Encoding and Decoding Mac Open Firmware Passwords

On macs, they have an open firmware password to prevent unauthorised people changing the boot device from the open firmware prompt. It's not particularly hard to work around and has the disadvantage that the password is encoded, not encrypted. However is does stop the simplest users.

There are also no good official tools to set the password. You can do it manually from the of prompt, or use an anonymous binary from macosxlabs to do it from a script. (I particularly dislike the "We are very lucky to have this tool. The source code will not be distributed" comment for something I am being told to run as root).

I just wanted to set the password using the nvram command so I needed an encoder. This got me googling and I found the following decoder (cracker?) code:

Ok so there must be a simpler, more generic, script solution. A bit of perl hacking later and I came up with this:

Feel free to use this as you see fit. And enjoy the source ;-)

Back to Gavin Brock's perl page