macOS provides multiple methods to protect the data on a Mac: a user account password, encryption via FileVault, and optional low-level security measure that prevents starting up from storage devices other than the selected startup disk. That's known as the firmware password or EFI (Extensible Firmware Interface) lock, which will also block the user's ability to use all startup key combinations, except the NVRAM or PRAM reset combinations. This command (Option + Command + P + R), however, will initiate the machine from macOS Recovery instead.
The Lost Mode feature of Find My Mac will remotely lock the Mac with a firmware password for one-time use. The user's Mac receives the lock instruction from iCloud, restarts, and asks for the system lock PIN code that they set up. After entering the passcode the Mac starts up from the designated startup disk and disables the passcode.
A firmware password is not the same as the administrator password or login password. It's a separate password that appears immediately after boot and must be entered into the system lock screen, which appears as a lock symbol on either a black or a gray background.
Firmware Passcode Security
Low-level passwords are quite secure, which also means there is potentially a headache if the password is forgotten. If you or any of your users can't remember the firmware password or passcode, know that Apple doesn’t allow for any workarounds, but instead recommends scheduling a service appointment with an Apple Store or Apple Authorized Service Provider. The process requires the original receipt or invoice as proof of purchase.
Earlier versions of macOS required manual installation of the firmware but, starting in 2015, Apple began bundling EFI updates with the macOS updates in order to deliver security patches to all users. But as security firm Duo Labs discovered in late 2017, some Macs aren't getting the right firmware, which makes them vulnerable to hackers. They recommend checking the firmware version and updating if needed.
Firmware Passcode Location
On Intel-based Macs shipped before 2011, the firmware password was stored in the PRAM and read by the system EFI firmware before other PRAM variables. That lead to a serious security issue, allowing the firmware to be revealed in a native macOS app and weakening the enhanced security Apple had hoped to introduce with the addition of the firmware password.
In 2011, however, Apple added an important change to the system: the firmware password was moved to a separate programmable controller from Atmel. This component contains lockable flash memory to store the password and requires special programming with identifier numbers for both the Mac's motherboard and the Atmel chip to access and reset it.
Since the controller is an independent component, the only way to bypass it is to manually remove it from the motherboard, but this requires highly precise reflow soldering tools and techniques.
Bypassing the Mac Firmware Password on MacBooks With Upgradeable RAM
This hardware hack works on both Intel- and Motorola-based MacBooks and requires users to remove the RAM and reinstall it. You can check our guide on how to upgrade the RAM on Macs for further reading.
- Shut down your computer and remove the battery.
- Locate your RAM, remove one of the RAM modules and put it aside.
- Put the battery in, and boot your computer while holding the Command + Option + P + R keys to reset the parameter RAM.
- Wait for the chime to sound three times.
- Release the keys and shut down the computer.
- Remove the battery again, and reinsert the RAM module.
- Put the battery back in.
- Boot up your Mac, and you should not see the firmware lock again.
Disable the Password With Firmware Password Utility
- Restart your Mac while holding down the Command + R keys to enter Recovery Mode.
- When the Utilities screen appears, go the Utilities menu bar, and select “Firmware Password Utility”.
- Choose to turn the Firmware Password off.
If none of the above methods worked, there are still two more options to try: either have Apple do it for you, so long as you have the original receipt or invoice, or alternatively use any of the EFI lock bypass hardware kits available for sale on various sites. In using one of these EFI lock hardware bypass methods you’ll almost certainly void your warranty, so it is down to you whether you want to risk the procedure.
Best Mac Optimization Software of 2023
| Rank | Company | Info | Visit |
|
1
|
![]() |
|
|
|
2
|
![]() |
|
|
|
3
|
![]() |
|
Get the Best Deals on Mac Optimization Software
Stay up to date on the latest tech news and discounts on Mac optimization software with our monthly newsletter.





Shauna says
My MacBook Air 2010 got stolen from my hotel room from who I thought was a friend so I put my Mac in lost mode and put a 4 digit pin.. unfortunately for me, I have so many pins and passwords that I have to remember I couldn’t remember what I set the lost mode pin to. Now for the past 2 weeks I’ve been desperately trying to regain access to use my Mac with no success!
I am fairly positive the phone I used to put it in lost mode is the same phone I stupidly threw at a wall out of sadness and anger. I’m just curious if I can’t successfully regain access thru any of my devices (I Mac, my new iPhone, and regular laptop) is it because it needs to be removed from lost mode on the device used to lock it?
Daniel (Best Reviews Team) says
Hi Shauna, and thank you for your comment! We’re happy to hear you could get your MacBook Air back. Fortunately, there’s a way to bypass the PIN if you’ve forgotten it. All you have to do is to use an iRemove tool. Have a nice day!
RussellCofIdaho says
I’ve heard this trick only works with Core2Duo and earlier Macs.
Daniel (Best Reviews Team) says
Hi RusselCofIdaho, and thanks for your comment!
You’re making a good point there, but we wouldn’t say the method doesn’t work. Still, it’s indeed riskier since RAM is typically soldered to the motherboard in newer machines. Because of this, we recommend using EFI firmware password removal software, also known as an iRemove tool. Have a nice day!
Kaygeebonds says
On mac minis and imac using the RAM removal technique, do you meed to remove the PRAM battery? (Silver button battery)
Daniel (Best Reviews Team) says
Hello Kaygeebonds, and thank you for your comment.
It shouldn’t be necessary to remove the PRAM battery, as you can reset it quite easily without touching the hardware. You can learn how to do this by reading our PRAM reset guide. Good luck bypassing the EFI lock for your Mac Mini and iMac!
Consita tanavalu says
My MacBook pro can’t quit macos utility. And I forgot my firmware password. Is there another way I can fix this.
I live in the Solomon islands.