Forgot a Mac Firmware Password? Don’t Panic, Here’s What To Do
Users who require higher than usual security measures often set a firmware password on a Mac, which requires that a password be entered before the typical OS X boot sequence begins. While these low level passwords are quite secure, but that higher security also means a forgotten firmware password can be a significant problem. Nonetheless, if you wind up in a situation where you or another user has forgotten a low level firmware password on a Mac, don’t panic, because you may be able to recover the password or bypass it using one of the methods outlined below. If all else fails, Apple can possibly help you too.
Do note that a firmware password is not the same as an administrator password or the general computer password used to login to a Mac. The firmware password appears immediately upon boot and is a gray locked icon, looking like this:
If the password you’re having trouble remembering is a general Mac login or administrator password, you can reset it with these instructions instead. Using the the Apple ID approach on boot is typically the easiest for modern Macs.
1: Try to Reset or Disable with Firmware Password Utility
You may be able to reset, change, or disable the firmware password using the same method you used to set the password to begin with, this requires booting into Recovery Mode:
- Reboot the Mac and hold down Command+R to enter recovery mode
- At the Utilities screen, go to the Utilities menu bar item and choose “Firmware Password Utility”
- Select to turn the Firmware Password to OFF
If this is successful it will tell you the firmware password is off.
Always check your caps key and num lock key before entering or modifying passwords, often mistakes are as simple as that.
Obviously you’ll need to enter a password to gain access to Firmware Password Utility, so why is this even mentioned, right? Because sometimes it works, maybe because of user error when typing the password to begin with. Yes you should actually try it.
2: Have Apple Unlock the Mac Firmware Password For You
If all else fails, you’re going to need to get ahold of Apple or an Apple Authorized Support center who can bypass and/or reset the firmware password using proprietary tools. This works on modern Macs, including the following (this list is not necessarily conclusive, always contact Apple directly if you can not remember your firmware password regardless of the Mac):
- MacBook Air (Late 2010 and later)
- MacBook Pro (Early 2011 and later)
- MacBook Pro with Retina display (all models)
- iMac (Mid 2011 and later)
- Mac mini (Mid 2011 and later)
- Mac Pro (Late 2013)
- (Maybe others too, contact Apple to find out for sure)
You can contact the official Apple Support channels by phone, or schedule an appointment with a Genius Bar at a local Apple Store. Again, even if your Mac is not on that list, you should contact them.
In most cases, you will need to provide proof of ownership of the Mac which has a locked firmware password in order for them to unlock the computer in question. There may be exceptions for a variety of unusual circumstances, discuss those with them if necessary.
3: The firmware locked Mac is not included in the above list, and the password reset didn’t work, what now?
Wait, did you contact Apple Support or an Apple Authorized Support agent and ask them? They can probably still help you to unlock the Macs firmware login.
But if you’re the do-it-yourself type (like myself), then you will find that many older Macs, particularly those that allow you to upgrade and change RAM yourself, allow a hardware bypass to get around firmware passwords by physically removing memory from the computer and following the instructions offered here. That is a fairly technical process, which makes it appropriate for advanced users and systems administrators, but it should not be attempted by a person with novice computer experience. With that said, it does work, and I’ve had to use it myself before in a variety of interesting IT and troubleshooting situations.
Have another solution to unlock a Mac with a long forgotten firmware password? Let us know in the comments.
always good to have these tips
Thanks for teaching criminals how to reset our security options.
Please, consider taking this post down. It was quite inconvenient on your part.
Please read the article to understand this is not a risk, to reset the firmware password you need proof of ownership provided to Apple or an Apple Authorized Service Provider. A criminal would not have that documentation (like a receipt in your name and the computer registered in your name, for example).
A quick google search can find any of this information from any number of other web sites. These tips are no secret by any means.
“Thanks for teaching criminals”
What a tool
Paul.
In option1., you say”
“Reboot the Mac and hold down Command+R to enter recovery mode.”
I remember that using a firmware password disables a Mac’s ability to boot from a drive other than the selected boot drive, thereby making option 1. impossible.
Am I correct?
Thanks.
