For years, Apple has provided multiple methods to protect the data on a Mac: separate user accounts, passwords, passkeys with Face or Touch ID, and file encryption via FileVault. Plus, it includes an optional low-level security measure that prevents starting up from storage devices other than the selected startup disk.
This last option is known as the firmware password or Extensible Firmware Interface (EFI) lock and was used on all computers before 2023 when Apple finished shifting from Intel processors to silicon chips. The password isn’t necessary with the newer Apple silicon as the firmware functionality that it restricted is now found in macOS Recovery, which requires user authentication (when FileVault is enabled).
What is the EFI Password?
EFI blocks users’ ability to use all startup key combinations except the NVRAM or PRAM reset combinations. However, the command ‘Option + Cmd + P + R’ can initiate these older machines from macOS Recovery instead.
The Lost Mode feature of Find My Mac will remotely lock the computer with a firmware password for one-time use. The user’s Mac receives the lock instruction from iCloud, restarts, and asks for the system lock PIN code that was previously set up. After entering this, the Mac launches from the designated startup disk and disables the passcode.
A firmware password is not the same as an administrator or login password. It’s a separate password that appears immediately after booting up and must be entered into the system’s lock screen.
EFI Security
Low-level passwords are quite secure, meaning it’s almost impossible to do anything if you can’t remember your password. If you have forgotten the firmware password or passcode, know that Apple doesn’t allow any workarounds.
Instead, it recommends you schedule a service appointment at an Apple Store or Apple Authorized Service Provider. The process requires the original receipt or invoice as proof of purchase, although since this process only applies to older machines, finding this after so many years may be easier said than done.
Early macOS versions required manual installation of the firmware, but in 2015, Apple began bundling EFI updates with macOS updates to deliver security patches to all users. However, as security firm Duo Labs discovered in late 2017, some Macs didn’t get the correct firmware, making those without security software in place vulnerable to hackers.
Apple recommends checking the firmware version and updating it if needed. You can do this by launching a software update via System Settings.
Firmware Passcode Location
On Intel-based Macs shipped before 2011, the firmware password was stored in the PRAM and read by the system EFI firmware before other PRAM variables. That led to a severe security issue, allowing the firmware to be revealed in a native macOS app and weakening the enhanced security Apple had hoped to introduce with the addition of the firmware password.
In 2011, however, Apple added an important change to the system: the EFI password was moved to a separate programmable controller from Atmel. This component contains lockable flash memory to store the password. It requires special programming with identifier numbers for the Mac’s motherboard and the Atmel chip to access and reset it.
Since the controller is an independent component, the only way to bypass it is to remove it from the motherboard manually, but this requires highly precise reflow soldering tools and techniques.
Bypassing the Mac Firmware Password on MacBooks
This firmware hardware hack works on all Intel MacBooks (even MacBook Pro and Air) and requires users to remove and reinstall the RAM. You can check our guide on how to remove the RAM on MacBooks for further reading.
- Shut down your computer and remove the battery.
- Locate your RAM, remove one of the RAM modules, and put it aside.
- Put the battery back in and boot your computer while holding the Cmd + Option + P + R keys to reset the parameter RAM.
- Wait for the chime to sound three times.
- Release the keys and shut down the computer.
- Remove the battery again and reinsert the RAM module.
- Put the battery back in.
- Launch your Mac, and you won’t see a firmware lock.
Removal of the EFI Password on Mac
- Restart your Mac while holding down the Cmd + R keys to enter Recovery Mode.
- When the Utilities screen appears, go to the menu and select ‘Firmware Password Utility.’
- Turn off the firmware password.
If none of the above methods have worked, you can have Apple do it for you as long as you have the original receipt or invoice. Alternatively, you can buy a Mac EFI lock bypass hardware kit or even download one of the many Mac firmware password unlock tools. If you use one of these you will void your warranty, so think carefully about whether you want to risk the procedure.
Best Mac Optimization Software of 2024
Rank | Company | Info | Visit |
1
|
|
||
2
|
|
||
3
|
|
Get the Best Deals on Mac Optimization Software
Stay up to date on the latest tech news and discounts on Mac optimization software with our monthly newsletter.
Keyon Bastani says
My iMac I purchased from an individual worked just fine. I put firmware on it and accidentally removed the device from finder on my phone. I don’t get how Apple expects me to retrieve a receipt in this situation! My whole life is on this computer and I get zero help from the Apple company. Absolutely shit customer service when all they have to do is open the device up for me and they will see all my personal information on the device.
Shauna says
My MacBook Air 2010 got stolen from my hotel room from who I thought was a friend so I put my Mac in lost mode and put a 4 digit pin.. unfortunately for me, I have so many pins and passwords that I have to remember I couldn’t remember what I set the lost mode pin to. Now for the past 2 weeks I’ve been desperately trying to regain access to use my Mac with no success!
I am fairly positive the phone I used to put it in lost mode is the same phone I stupidly threw at a wall out of sadness and anger. I’m just curious if I can’t successfully regain access thru any of my devices (I Mac, my new iPhone, and regular laptop) is it because it needs to be removed from lost mode on the device used to lock it?
Daniel (Best Reviews Team) says
Hi Shauna, and thank you for your comment! We’re happy to hear you could get your MacBook Air back. Fortunately, there’s a way to bypass the PIN if you’ve forgotten it. All you have to do is to use an iRemove tool. Have a nice day!
RussellCofIdaho says
I’ve heard this trick only works with Core2Duo and earlier Macs.
Daniel (Best Reviews Team) says
Hi RusselCofIdaho, and thanks for your comment!
You’re making a good point there, but we wouldn’t say the method doesn’t work. Still, it’s indeed riskier since RAM is typically soldered to the motherboard in newer machines. Because of this, we recommend using EFI firmware password removal software, also known as an iRemove tool. Have a nice day!
Kaygeebonds says
On mac minis and imac using the RAM removal technique, do you meed to remove the PRAM battery? (Silver button battery)
Daniel (Best Reviews Team) says
Hello Kaygeebonds, and thank you for your comment.
It shouldn’t be necessary to remove the PRAM battery, as you can reset it quite easily without touching the hardware. You can learn how to do this by reading our PRAM reset guide. Good luck bypassing the EFI lock for your Mac Mini and iMac!
Consita tanavalu says
My MacBook pro can’t quit macos utility. And I forgot my firmware password. Is there another way I can fix this.
I live in the Solomon islands.