Mobile please visit -> Github version
MacOS High Sierra recently revealed a serious security flaw that allowed anyone to log in to a Mac as a fully administrative root user without a password. It is said that there is a security patch, but many people have not received it.
Affected system version:
- MacOS High Sierra 10.13
- MacOS High Sierra 10.13.1
- MacOS High Sierra 10.13.2 Beta
At the same time, these systems must meet one of the following conditions to be affected by security vulnerabilities:
- The root account has not been enabled before
- The root user password has not been changed on the Mac
Here’s a simple workaround to prevent this security Bug from becoming a major problem. In a nutshell: Set the password of user root on the affected Mac.
Set a password for user root
There are two ways to set a password for the root account:
- Use Directory Utility
- Using the Command Line Tool (Terminal)
Method 1: Directory utility
- Open Spotlight (Command+Spacebar) and enter
Directory UtilityOpen Directory Utility; - Click the small lock at the lower left of the “Services” page, enter the current account password, and click “Modify Configuration” to confirm unlocking.
- Click “Edit” – “Change Root password” on the menu bar, enter the password twice (remember this) and click “OK”.
Note: If you cannot change the Root password in “3”, click “Enable Root user” first.
Method 2: Terminal CLI
- Open Terminal in LaunchPad;
- Enter in terminal:
sudo passwd root; - Type the password for your current account
- Changing password for root.New password
The self-check is affected by the password-free login root vulnerability
You can do this from the Common Launch login screen or through any administrator authentication panel in system preferences such as Security and Privacy or Users and Groups (click the Lock icon). Enter the user name as root, do not enter password, and then click “unlock” twice. If you can unlock it, you will be affected by this vulnerability.