Yes you are correct, the article format needs to be clarified and updated if this is causing some confusing, apologies. The first option is how to disable or change the firmware password, and it’s not possible to get there without entering the password – this is mentioned but perhaps not clear as to why (to resolve an erroneous password entry). The second option is how to reset a lost firmware password.
Has anyone actually tried this? I’m pretty sure locking the firmware blocks Recovery Mode.
It does.
Thats what I was going to say….as far as I know all keys are closed off if the firmware password is set. All you can do is hold the Option key down and enter the firmware password.
If your in the OS you could boot off another volume with the firmware tool, but that is about it with the new models or call Apple.
Like mentioned the older models you could change the amount of memory and reset the PRAM and that usually turned it off.
Yes correct, a firmware password is required immediately and no alternative boot modes can be entered. The firmware reset is possible through Apple or removing RAM only.
I agree. If you install a firmware password you should know the consequences of losing it. Please don’t publish information on how to override it.
Read AND understand!
The process Apple gives to authorized service providers is a bunch of work. If I remember correctly, they send you some encrypted disk images and a terminal command that you have to use to put it onto a dedicated USB drive. The password they give you is really long, and I think it involves more terminal commands. There’s even more to it than that I think. It’s a lot different than just pulling the RAM. It’s true that having this info out on the internet is kind of sketchy for people with older Macs though. I’m sure you aren’t the only site with it up though.
It’s actually quite easy.I work for Apple and scrub Firmware daily.A sbc file is sent to me after I give apple the Hashcode.They email me a sbc file,i apply it with a script to a usb file.Boot the computer.Thats it.
I use File Vault. That’s safer. I selected the option to allow Apple to store my decryption key, so if I forget my password, I can get help.
I’d love to use Failvault. Really would.
We use Symantec Endpoint on our PCs at work and although I know the OS and the hardware is different I can’t help but remember how helpless everybody was when the encryption key was corrupted and I lost the whole drive.
I have a different, but similar question.
When I attempt to use sudo in the terminal, the reply is enter password, which I don’t have and never remember setting it. In all previous terminal machines this never happened. In many cases, e.g. remove a file from root, or open a downloaded app., or find password in keychain, etc., a password is required, I enter the one I remember with no prob. So a diff. password.
bc
The sudo password is the same as your login password.
A great post, very good to know indeed. This doesn’t need to be a secret as we own our machines. Why pay for Apple or someone else to fix it. I like this knowledge. Seems to be some confusion on unlocking the 2011’s and up. This may require a SPI Programmer and a clip with wires in order to do a clean dump/flash. Dohhhh
If apple can reset the password, everyone else can. Wen just need to know how to.
We bought a Macbook Air on Craigslist and my wife wanted to do a factory reset on it because the previous owner’s info pops up, like their login id and that it is searching for Macbook Pro. When we did the reset the firmware lock appears and we do not have the password. We took it to Apple and they tried to reset but said that we needed to contact the original owner because it is locked down under the original owner’s id. We were given a phone number and I contacted the person and he agreed to pay me what I had paid for it, only when we met it was not the guy I bought it from but someone else. The guy I bought it from had bought it from this guy, who was the original owner. He said he would give me $500 for it because that is what he got from the other guy and then I told him that we paid $775 for it. He said he was sorry and could not do that. I told him all he had to do was call Apple and tell them to reset the password because the case is all logged and ready for him to call. Now he wants to buy the computer back from me for less money than I bought and won’t call Apple. I am being held hostage by this guy.
Hey sdpoulter, I wonder if there are enough of us to start a class action suit against Apple. I bought my Macbook Pro a year ago from a doctor who is now out of the country and hard to contact. Two days ago my housemate copied an older Mac OS from a disk onto a thumbdrive on my machine and forgot to remove the disk. My machine evidently tried to boot from the disk and this triggered the firmware lock. I did not set up the lock and don’t know the code. Apple wants proof of ownership that I will not likely be able to provide. I feel the burden of proof is too high and that they have essentially stolen my machine.
