* Posts by richard0x4a

1 post • joined 29 Nov 2017

Pro tip: You can log into macOS High Sierra as root with no password


Apple's guidance not quite correct - do not disable the root user!

Apple's guidance isn't quite correct. They say "you should disable the root user after completing your task". However, if you set a root password, then disable the root user, it resets the password back to blank and reintroduces the vulnerability.

You need to set a root password, then make sure you leave the root account enabled. Only then do you defeat the vulnerability.

Biting the hand that feeds IT © 1998–2019