MacOS autologin password

Created: — modified: — tags:

If you need to set it programmatically

Originally reverse-engineered by Gavin Brock in 2007 (original website is down, but copy preserved in archive.org), and then repeated multiple times, most recently in tart MacOS sequoia image. Cheers to backwards-compatible XOR security!

Here's my attempt at making it into a perl oneliner:

PASS=newpassword
perl -e '$a=$ARGV[0]; use POSIX; $l=ceil(length($a)/12)*12; $s=unpack("u","+?8E2(]*\\W>JCN1\\`"); $k=substr($s x $l,0,$l); print $a ^. $k' "$PASS" | sudo tee -a /etc/kcpassword

In more readable format:

use POSIX
$a=$ARGV[0]
$l=ceil(length($a)/12)*12
$s=unpack("u","+?8E2(]*\\W>JCN1\\`")
$k=substr($s x $l,0,$l)
print $a ^. $k

Note that according to perlop, ^. operator, when applied to strings, implicitly appends zero characters to it. If it's not good enough for you, you can always append zero bytes to the end of $a, like this: $a=pack("Z" . $l, $a).


However note that in order for autologin to work, your user isn't required to have password set!

To autologin a user without password set, simply write this string to /etc/kcpassword file:

}-1-2-3-4-5-

First character is zero character XORed with first character of the Apple secret string, follower by any 11 characters