I’m in the same boat. Bought my laptop secondhand from the owner off of Craigslist. Assuming HE didn’t steal it (there were several reasons for me thinking it was legit, including all the packaging he had with the laptop and our conversation about why he was selling it and the newer version he was going to buy with my cash as well as going onto the Apple Site together to register me onto the Applecare site).
Six months later, I hit a combination of keys or did SOMETHING to trigger the laptop to go into recovery mode and now it’s asking me for passcode which Genius Bar says they can’t give me or bypass without receipt from original owner.
Of course… my emails and texts to that individual are just past the end of my email and text chains so… I am stuck.
For those who are saying “DUH! It’s stolen. This is a victory against theft!” How? Apple won’t tell me who is on the original receipt and they won’t contact that person to find out if their computer was stolen. So… no one wins, everybody loses. And, by the way, I’ve checked the serial code against databases of stolen laptops and it’s not coming up there, so again… I believe this to be a legitimate case of an honest seller and buyer being screwed by overprotection.
Same situation here too!
The person I purchased from I have lost contact with as well. After using for six months mine locked up.
I went AGAIN to apple store today hoping for some sympathy or change of position on Apple’s part. Got a big earnest “So sorry, yeah that’s tough.” We could do it with receipt though.
Have you had any progress?
Hey when i pressed command+R it shows me the password
No it didn’t
I cant find the firmware password utility :(
Just do command p when you’re booting the computer up. If i understood it right.
i wish i could delete that. It was command plus r not p xD
Yesterday i saw a movie in my macbook. Today I cant login my macbook.. It doesnt accept actual password+masterpassword. I tried with Apple ID password. Anything didnt work.
What can i do..? I donot know about anything of this setteings. I am new to OS system.
if you set a firmware password mind that os x lets you set it using whatever keyboard layout is used by you but the firmware password lock itself uses the u.s. extended keyboard layout.
that’s especially tricky if you used any symbols like #@€ etc. but also for regular letters that might be situated somewhere else on the keyboard.
The Firmware Lock is hurting second hand buyers more than hurting thieves. I don’t even know the Firmware lock of the computer I purchased at Apple. If/When I sell this computer on Craigslist or to a classmate and that person locks it up on accident – they are screwed.
Even if they did contact me to help them out… what a burden. Am I really going to want meet up with them at an Apple Store to verify the situation?
The extent of the protection should be – IF your computer is stolen – F-ing REPORT IT STOLEN! If I call Apple and the computer I bought on Craigslist hasn’t been reported stolen then unlock it for me! Hell, charge me, fingerprint me, background check me, make me wait a grace period. ANYTHING! But to say “Sorry, for security purposes, we don’t unlock firmware locks for anyone other than the original purchaser with receipt.” Is close minded. Find a solution for this Apple to protect your customers. “Yes” your customers. A solution to this second hand sale glitch helps the seller and the buyer buy more Apple products.
I’m running into this same issue, but I know several people in similar tech fields, including Apple employees. Word on the street is that they need the original receipt because there are password bits in the original transaction numbers or something. If you don’t have the verified owner and original receipt they can’t access the password. I am still skeptical.
Users can unlock the firmware password as described above, but Apple wants the original receipt because they want proof of ownership, they are not going to unlock the firmware password for a stolen Mac, for example.
This Article, does not help at all… I have spent 4 years trying to write my EFI password correctely…
I have bought my MBP in Turkey, with a Turkish keyboard.
To set a EFI password, the system accepted Turkish characters ..( I still know the password) But before I write it, the keyboard becomes American , as default EFI langue …So , my ” true” password is not accepted, coz of keyboard problem..
Is it my fault??? Did any message apeared to say this to me before I set the pasword?? Of course, not….
I now have a dead machine that costed me 1400 USD..Also I’m far away from where i Bought it ..4000 miles..
Apple is not a friendly company…And that was the last apple product I buy..
PS: I have lost proof , or documents they give me when I bought it ..
Regards
Please help me i forgot my efi password
Hmmmm if you go to buy a MBP you should probably learn to check to make sure they clean and rest the computer so that its a clean slate for you before you buy it and that includes the EFI.. Duh and if your going to set a password using a different keyboard .. Your fault duh think… Ahead.. Use some common sense.. Your all just crying after the s**t hit the fan.. My god ofc Apple won’t unlock it for you how do they know it’s not stolen even if you legibly bought it off somone else … Again it gets back to the seller who wants to sell it and buyer.. Need make sure things are clean.
