How to Fix MacOS High Sierra Password Error [updated]
Mac users running the latest version of Apple’s operating system, High Sierra, are subject to a rather serious flaw that can give anyone with physical access to your Mac unrestricted access to everything on your computer. It seems that the hack only affected macOS High Sierra 10.13 and 10.13.1. Fortunately, a little tweak to your settings can improve your security and fix the problem until Apple fixes it properly.
How password cracking works
Password cracking exploits a flaw in the way macOS handles user accounts. Changing your login username to “root” and using a blank password can give lay people access to everything on your computer, allow them to install malicious software, or block your account completely.
You can check if your computer is damaged by trying to hack yourself. First go to System Preferences, then to the “Users and Groups” page. There, you can change user accounts, add administrator or guest accounts, add parental controls, and choose which apps start with your Mac. Click on the padlock located in the lower left corner of the window to change these settings.
This is where the flaw comes in. When asked for a password, delete the username and replace it with “root”, leaving the password blank. Then click “Unblock”. You may have to click on it a few times, but eventually you will be given access.
How to fix it yourself
To prevent anyone from making this change to your Mac, you need to change your machine’s root password. Before you can make this change, you need to make sure you have administrator access to your Mac (you might, if you’re not using a company-made computer). You should save the new password in a safe and secure place, such as a password manager.
Open the Terminal application in the Utilities folder in the Application Catalog (or search for it in Spotlight). Then enter this command:
sudo passwd -u root
Enter the password for your current account and then the new password you want to assign to the root account.
If Terminal seems too intimidating to you, you can use the Directory Utility application to change your root password. Use Spotlight to find the Directory Utility (it’s not in the Utilities folder of your app directory) and unlock it using your regular username and password. Click Edit on the menu bar, then select Enable Root User. Select Change again, then Change Root Password. Enter your new root password, rejoice. The problem has been resolved.
Updated 11/29/17 12:15 PM ET: Apple has just released a security patch to address the lack of root access. Security Update 2017-001 changes the way Apple validates items such as usernames and passwords and prevents attackers from changing passwords without proper credentials. You can find the update in the App Store on your Mac.