Bypass Mac Firmware Password
Need to get around the boot level Mac firmware password? You can bypass a firmware password by doing a little bit of a hardware hack. There’s many reasons you’d want to get around firmware protection, but here’s why we got the instructions from an anonymous submitter:
“This is a tutorial mainly for the people at my school who wish to modify their macbooks, leased by the school. These computers are protected by the firmware password. This prevents you from booting up into Single User Mode, Verbose Mode, Safe Mode, Target Disk mode, and boot off of an external hard drive or network. There is a very simple way to remove these restrictions.”
I don’t know what school they’re at but it’s pretty cool to have a MacBook of your own provided by a school. While I can’t condone this activity I must say as a curious and tech savvy student I would have done the exact same thing… with that in mind I have reproduced instructions as they were provided to us below:
How to Get Around a Mac Firmware Password
This should work on both EFI (Intel) and OFI (PPC) based Macs. This is a hardware based hack, proceed with caution! We are not responsible for anything that may go wrong in the process.
Essentially you are removing the systems RAM and reinstalling it, here are the steps for a MacBook. This works the same on other Macs, but removing the RAM is obviously different, so you’d need to understand how to do that. Here are instructions for MacBooks:
1) Shut down your computer
2) Remove the battery
3) Remove the three philips head screws that are on the L-bracket
4) Remove the L-bracket
5) Slide one of the levers (it doesnt matter which one) to the left. This will release the RAM
6) Gently wiggle the RAM card out and put it aside, you will put it back later(do NOT touch the gold bars on the front; you could break it)
7) Replace the L-bracket and put the battery back in
8 ) Boot up the computer while holding COMMAND+OPTION+P+R (this resets the parameter ram)
9) Wait for the startup chime to sound 3 times
10) Release the keys and shutdown the machine once you reach the login screen
11) Remove Battery and L-Bracket, replace the RAM module and slide the lever back while pushing it in until it does not wiggle anymore
12) Replace The battery and L-Bracket
13) Now if you boot up the machine you should bypass the Mac firmware password.
You can now use the machine as usual, boot from an external drive, or whatever else.
Remember, this is bypassing the boot-level firmware password. Most Macs have the software based password protection enabled only in the form of a user login and password. If this is the case, you can use methods to reset a forgotten Mac password to get around the user login completely (instructions for OS X Lion are slightly different).