Change the Password in Mac OS X 10.7 Lion Without Knowing the Current Password
There are a few ways to reset a password in Mac OS X 10.7 but both of those methods require reboots. This approach is different, it lets you change the password of the user currently logged into Mac OS X Lion, without knowing the user password, and without a reboot:
- Launch the Terminal, located in /Applications/Utilities/
- Type ‘whoami’ at the command line to get the current users precise login name, which will look something like this:
- Type the following command, replacing ‘username’ at the end with the exact current users login name that you retrieved from whoami:
- Enter the new password once, hit return, and confirm the new password again hitting return
dscl localhost -passwd /Search/Users/username
The password is now changed.
No authentication is required, you simply enter the new password and confirm the changed password. This is much easier than the manual reset methods and it doesn’t require a reboot or any manipulation of user data in Mac OS X.
Remember that like anything else in the command line, capitalization matters, so if the username is reported back as “Will” that would be different than “will” – be sure to use the proper caps for the password to be changed.
This tip is undeniably useful for a wide variety of situations pertaining to system administration, troubleshooting, and theft recovery, but could also post a potential security risk. Regarding the security risk, it’s realistic to assume that if someone has a computer in their possession, little is safe unless the drive itself is encrypted.
This trick was included in a broader and more mischievous tip that we’ll stay away from, nonetheless thanks to Daniel for sending this in!
Update: Additional reports and comments are suggesting this is a bug in OS X Lion, if so we could expect a Security Update to Mac OS 10.7 in the near future that would remove the ability to run dscl without administrative authentication. We’ll keep you posted.