Reset Admin password for macOS Mojave

macos macbook-pro password filevault mojave

Solution 1:

You can't reset the admin's password but you can create a new admin.

Essentially it's the same procedure as in this answer:

How can I get admin access to a Mac without knowing the current password?

  1. Boot to Recovery Mode holding +R on startup
  2. Open Disk Utility and unlock the encrypted volume. The encrypted volume is an sub-item of the internal drive and greyed out. Select it and hit mount/activate. Use the password of the standard user to unlock it.

  3. Open Terminal from the Utilities menu and enter (to execute a typed command you have to hit the ⏎ Enter/Return key):

    rm /Volumes/<main_volume_name>/private/var/db/.AppleSetupDone

    Replace <⁠main_volume_name⁠> with the name of your main volume (usually Macintosh HD). Example:

    rm /Volumes/Macintosh\ HD/private/var/db/.AppleSetupDone

  4. Enter reboot to reboot your Mac

  5. Login with your standard user (to unlock the disc), then follow the instructions to create a new admin user (similar to configuring a new Mac)
  6. The new admin can't unlock the disk - the account has to be added by another admin user, because the new admin can't promote himself to a FileVault unlocker. Check this by entering in Terminal: sudo fdesetup list.
  7. With the new admin promote the standard user to admin and reboot

  8. Login as old standard/now admin user, open Terminal and enter

    sudo fdesetup add -user exstandarduser -usertoadd newadmin

    Example:

    sudo fdesetup add -user lorenzoalfieri -usertoadd adminlorenzo

    Then you will be asked for passwords: first enter the password of exstandarduser to authenticate him and second the password (set in step 5) of newadmin.

    Check that the new admin is added to the FV users: sudo fdesetup list

  9. Reboot and login as new newadmin
  10. Downgrade the exstandarduser admin to a standard user.
  11. Clean up the old admin.
  12. Finally create new recovery key(s): sudo fdesetup changerecovery -personal and make a (physical) note of it|them and store it at a safe place.
  • Resetting the admin password with resetpassword after unlocking the disk is not possible.

  • Changing the password of the admin with dscl after unlocking the disk is apparently not possible - the old password is still required.

    Example:

    dscl -f /Volumes/Macintosh\ HD/var/db/dslocal/nodes/Default localonly -passwd /Local/Target/users/<user_name> some_password

Related

How do I run apple script on a particular instance of Firefox?
Question Marks in iTerm (Font Issue?)
how to know the current Zoom level in D3.js
Is there a data type in Python similar to structs in C++?
Keep Bioshock Infinite FOV constant
How to fix the light beam in the Oculory
Why is a Werewolf not immune to Sanguinare Vampiris?
How to make a joystick axis completely undetectable in Windows 7?
What rewards are considered higher quality?
429 error while using 0auth 2.0 playground
Turn off AI "Rebase" animations in Civilization 5?
What are the differences in maps between difficulty levels?