Hacking has certainly been on the minds of many these past few months, with SONY being hacked, then a string of other gaming companies and most recently Dropbox experiencing a major security flaw on the weekend. Makes you want to secure and lock down everything in sight. One of the oft-touted features of OS X is the ability to encrypt the user’s home folderusing FileVault. Theoretically it keeps your data safe from unauthorized access.
I say theoretically because Harris Corporation, a communications and IT firm, has some nice step by step instructions detailing how to crack into a FileVault home folder, right on their blog.
Basically the instructions boil down to finding the password hash, cutting and pasting it into a password cracking app like John the Ripper, and waiting. How long it takes depends on how fast your Mac is. In the example Harris gave, it took a 2.4 Intel Core i5 with 4GB RAM MacBook Pro Laptop running 10.6.6 approximately 21 hours to crack the password.
I mean, really? Granted, it’s not something an average user would be able to do, but it’s right there on the Internet, people! So simple. It makes me just want to give up on passwords altogether. Or maybe just choose some of the common ones. How’s 1234567 working these days?
To be honest, I haven’t turned on FileVault on my computers, as I found the speed hit required wasn’t worth the feeling of security. What about you? Feeling secure about your files, or have you given up all hope, like me?
Responses to “Hard to crack OS X FileVault password”
Leave a Reply