• Mac OS X,  Mac Security,  Mass Deployment

    Those Pesky Firmware Passwords

    The summer is upon us. Our users are watching videos like this one: While it’s actually way easier than what they show here, let’s look at stopping people from circumventing our admin goodness using the old school firmware password. Keep in mind, these passwords are somewhat easily reversible as they’re encrypted in a junior varsity way, so don’t use the same password that you use for anything else. To create our password in a script, we’re going to use EFIPW available http://code.google.com/p/efipw. Move the download to somewhere like /usr/local/bin folder. Then, to set the password to supah-secret: efipw_0.2b.py -p supah-secret -m command The client will now be in command mode,…