XYMer's Home away from Home

When http://bbs.xlr8yourmac.com is down (i.e. always)
Privacy Policy
It is currently Tue Mar 26, 2019 9:19 am

All times are UTC - 8 hours




Post new topic Reply to topic  [ 44 posts ]  Go to page 1, 2  Next
Author Message
PostPosted: Tue Sep 12, 2017 9:45 am 
Offline

Joined: Thu Dec 13, 2012 8:01 pm
Posts: 1022
Folks:

First time I've had this kind of "nightmare" in my new-ish Mac Pro . . . multi-boot, two flavors of OSX installed, 10.9 & 10.12 . . . this morning trying to access one of the admin accounts, my "password" is not working . . . looking around it seems like the password was so "simple" I didn't add it to my flashdrive doc with all the many passwords, so I can't check it. The hint tells me I should be "right" . . . but, not working in 10.9 admin.

Rebooted into the 10.12 partition . . . same deal, basic password is "the same" but a little different . . . not working. After several attempts it gave me the shot to enter my Apple ID to change the password, which I happened to remember and I got into the admin account; however then it says, "we can't log into your keychain" . . . and gives me a few options, I didn't want to "lose" the keychain, but, since I apparently dont' know my "old" password it keeps showing little windows asking for the "keychain login" . . . which of course the "new" password isn't working, etc.

What's the avenue of "least resistance" on this one? Just start a new keychain? In the olde days of install disks I know that we could reset the admin password, and possibly now the Recovery Disk can be used, I think I only have one RD . . . rather than one for each, 10.9 & 10.12 options . . . . Depending on which RD I have I guess that would work for that partition; right now 10.9 is not accepting my "password" at all, and 10.12 I'm "in" but was trying to not get kicked out of the keychain, or see if the old admin password was listed . . . didn't seem to show up. Same thing happens over on my PM3,1 because I had to reset the admin account, and I get some little window asking to "log in" to something . . . PITA--here, in 10.12 there are a bunch of them and they load over the other windows . . . "cloudd" and other stuff that I don't recognize. Trying to avoid a nuke n pave if possible . . . have a years worth of upgrades and other stuff on both partitions . . . . I prolly have the 10.9 installer loaded on a flashdrive, which would get me DU and the password reset, to "the old" password that "isn't working" . . . . No problem logging into my "user" accounts in both partitions, there the password "works" . . . it's only in the admin accounts that the "password" is not being accepted . . . . Ideers?

e.e.p.


Top
 Profile  
 
PostPosted: Tue Sep 12, 2017 11:21 am 
Online
Benevolent Dictator
User avatar

Joined: Mon Apr 21, 2008 2:03 am
Posts: 15568
Foes the admin PW fail for all purposes, like Sys Prefs, etc.?


Top
 Profile  
 
PostPosted: Tue Sep 12, 2017 11:49 am 
Offline

Joined: Thu Dec 13, 2012 8:01 pm
Posts: 1022
Seems like it does, I just checked SP to "unlock" from the user account in 10.9 . . . SP is not accepting what I believe should be the "correct" password . . . .


Top
 Profile  
 
PostPosted: Tue Sep 12, 2017 12:09 pm 
Online
Benevolent Dictator
User avatar

Joined: Mon Apr 21, 2008 2:03 am
Posts: 15568
Have you tried a Safe Boot yet?


Top
 Profile  
 
PostPosted: Tue Sep 12, 2017 12:37 pm 
Offline
User avatar

Joined: Thu May 15, 2008 8:13 pm
Posts: 10378
Location: Caught between the moon and NYC
If you don't know the old password, you'll have to lose the keychain. There's no resetting it.

As for getting into an admin account, you can reset the password from single user mode though the procedure is different in each OS. However after you login with the new password the keychain will similarly be lost.

As for me, I just set my admin passwords to all be the same. I don't have all that many systems so it's not like a hacker getting into one system is much worse than getting into two. Plus I figure once they're local they can bang away against the other system at 1Gb/s, not much will survive long at that rate.


Top
 Profile  
 
PostPosted: Tue Sep 12, 2017 1:46 pm 
Offline

Joined: Thu Dec 13, 2012 8:01 pm
Posts: 1022
MonkeyBoy wrote:
If you don't know the old password, you'll have to lose the keychain. There's no resetting it.
As for me, I just set my admin passwords to all be the same. I don't have all that many systems so it's not like a hacker getting into one system is much worse than getting into two. Plus I figure once they're local they can bang away against the other system at 1Gb/s, not much will survive long at that rate.


