For detailed installation instructions, visit:\u00a0https:\/\/support.apple.com\/en-us\/HT201541<\/p>\n
How to Prevent Root Login Without a Password in macOS High Sierra<\/h2>\n
If you cannot immediatly patch your system, there are two other methods available to lock down the Root account.\u00a0One option is to use the Directory Utility and the other is performed on the command line. Choose whichever you feel more comfortable doing, they both accomplish the same task.<\/p>\n
Please contact the IT Service Desk at 978 934 4357 should you need assistance with this.<\/strong><\/p>\n Using Directory Utility to Lock Down Root: 2. Click the little lock icon in the corner and authenticate with an admin account login (in most cases this is the same account you log into your mac with).<\/p>\n 3. Now pull down the \u201cEdit\u201d menu and choose \u201cChange Root Password\u2026\u201d (see note under step #5 if you don’t see ‘Change Root Password… in the menu’) ***<\/p>\n 4. Enter a password for the root user account and confirm, then click \u201cOK\u201d<\/p>\n 5. Close out of Directory Utility<\/p>\n *** If the root user account is not yet enabled, choose \u201cEnable Root User\u201d and then set a password instead.<\/p>\n Essentially all you are doing is assigning a password to the root account, meaning that logging in with root will then require a password as it should. Also, if the root account is disabled, it doesn’t mean it is secure. The root account must be enabled and have a set password.<\/p>\n Using the Command Line to Assign a Root Password: Be sure to set the root password to something you will remember, or perhaps even matching your admin password. UMass Lowell Information Security recommends a 16 character password for optimal security.<\/p>\n Source: http:\/\/osxdaily.com\/2017\/11\/28\/macos-high-sierra-root-login-without-password-bug\/<\/p>\n","protected":false},"excerpt":{"rendered":" A serious security vulnerability was discovered with macOS High Sierra that can potentially allow anybody full administrative access without a password. Anyone running macOS High Sierra 10.13, 10.13.1, or 10.13.2 who has not previously enabled the root account or changed … Continue reading
\n1. Open Spotlight on the Mac by hitting Command+Spacebar (or clicking the Spotlight icon in the upper right corner of the menubar) and type in \u201cDirectory Utility\u201d and hit return to launch the app![\"prevent](\"http:\/\/cdn.osxdaily.com\/wp-content\/uploads\/2017\/11\/1-prevent-password-less-root-login-macos-high-sierra-bug-1-610x385.jpg\")
<\/p>\n![\"prevent](\"http:\/\/cdn.osxdaily.com\/wp-content\/uploads\/2017\/11\/2-prevent-password-less-root-login-macos-high-sierra-bug.jpg\")
<\/p>\n![\"prevent](\"http:\/\/cdn.osxdaily.com\/wp-content\/uploads\/2017\/11\/3-prevent-password-less-root-login-macos-high-sierra-bug-3.jpg\")
<\/p>\n![\"prevent](\"http:\/\/cdn.osxdaily.com\/wp-content\/uploads\/2017\/11\/4-prevent-password-less-root-login-macos-high-sierra-bug-2.jpg\")
<\/p>\n
\nUsers who would prefer to use the command line in macOS can also set or assign a root password with sudo and the regular old passwd command.
\n1. Open the Terminal application, found in \/Applications\/Utilities\/
\n2. Type the following syntax exactly into the terminal, then hit the return key:
\nsudo passwd root
\n3. Enter your admin password to authenticate and hit return
\n4. At \u201cNew password\u201d, enter a password you won\u2019t forget, hit return, and confirm it<\/p>\n![\"Stop](\"http:\/\/cdn.osxdaily.com\/wp-content\/uploads\/2017\/11\/change-root-password-command-line-610x170.jpg\")
<\/p>\n