Skip to content

Howto fix the MacOS High Sierra blank root password flaw

A vulnerability within MacOS High Sierra was discoverd: It allowes logins and/or changes to critical Settings with the Superuser (root) without a password.
I’m sure that Apple is already working on a permanent fix for that, until then you should safe your Mac!

Howto fix the macOS blank root password Security issue?

  1. Open ‘Terminal’ or ‘iTerm2’
  2. Type ‘sudo passwd root’
  3. Type your (User) password
  4. Select a strong password for root (and repeat it)

Change root password on macOS
Change root password on macOS

I was told, that this critical flaw is fixed in the latest macOS High Sierra 10.13.2 Beta (17C83a), but I tested it and the issue was still present on the test system!!!

Root Flaw
Root Flaw

Someone told me, that I should disable the ‘Guest’ user. That doesn’t solve the issue, at least not on my two MacOS High Sierra systems.

This content is older than 2 years. It might be outdated.
Published inAppleHowTo

Be First to Comment

Leave a Reply

Your email address will not be published. Required fields are marked *