@MB:

Thanks for the adult pep talk . . . keychain gone . . . wahhhh . . . . I get what you are saying on the admin passwords, my user password is the same across all the platforms, OSX & OpenSUSE flavors . . . in OSX in a Mac, the admin passwords were just a tad different, same as the admin names, based upon years back you couldn't "ftp" from one computer to another if the admin names were the same . . . something like that . . . .

BDAqua wrote:
Have you tried a Safe Boot yet?


@BD:

I tried shutting it down for a bit, but haven't tried "safe" boot . . . have to think about it for a sec, because I have 5 OSs running on this drive right now . . . . Anyway, jumping out for a bit, back in awhile to test it out . . . facing the stark reality of keychain death . . . wahhhh . . .


Top
 Profile  
 
PostPosted: Tue Sep 12, 2017 2:37 pm 
Offline
User avatar

Joined: Thu May 15, 2008 8:13 pm
Posts: 10378
Location: Caught between the moon and NYC
Personally I don't use Safari for much of anything, so the only things in my keychain are WiFi and maybe some mail account passwords. Stuff I have stored elsewhere or are already in my head.

After enough exposure to all the bad things that happen to a large group of people who exclusively depend on them you'll never look at Mail or Safari the same way again. Usually when someone says they're having a problem when using Safari my first question is normally "Why?" and they never really have an answer. A similar process comes up on Windows when someone says they're having a problem using Internet Explorer...


Top
 Profile  
 
PostPosted: Tue Sep 12, 2017 4:14 pm 
Offline

Joined: Thu Dec 13, 2012 8:01 pm
Posts: 1022
@BD:

Shut the unit down for roughly two hours, rebooted back into 9 via **Safe Boot** . . . admin account still declining to accept the password that I think is the correct password . . . . : - 0

@MB:

Wit ju on the I don't use Safari for too much of anything . . . historically it's been slower than molasses, etc . . . was a big fan of Camino until they let it drop . . . now mostly using FF, but apparently FF is a "resource hog" . . . in my MP big gun I don't notice it robbing anything . . . .

So, I'm supposing your comment on Safari to mean that essentially that is all the keychain is dealing with, as well as Mail . . . I do use Mail when I am in OSX, which lately it's been more amusing in Tumbleweed with the "4.12" series kernel versus the what, 4.4 of regular OpenSUSE??? Doing some writing, which I sort of like the more "clean" interface of Pages to work with . . . but, even Pages doesn't play well with others as far as jumping back and forth between Word users in .docx . . . formatting gets in the way . . . .

Anyway, not the end of the world . . . 10.12 password is "corrected" . . . 10.9 will take some convincing . . . and then the Keychain. Is there a way to delete the now "old" keychain data? Or, too complicated to do as far as, it isn't taking up that much space, why bother?

e.e.p.


Top
 Profile  
 
PostPosted: Tue Sep 12, 2017 4:35 pm 
Online
Benevolent Dictator
User avatar

Joined: Mon Apr 21, 2008 2:03 am
Posts: 15568
I bwlieve you can delete the old...

/Users/YourUserName/Library/Keychains

But if you already have a new one it's been trashed.


Top
 Profile  
 
PostPosted: Tue Sep 12, 2017 5:14 pm 
Offline

Joined: Thu Dec 13, 2012 8:01 pm
Posts: 1022
BDAqua wrote:
I bwlieve you can delete the old...
/Users/YourUserName/Library/Keychains
But if you already have a new one it's been trashed.


@BDAq:

Thanks for the reply, well in 9 I don't have anything . . . yet, haven't had time to mess with it . . . get the installer or the Recovery DU, etc. Over in 12 I think I'm still in limbo, because I was trying to get back into the old Keychain, but failed, and got all the mini windows with "cloudd" and "clouddd" and "cloudddd" and "systemd" and all kinds of other "services" that were asking for a log in password, but weren't accepting my "answer" . . . .

For the most part I don't use the admin account, but, for some stuff, like where I might need "sudo" I have to be in admin . . . . Seems like the "path of least resistance" is to opt for "new keychain" if they ask or give me that chance again . . . . :bonk: :classic-eek: :emphatic-eek: :whip: :fishsmack: :coffee:


Top
 Profile  
 
PostPosted: Wed Sep 13, 2017 6:52 am 
Offline

Joined: Thu Dec 13, 2012 8:01 pm
Posts: 1022
I guess my question remains . . . other than the **slightly obvious** "the guy can't remember his passwords" syndrome . . . is this something that does and or has happened, i.e., the system reads the password as "wrong," let's say, even if it's right? Or, other remote possibility, somehow the two OSX systems were hacked or sabotaged . . . remotely . . . possibly someone tracing back through dnetc activity?? I think I've used both OSX's to play with dnetc . . . otherwise, much of the time when I'm not using the computer it's logged out, or shut down . . . using ethernet connection, not wifi . . . .

