user and change the password. It seemed to work for the accounts on my mac!
Probably the iToolsettings will still be saved in her account, so that shouldn't be a big problem, and indeed you can also change the iTool-psswd.

 

[lethe]

passwords are always stored encrypted. there is almost no way for you to find out what it was. you can read the encrypted password from netinfo, and try to decrrypt it. basically you are asking how to crack your own system.

i think you should get a new password

 

[neutrino23]

Boot up from the installer CD for OS X. From the file menu there is an option to set a new password.

With iTools you can eventually get an option where they email you a message with your password.

 

[karavite]

Thanks - I thought there was a way for the admin to see any persons password, but I guess not. The really dumb things I did that added up to all of this was 1. forgot the password. 2. Added really dumb hints in itools that didn't help me. 3. Used the same pswd for itools and the account. 4 Didn't tell my wife the passwords! 5. Lost whatever I wrote to help me find the information. What a "maroone"!

However, I ended up doing something that was really weird, and I can't believe it actually worked!

I used Netinfo manager under my user account. My own password was listed in netinfo, but was encrypted (something like zxjh/asdlkfjasdl). I simply copy pasted this text into my wifes user password field in netinfo manager, saved, logged out and logged into her account and my password actually worked on her account! Makes sense, but I really didn't think it would work.

I opened her mail and got the itools hint repsonse from the itools intro email and reset all her passwords to something we can both remember.

 

[nkuvu]

For future reference, if you use sudo you can reset any user's password. Try sudo passwd username.

This would mean that you'd have to find/reset the iTools password (if you want them to match) which you originally said you didn't want to do.

Glad things worked out for the best, anyway...

 

[ladavacm]

are not ever stored on the system, not even encrypted.

Instead, in modified DES encription scheme used by default in OS X, passwords are used to encrypt (20 times) one of 4096 known 8 byte strings; the result of this encryption is stored.

On login, the same starting string is encrypted with the password supplied and the result compared to the stored string. There is virtually no way to retrieve the password from the encrypted string, except using brute force.

BTW, which known string is used as start is stored as the first two characters of the encrypted string (so called "salt").

Hope this helps.

 

[aaike]

I have two user accounts on my machine that have completely the same password, but the encrypted ones are different when I look them up in Netinfo.

 

[lethe]

yeah, i also would like to learn a little about the encryption process. i have also noticed that it is not a one to one process. what i mean is, if i use the same password again, the encrypted result is not always the same. i guess this has to do with what ladavacm was saying about using one of 4096 strings.

on solaris, the crypt command line tool can be used to produce passwords from strings. looking through the man pages, it seems we can do it on OSX with openssl passwd string.