@Paul…why so condescending? There are many honest ppl trying to purchase expensive products secondhand. To think everyone is stealing is more of a reflection of yourself….duh.
Apple has the mind power to create a tracking system based on serial numbers. Register the device @ time of purchase. And upload that info into a database available for later. If a device has been stolen, they customer calls in. The device is locked simple. If there is no report of the de ice being stolen then apple should be able to assist. Customer service is another part of sales ppl tend to over look
If I press Comand R, it shows Firmware pass. The problem is my sister forgot it.
How are you ment too ..Reboot the Mac and hold down Command+R to enter recovery mode,If the firmware password’s purpose is to blocke start up’s hidden shortcuts hmmm maybe they should of wrote hold command on start up to see this giant padlock(THAT IS F#*KN LOCKED) because thats all you can doo or just say you fdd up contact apple
There is now a brute force method created by orvtech to try all possible 9999 4 digit default efi codes each in turn untill it hits the correct code and unlocks there are many varients of the arduino code available some include a LCD screen to display the current code attempt which is usefully as you have to enter the correct code twice when it’s found I know that criminals will use this code for malicious purposes but it had also helped thousands of people being held at ransom for efi codes the full code and instructions for arduini/teensy microcontrollers can be found along with diagrams and bread board wireing schematics this will work but only if it is the default 4 digit code
My Macbook Pro is locked by a theif using the findmyiphone in my stolen IPHONE 6, I already showed to apple my receipt and my box but they cant allow my mac to be reformatted because the serial number is not indicated in the receipt(not my problem anymore because the store forgot to include it ). Already Contacted apple security but they are very strict. The apple ID in the mac is registered under my name matches my ID but they never considered. I hate how they misjudge and dont help their loyal customer. I will not buy apple device again if they cant help the true owner of the device. I already brought it to the apple service center and paid a hundred dollar just to reformat it (not under warranty anymore) but it was not refundable and still my mac is locked because apple does not honor my receipt. Please teach me how to reformat it my self (contact me using my email). Thank you
I have a macbook air 2010 and bought when the owner did not know it had set the firmware password, but was set up and it turned out that he had no way to get it. Now, I’m without accessing the machine because it showed an error “panic (cpu 0 caller).”
This device is my only home and work computer. I need to get it back.
If you are seeing “panic (cpu 0 caller)” it is due to a kernel panic on boot.
You can try rebooting the Mac into Safe Mode (hold down Shift key on boot) and see if that helps, if so it may be a kernel extension or system plugin that is causing the problem. The Console app can sometimes help to locate the problematic issue, find the kernel panic in the Console log and look for what was running immediately before it, it can sometimes be telling.
It’s also possible that you may need to reinstall OS X if the kernel panic persists on the Mac. Rarely, it could be a hardware issue causing the kernel panic, like a component or some other accessory.
Bought my macbook pro on ebay.. a few years later it just happens to lock by itself. Took it to an apple store, and same thing happened to me. They told me they want proof of pucrchase such as the original owners reciept. My cousin try to unlock it but couldnt… all he ran into was this proplem. “Firmware password”. Can some one help me????
Several people mentioned that “all of a sudden, after years of normal use, the computer just locked itself”.
How is that possible? What exactly do you have to do to have a normally working Mac just “lock itself”?
I am asking seriously, not ironically. I’ve bought several used Macs on eBay and through classifieds, and never thought to ask about firmware passwords. Weird.
P.S. got to this discussion from website where I was checking serial number on Macbook Pro on eBay. Folks at the website sell a little USB device with LED display that they say reveals the firmware password on boot. Device costs a LOT.
P.P.S. GREAT point by person who pointed out that firmware password (same thing on PC) is entered “blind” and using USA keyboard. Very important to remember. I’ve had to reboot PC laptops several times in past because kept getting firmware password wrong, as was using non US keyboard. With PC you get unlimited tries, you just have to reboot after 3 wrong tries.