Or, is there the chance of some OSX security issue where the admin passwords are "lost" that has been happening?? It's kind of "odd" . . . because the password was very "simple" in comparison to my FF Sync password for instance . . . .

Just wondering . . . . :badteeth: :shock: :roll:


Top
 Profile  
 
PostPosted: Wed Sep 13, 2017 8:05 am 
Offline
User avatar

Joined: Thu May 15, 2008 8:13 pm
Posts: 10378
Location: Caught between the moon and NYC
Currently the in-vogue thing for remote exploits isn't to change passwords, its to encrypt your entire drive (and anything else attached) and ask you for bitcoins to unlock it, then (usually) not unlock it after you pay them the ransom. Macs are actually getting hit harder than PCs on this because nobody runs AV and a crazy amount of the installed base refuses to install updates. All those unpatched XP systems are dwindling in number at this point, but just yesterday I had to force someone to install 10.12.6 on their system (to resolve an issue that was fixed by the update).


Top
 Profile  
 
PostPosted: Wed Sep 13, 2017 8:19 am 
Offline

Joined: Thu Dec 13, 2012 8:01 pm
Posts: 1022
MonkeyBoy wrote:
Currently the in-vogue thing for remote exploits isn't to change passwords, its to encrypt your entire drive (and anything else attached) and ask you for bitcoins to unlock it, then (usually) not unlock it after you pay them the ransom. Macs are actually getting hit harder than PCs on this because nobody runs AV and a crazy amount of the installed base refuses to install updates. All those unpatched XP systems are dwindling in number at this point, but just yesterday I had to force someone to install 10.12.6 on their system (to resolve an issue that was fixed by the update).



Not 10.12.6!!!! Anything but 10.12.6!!!! . . . Well, for those of us who have been playing with OSX for awhile, BD, you know who you are . . . historically the intermittent "updates" would "fix" one gaping problem, but then "un-fix" others . . . so the general wisdom became, "just do the Combo updates" . . . but lately I don't know where that has gone; like if all "updates" now are "Combo" or back to the olde days . . . as they come out they do the "non-Combo" . . . .

I also don't have AV installed . . . until recently the choice for Mac was considered "non-serious" to computer geeks and no hacker worth his salt would waste time hacking a Mac . . . now obviously that has changed . . . . These days I don't have too much "serious" riding on my computers, no business requiring 24 hour server running . . . and, more time flipping around the web in Linux . . . which, no hacker worth his salt is going to waste his time trying to hack Linux . . . .

There is always "nuke n pave" . . . the "ultimate response" to hackers asking for "bitcoin" . . . whatever that is . . . how can I pay in "bitcoin" if I have no clue?? :coffee:


Top
 Profile  
 
PostPosted: Wed Sep 13, 2017 8:34 am 
Offline
User avatar

Joined: Thu May 15, 2008 8:13 pm
Posts: 10378
Location: Caught between the moon and NYC
As a general rule, unless you need to pay for something illegal, you don't need to know what bitcoin is.


Top
 Profile  
 
PostPosted: Wed Sep 13, 2017 8:51 am 
Offline

Joined: Thu Dec 13, 2012 8:01 pm
Posts: 1022
MonkeyBoy wrote:
As a general rule, unless you need to pay for something illegal, you don't need to know what bitcoin is.


That's what I figure, strictly on the "up & up" . . . no time to do the time . . . so . . . no crime . . . no need for "bitcoin" to be jangling in my criminal pockets . . . .


Top
 Profile  
 
PostPosted: Wed Sep 13, 2017 10:00 am 
Online
Benevolent Dictator
User avatar

Joined: Mon Apr 21, 2008 2:03 am
Posts: 15568
Quote:
I guess my question remains . . . other than the **slightly obvious** "the guy can't remember his passwords" syndrome . . . is this something that does and or has happened, i.e., the system reads the password as "wrong," let's say, even if it's right?

I think I've had it happen, the only times I could track it down it was Folders/Files getting mysteriously locked.


Top
 Profile  
 
PostPosted: Wed Sep 13, 2017 10:30 am 
Offline

Joined: Thu Dec 13, 2012 8:01 pm
Posts: 1022
BDAqua wrote:
Quote:
I guess my question remains . . . other than the **slightly obvious** "the guy can't remember his passwords" syndrome . . . is this something that does and or has happened, i.e., the system reads the password as "wrong," let's say, even if it's right?

