Skip to main content

Anyone can log into your Mac without your password — here’s how to fix it

how to download MacOS High Sierra
Image used with permission by copyright holder
Anyone using MacOS High Sierra should be on high alert. A Twitter user revealed a massive security vulnerability which allows anyone to log into your system as an administrator without valid login credentials. All a malicious user has to do is attempt to log in as “root” from the login screen, leave the password field blank, and press enter over and over until the system allows access.

Dear @AppleSupport, we noticed a *HUGE* security issue at MacOS High Sierra. Anyone can login as "root" with empty password after clicking on login button several times. Are you aware of it @Apple?

— Lemi Orhan Ergin (@lemiorhan) November 28, 2017

The scary news is that it’s true, or it was before Apple released a security patch. So all you need to do is open your Mac App Store and check for updates. You should see a security update available, go ahead and download that and you’re all set.  Before it was fixed, the vulnerability meant anyone could approach your iMac, MacBook, or Mac Pro and access your computer without anything more than a couple keystrokes and zero technical know-how.

Additionally, it’s never a bad idea to change your system’s root password; leaving it blank was the key to the vulnerability before it was fixed. Here’s a quick tutorial on how to do just that.

Assuming you’re running MacOS High Sierra, we’ll teach you below how to fix the problem.

First, we’re going to open up System Preferences, open Users & Groups, select Login Options, then click the lock on the bottom left side of the window and enter your password. Next, hit Join right beside Network Account Server. This will open up a small dialog box, there you will want to click Open Directory Utility. Now we’re going to click that little lock again, and enter your password.

MacOS High Sierra Vulnerability Fix
Image used with permission by copyright holder

From here, mouse up to your Finder bar, and click Edit. From this drop-down menu click Change Root Password. This is the most important part: Pick a strong, unique password that you won’t forget.

MacOS High Sierra Vulnerability Fix
Image used with permission by copyright holder

That’s it, just an extra layer of security for your Mac, now that Apple has addressed the vulnerability with a security update.

The whole issue came to light after an industrious Twitter user pinged Apple Support’s official Twitter account for help regarding the vulnerability and from there it caught fire and spread. Twitter users from all over the world were confirming that they could replicate the vulnerability, and access their own computers without using anything more than a four-letter word.

Even though it’s fixed, this wasn’t just a minor vulnerability, like a loophole in some bit of code somewhere that only a security expert could exploit. This was a dead-simple way to break into someone else’s computer, so make sure you download and apply that patch from the Mac App Store.

Update: Apple has issued a security patch to address the issue. 

Editors' Recommendations

Jayce Wagner
Former Digital Trends Contributor
A staff writer for the Computing section, Jayce covers a little bit of everything -- hardware, gaming, and occasionally VR.
Common macOS Sonoma problems and how to fix them
Apple's Craig Federighi presents new features in macOS Sonoma at the company's Worldwide Developers Conference (WWDC) in June 2023.

Apple’s latest operating system, macOS Sonoma, has launched, and it brings with it a bunch of great new features for your Mac. But upgrading your Apple computer could lead to problems, and while this won’t happen to everyone, it can be frustrating when issues arise.

Fortunately, there’s help at hand. We’ve put together a list of the most common macOS Sonoma problems and how to fix them. Just follow these tips and they could help you out of a tricky spot. We’ve added links to Apple’s official guidance throughout, so be sure to check them out for more assistance.
macOS Sonoma won’t download

Read more
Apple fixed one of my biggest macOS gripes with Sonoma — but I still want more
Federighi talking about Continuity Camera.

Apple’s macOS Sonoma update has just been launched and, let’s be honest here, it’s a pretty modest upgrade (probably thanks to the work required on the Vision Pro’s software). Still, when Apple unveiled Sonoma a few months ago, there was one feature that got me excited: Continuity Camera.

This nifty tool lets you use your iPhone as a high-quality webcam. Sure, it actually debuted with macOS Ventura, but this year we’ve got much more control over how it works. Sliders! Toggles! Yes, it’s all here.

Read more
Update your Apple devices now to fix these dangerous exploits
A person using a laptop with a set of code seen on the display.

If you’re an Apple user -- whether you have a Mac, an iPhone, an iPad, or an Apple Watch -- you need to update your devices as soon as possible. That’s because Apple has discovered three actively exploited vulnerabilities that could cause your devices serious harm, and the patches are already out to fix them.

One of the bugs was found in Apple’s Security framework and would allow a malicious app to completely bypass a device’s signature validation. Another bug concerns the WebKit browser engine and could grant a threat actor the ability to run arbitrary code when a victim views a certain web page.

Read more