Passware, a password recovery firm has warned Mac OS X Lion users against using the system’s “automatic login” feature. The reason behind this warning is, if the automatic login feature is enabled, the OS X Lion is more vulnerable to security risk as the passwords are exposed when the OS goes into sleep mode. A hacker can access the system password by connecting to the Firewire port in Mac as the port allows direct memory access. Mac OS X lion was recently released. The new OS retails for $29.99 in Apple App Store. The security flaw also exists in other Apple OS version such as Mac OS X Snow Leopard.
Passware which provides password recovery programs to law enforcement agencies said that the OS X Lion vulnerability was found out by their latest Passware Kit Forensic v11. The kit costs around $995 and the software can successfully recover log-in passwords and passwords for wireless networks, email, websites and more when the system is in sleep mode. Users can easily solve this security issue by disabling the auto login setting in OS X Lion. Passware has also asked users to shut down their PCS so that the system does not save the password in memory and the password cannot be recovered. Users also have the option of disabling the Firewire port which thwarts the security issue.
Passware has added that the best option to prevent a hacker from getting access to your Mac is disabling the auto logon feature. If the user keeps this feature active, it is like letting anyone access their Mac machine after it boots up. If the auto log on feature is disabled then the system will present the user with an option to choose a profile and user will be required enter the password to gain access to the system.
It is not first time that Passware has reported a security flaw. The company has used the same technique to access secured data stored on hard drives which was encrypted with TrueCrypt and Windows’ BitLocker by running the program on a USB connected to the system. The company has also said that anyone using Passware Kit Forensic v11 will need to have physical access to the target Mac system in order to steal the password. The hacker also needs to have access to the FireWire port on Mac through a cable connection. Once the hacker has a physical connection, the Passware Kit Forensic v11 can successfully seize the password data stored in Mac’s memory.
The software will be able to capture the password stored in memory in minutes. The software will work even if the Mac user has activated the FileVault encryption or the kept a complicated password to access the system. Apple has not yet responded to this security flaw exposed by Passware.