I think I've had it happen, the only times I could track it down it was Folders/Files getting mysteriously locked.


@BD:

Alrighty . . . well, I guess I will "monitor" the situation and see what else pops up . . . .


Top
 Profile  
 
PostPosted: Wed Sep 13, 2017 4:32 pm 
Offline
User avatar

Joined: Thu May 15, 2008 8:13 pm
Posts: 10378
Location: Caught between the moon and NYC
este.el.paz wrote:
historically the intermittent "updates" would "fix" one gaping problem, but then "un-fix" others . . . so the general wisdom became, "just do the Combo updates" . . . but lately I don't know where that has gone; like if all "updates" now are "Combo" or back to the olde days . . . as they come out they do the "non-Combo" . . . .
I normally only do combo updates because I'm routinely updating systems that haven't seen an update since god knows when and combo updates include things like firmware updates. Between combo updates you just install updates per usual.

I'll admit I was once one of the as few updates as possible crowd, however that was in the days before internet connections were fast and plentiful. Hard to infect a computer connected to the internet over a 33.6K modem, not so hard when it's connected via 100Mb broadband. And the computer is wandering around to random websites exposing its unpatched vulnerabilities. You can keep using outdated software, just don't connect it to the internet if you know what's good for you.


Top
 Profile  
 
PostPosted: Fri Sep 15, 2017 9:59 am 
Offline

Joined: Thu Dec 13, 2012 8:01 pm
Posts: 1022
So I rebooted into what is the 10.9.5 Recovery Disk to see if I could re-set the admin password using that utility, and seemingly that isn't available in 10.9??? There is a choice for "Turn on Firmware Password" . . . which I assume would put a password on what, the mobo activity? I recall in 10.6 installer there was/is an option that works on the admin account, but, in 10.9 it's "firmware password protection," "restore from TM," "reinstall OSX," "Get Help Online," "Disk Utility."

I checked "Get Help Online" which just had definitions of the previous options, and when I clicked on "search Help" I got a spinning BB that went on for several minutes . . . obviously the "helpline" was busy?? So, somewhat stumped, I did try to start the "reinstall OSX" . . . which I aborted after a few windows, not wanting to take the time . . . on, what would it be, "archive and install" . . . ??? Files and stuff would be saved . . . seems like overkill?

Or, what else, start another account, set it as having admin privileges . . . but, that stiil wouldn't be "sudo" right?? This is kind of a mini-bureaucratic nightmare . . . hard to get around not having the "correct" password as far as the OS is concerned, because I would need the old one to change to a new one . . . . :bonk:

e.e.p


Top
 Profile  
 
PostPosted: Fri Sep 15, 2017 11:27 am 
Offline
User avatar

Joined: Thu May 15, 2008 8:13 pm
Posts: 10378
Location: Caught between the moon and NYC
Oh. Yeah, in 10.9 and up you have to use Terminal and fire off the command by hand. Because thieves who want to reset your password after stealing your system are TOTALLY not going to know how to use Google. :roll: Security through obscurity is not security, Apple.

Just open Terminal in the recovery console (/bootable media) and type resetpassword. (without the period) It'll then load the same program the menu option loads in older copies of OS X.

Of course the ideal method for avoiding thieves is to use full disk encryption, then you can't reset anything w/o it. Or access it. Or recover your data.


Top
 Profile  
 
PostPosted: Fri Sep 15, 2017 12:11 pm 
Offline

Joined: Thu Dec 13, 2012 8:01 pm
Posts: 1022
MonkeyBoy wrote:
Just open Terminal in the recovery console (/bootable media) and type resetpassword. (without the period) It'll then load the same program the menu option loads in older copies of OS X.

Of course the ideal method for avoiding thieves is to use full disk encryption, then you can't reset anything w/o it. Or access it. Or recover your data.


Yes, Apple is infinitely wise . . . who needs to "access" or "recover" data, when Siri can do everything that we need or want . . . resistance is futile . . . Apple AI controls All . . . speak loudly and clearly into the AI mic and Siri will deliver the divine message--"I can't understand your question; is there anything else I can help you with . . .???"

Thanks for the "how to" on using the Terminal to get to GUI . . . appreciate that . . . . Of course isn't it going to ask me for the "old" password that it isn't recognizing as the password, before I can change it to the new one? Same catch-22 dealie???


