Apple’s macOS Reveals Your Encrypted Drive’s Password in the Hint Box

Discussion in 'HardForum Tech News' started by Megalith, Oct 8, 2017.

  1. Megalith

    Megalith 24-bit/48kHz Staff Member

    Messages:
    13,004
    Joined:
    Aug 20, 2006
    Apple had to issue an emergency update for macOS High Sierra this week to address a bug that exposed the passwords of encrypted APFS volumes via the password hint feature: when a user mounts an APFS volume and is asked to enter the password before being able to access the data, the user's password is displayed instead of the hint if the password hint button is pressed.

    The problem becomes apparent when you create an encrypted APFS volume on a Mac with an SSD using Apple's Disk Utility app. After setting up a password hint, invoking the password hint mechanism during an attempt to remount the volume will display the actual password in plaintext rather than the hint.
     
    captaindiptoad likes this.
  2. Nenu

    Nenu [H]ardened

    Messages:
    18,624
    Joined:
    Apr 28, 2007
  3. [21CW]killerofall

    [21CW]killerofall Aliens...

    Messages:
    2,829
    Joined:
    Mar 16, 2006
    This is a feature so you never forget your password.
     
  4. westrock2000

    westrock2000 [H]ardForum Junkie

    Messages:
    8,951
    Joined:
    Jun 3, 2005
    No APFS for Fusion is the bigger oversight. Fusion is one of my favorite things. Why has no one else implemented such a simple solution?
     
    steakman1971 likes this.
  5. eneq

    eneq Limp Gawd

    Messages:
    144
    Joined:
    Aug 7, 2009
    WTH they actually STORE the passwords somewhere? That's just bad security FTW, wouldn't surprise me if they folded to some NSA request...
     
  6. BulletDust

    BulletDust [H]ardness Supreme

    Messages:
    6,057
    Joined:
    Feb 17, 2016
    Naturally they have to store the password 'somewhere', you just assume they know better than to store the password as plain text.
     
  7. Ocellaris

    Ocellaris Ginger @le, an alcoholic's best friend.

    Messages:
    18,776
    Joined:
    Jan 1, 2008
    Looks like a pretty solid hint, I fail to see the issue here.
     
  8. Spaceninja

    Spaceninja [H]ard|Gawd

    Messages:
    1,679
    Joined:
    Sep 15, 2004
    They were just exercising some courge with that feature!
     
    captaindiptoad and KazeoHin like this.
  9. Liquid_Static

    Liquid_Static Gawd

    Messages:
    561
    Joined:
    Feb 9, 2013
    Apple moving to a modern file system (and being the only consumer desktop/laptop vendor to do so) is great. This slip-up however is not.
     
  10. steakman1971

    steakman1971 2[H]4U

    Messages:
    2,433
    Joined:
    Nov 22, 2005
    It's supposed to be supported at a later date - but wtf Apple. I use a Fusion drive in my Mac as it gives a good trade off between storage and speed.
     
  11. Jebuz. Passwords should always be stored as a hash. That's security 101

    The head of security at Equifax must have found a new job already.
     
    captaindiptoad likes this.
  12. eneq

    eneq Limp Gawd

    Messages:
    144
    Joined:
    Aug 7, 2009
    You never store passwords, any validations are done against derivatives of the password (such as a hash) that are not reversible.
     
    BlueFireIce, xorbe and almalino like this.
  13. Jim Kim

    Jim Kim 2[H]4U

    Messages:
    3,366
    Joined:
    May 24, 2012
    He did, now he consults for the NSA, Kaspersky and Apple.
     
    86 5.0L and maclem8223 like this.
  14. Eulogy

    Eulogy 2[H]4U

    Messages:
    2,185
    Joined:
    Nov 9, 2005
    Yup. Store the hash... then you hash any passwords that are entered, compare that to the stored hash and look for a match. If it matches, go on through... otherwise, nope. Never, ever, under any circumstance should a password be stored directly.
     
  15. noko

    noko [H]ardness Supreme

    Messages:
    4,135
    Joined:
    Apr 14, 2010
  16. likeman

    likeman Gawd

    Messages:
    606
    Joined:
    Aug 17, 2011
    more then likely what has happened is that it read the password box instead of reading the Hint box when saving the hint (can't see apple been that stupid and saving the password itself in plain text)
     
    bman212121 likes this.
  17. Kdawg

    Kdawg Gawd

    Messages:
    935
    Joined:
    Aug 12, 2017
    Apple.
    It just works.
     
    lostin3d likes this.
  18. risc

    risc Handle with Kid Gloves

    Messages:
    188
    Joined:
    May 18, 2017
    Sucks bad but glad they patched it quickly.

    We all love competition here, right?
     
  19. Twisted Kidney

    Twisted Kidney 2[H]4U

    Messages:
    3,503
    Joined:
    Mar 18, 2013
    That's handier than a warrant.
     
    lostin3d likes this.
  20. kirbyrj

    kirbyrj [H]ard as it Gets

    Messages:
    24,053
    Joined:
    Feb 1, 2005
    Courage
     
  21. lostin3d

    lostin3d [H]ard|Gawd

    Messages:
    1,961
    Joined:
    Oct 13, 2016
    It was a hint to match the average user knowledge for Apple products.
     
  22. B00nie

    B00nie [H]ardness Supreme

    Messages:
    7,820
    Joined:
    Nov 1, 2012
    Not so long ago the default feature of windows was to ask if you wanted to reset your password after 3 tries.
     
  23. cyberguyz

    cyberguyz Gawd

    Messages:
    694
    Joined:
    Aug 28, 2014
    [​IMG]macOS is WAY more secure than Windows [​IMG]
     
  24. ZeqOBpf6

    ZeqOBpf6 Gawd

    Messages:
    590
    Joined:
    Aug 24, 2014
    can you show me something talking about this?
     
  25. viper1152012

    viper1152012 [H]ard|Gawd

    Messages:
    1,025
    Joined:
    Jun 20, 2012
    Now that takes some courage.
     
  26. Bounty

    Bounty Limp Gawd

    Messages:
    258
    Joined:
    Jun 10, 2016
  27. likeman

    likeman Gawd

    Messages:
    606
    Joined:
    Aug 17, 2011
  28. bman212121

    bman212121 [H]ard|Gawd

    Messages:
    1,528
    Joined:
    Aug 18, 2011
    That would be my guess as well. Someone messed up the interface and accidentally grabbed the hint from the wrong textbox.
     
  29. Emission

    Emission [H]ardness Supreme

    Messages:
    4,143
    Joined:
    Dec 6, 2005
    Someone got fired today.
     
  30. CharonPDX

    CharonPDX Gawd

    Messages:
    716
    Joined:
    Jul 19, 2005
    That would be completely surprising considering Apple's history of *NOT* giving in an inch to government requests...
     
  31. CharonPDX

    CharonPDX Gawd

    Messages:
    716
    Joined:
    Jul 19, 2005
    Almost certainly not - to upgrade to a newer OS on an encrypted drive, you have to first enter the password for the encrypted drive. Not to mention, as others have suggested, it is extremely likely that the security flaw is in the "store the password hint" stage, not in the actual "storing the password" stage. That it puts what you entered for the password in both the (properly encrypted) password field as well as the (not encrypted) password hint field; instead of putting what you type in the "password hint" entry in the password hint field.

    I just tested - if you don't enter a hint, this flaw doesn't come up. If you enter nothing in the "Hint" box, it doesn't store anything for hint, and when you go to re-mount the drive, the "enter password" dialog box doesn't even have a "show hint" button.

    Moral of the story, don't enter a hint.