Top
 Profile  
 
PostPosted: Fri Sep 15, 2017 2:47 pm 
Offline

Joined: Thu Jul 05, 2012 4:02 pm
Posts: 1100
Location: Melbourne
este.el.paz wrote:
....Of course isn't it going to ask me for the "old" password that it isn't recognizing as the password, before I can change it to the new one? Same catch-22 dealie???


No. You choose the admin user account, and enter in a new password twice and that'll do it.
I think you will still lose your Keychain though as that operated with the old forgotten pass.


Top
 Profile  
 
PostPosted: Fri Sep 15, 2017 5:06 pm 
Offline
User avatar

Joined: Thu May 15, 2008 8:13 pm
Posts: 10378
Location: Caught between the moon and NYC
Just so we're clear, this is Terminal from the recovery console or bootable installation media, not Terminal from the OS containing the user you want to change. When you run resetpassword it loads the same reset password utility as you found on the older OS installers, no old password required.

The only limitation I think it has is that it will only reset the password for 501, which is the first account created on the system. If you created 2nd account it'd be 502, then if you deleted the original 501 account and created a new account... it'd be 503. I may be wrong though. I had to puzzle through resetting the password for Windows 10 after a coworker brilliantly managed to remove administrative rights from the student account while not creating/enabling another administrator account, meaning there was no accessible admin account on the system. Since Vista or 7 Windows has wisely defaulted to the account called Administrator being disabled, though any other account can be an administrator, but students having admin rights is the stuff of nightmares.


Top
 Profile  
 
PostPosted: Sat Sep 16, 2017 3:01 pm 
Offline

Joined: Thu Dec 13, 2012 8:01 pm
Posts: 1022
roam wrote:
este.el.paz wrote:
....Of course isn't it going to ask me for the "old" password that it isn't recognizing as the password, before I can change it to the new one? Same catch-22 dealie???


No. You choose the admin user account, and enter in a new password twice and that'll do it.
I think you will still lose your Keychain though as that operated with the old forgotten pass.


@roam && MB:

Sorry, I didn't get notification on these recent posts . . . but I did forge ahead anyway, and yes MB it was clear from your other post that it wasn't the GUI Terminal, but via RD . . . and yep as roam said, it didn't ask for "the old" password, just let me set the new one . . . and it gave me the option to reset for "system admin," as well as the two user accounts, one of which is the "admin" GUI account. Then I was able to get into the folder where I had **secretly** stored the passwords . . . and indeed the problem was "pilot error" . . . my "memory" was "very close" to the actual password, but "I missed it by that much" . . . the "real" password was more aesthetically pleasing to look at, my "memory password" was a more simple version of the "original" . . . . So, then I was able to use that password for the Keychain . . . but, that account isn't really used that much, hence my issue with recalling the master password . . . .

Only problem was now on reviving from sleep the system wanted a log in password in the user log in window . . . and entering the password that did indeed just "work" to get me into the account . . . now that log in window just "freezes" . . . it doesn't "shake" and reject, it just hangs . . . I had to shut it down with the power button to get out of it . . . . Anyway, as usual the culprit was the questioner . . . and, the admin password has been changed . . . appreciate the assistance . . . I'm now back in Gecko MATE where the password is the same one that I've used in all my linux accounts . . . I'll never "forget" that one . . . . :fishsmack:

On a slightly different line of questioning, I'm considering a SSD for the '12 MPro . . . and I was looking at OWC's offerings, and they seem to have one column that lists the SSD's for one price, and then on the other side they have the same sizes but with the "tray" and "tools" . . . . So, not having put this HD into the computer it's my impression that in the MP they are "plug n play" . . . the HD slides into what must be a SATA slot rather than like in the PM where there are cables connecting . . . . And, then the SSDs are smaller, so I need to get "the tray" that will hold the SSD in the proper position so that it will "click in"??? Or, it's possible to click the SSD into one of the three or four HD slots without the tray, as long as I know that I can't slosh the computer around???

And, let's say, I need the tray . . . what are these tools . . . is the SSD tray install super complicated?? One of them looked like a flat what, pry bar? Or that is for what? the heat grease?? The actual name is "eluding" my "memory" . . . . :snail:

e.e.p.


Top
 Profile  
 
PostPosted: Sun Sep 17, 2017 2:34 am 
Offline

Joined: Thu Jul 05, 2012 4:02 pm
Posts: 1100
Location: Melbourne
Good recovery, Señor el paz.
On SSDs, MB is most knowledgeable. Personally I think they are a little overpriced but I don't doubt their speed.


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 44 posts ]  Go to page 1, 2  Next

All times are UTC - 8 hours


Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group