Filevault2 system password different from user password
Using filevault2 system encryption I noticed that my login password is also used to decrypt the disk at boot time.
This does not fit my needs. My requirements for the system encryption passphrase and the login password differ significantly.
To protect my disk, I want to use a long and complicated pass phrase. One that can not be broken by brute force in the universe's lifetime.
For my login account, I want a shorter, easy to type password. The main use of this password is to authorize actions that need administrative privileges. And it is needed quite often. Using the disk pass phrase for this purpose is just impractical.
Is it possible to set up the system this way? Of course, if the shorter login password can also unlock the disk, then no security is gained by having an additional longer pass phrase.
I tried to change the pass phrase of the system partition in disk utility. I selected the OSX partition and executed File->Change Password.
There was no error message of any kind, but on the next boot, I was still able to unlock the disk using my shorter login password. (Which managed to cause some distrust in filevault2 on my side. What is going on? There was no error message when changing the password in disk utility.)
After the next reboot, it showed again decrypting progress.
Decrypting is not very stable, I had two freezes during decryption, where a Window of Death advises you to hold the power button until the computer turns off.
Several more times, the progress indication of the decryption process displayed nonsense.
Reencryption had to be done as the new disk unlocker user, as it is not possible to exclude the user from disk unlocking that starts the filevault2 encryption.
What about the other question, why is it possible to set a password for the system partition in disk utility without any error message, and, as it seems, without any effect?
Similar Messages
-
Are Sql functions different from user defined functions ?
Hello,
SQL functions are built into Oracle Database and are available for use in various appropriate SQL statements. Do not >confuse SQL functions with user-defined functions written in PL/SQL.according to first paragraph of this document Sql functions are different from user defined functions . How is that ?
Is they really differ from each other ?bootstrap wrote:
If you don't know what compilation is, please use Wikipedia or other online resources.I know what is compilation . But i was confused whether those sql functions are compiled in my machine when i install Oracle Database in my machine or they are pre-compiled .
As you said these Sql functions are pre-compiled , it is clear now that they are pre-compiled platform dependent code .
Can you provide actual source code of any SQL function , say SUM function .
I want to see it, how they have defined . Eagerly waiting for any reply. please help .
Edited by: bootstrap on Aug 19, 2011 11:50 AMYou can ask oracle if they give you their code. I doubt they will. However if you want to write you own user-defined aggregation function, there are examples in the documentation how to do that.
http://download.oracle.com/docs/cd/E11882_01/appdev.112/e17125/adfns_packages.htm#i1008575
Edited by: Sven W. on Aug 19, 2011 9:24 AM -
How to set Portal Theme for WDA iView different from user's Theme
Hi Experts!
I have dual-stack system: ABAP server + Java. I have WDA application in ABAP server and I deployed it to NW Portal via iView (using template).
There are two themes customized:
1: Standard - to be used for all iviews except WDA iviews. This theme is set as default for user.
2.: WDA theme - to be used for some WDA iviews IRRESPECTIVELY what them is set in personalization settings of the user.
So my question is:
Can I somehow set the Portal Theme to be used for specific iView no matter what Theme user has selected in his personalization?
Or if its not possible, can I set some specific Theme for WDA application?
So taks is to overcome settings for default portal theme for user and replace it with different theme. Is this possible?
Thanks in advance.Are you using an LDAP as your UME, or are the user records from from R/3 ?
Apparently (Ive never done it) you used to be able to force a default language by editing this file (back in the EP5 days):
<J2EE root>\WEB-INF\portal\system\properties\prtDefault.properties
Look at the following lines :
This is the default language to be used when none is specified
request.defaultlanguage=en
request.defaultcountry=us
If you prefer to have the same language for all users no matter their user locale, change the lines to this :
This is the default language to be used when none is specified
request.mandatorylanguage=en
request.mandatorycountry=us
I hope this works out for you -
Hi,
I am getting the below error in my system in db check .
Detail log: cefatfts.chk
command_line brconnect -u / -jid CHECK20101006090000 -c -f check
alert_log G:\ORACLE\SID\SAPTRACE\BACKGROUND\alert_SID.log
BR0286W Size 1972764672 of file H:\ORACLE\ SID \SAPDATA4\PRDUSR_2\PRDUSR.DATA2 is different from Oracle file size 482353152
BR0280I BRCONNECT time stamp: 2011-01-19 09.00.30
Googleit and found the below link
Backup Error "Return Code 0001 Success with warnings"
in this they Just Extend the datafile to update the control file
So i use ALTER DATABASE DATAFILE 'DATAFILE' RESIZE 'NEW SIZE'
Can this solve my error Please suggest and what command and precaution do I have to take.
Regards,Hi,
Sorry for that I will have closed the one post. As suggest i have cheeked the sap note and find only one note 1137346
in that
BR0286W Size of file %s is different from Oracle file size.
BR0286W Größe der Datei %s ist verschieden von Oracle-Dateigröße.
Explanation: The file size in the file system is different from the file size saved in the ORACLE dictionary (in the control file). The file may be corrupted.
Program reaction: The program tries to save the file.
User action: Check your disks, the file system (file system check), and the ORACLE ALERT file. If you discover errors, you may be able to correct the situation by performing a recovery. Contact an ORACLE specialist before you start a recovery.
Need to know the steps as suggest
in this they Just Extend the datafile to update the control file Can this solve my error
Regards, -
How to get a value from User's AD attribute and Display it on a SharePoint page ?
Forum,
We have a specific attribute in Active Directory for every single user. Meaning: In our Active Directory we have an attribute e.g. "UserType" and the value of this attribute is different from user to another.
Requirement: I need to display the value of this attribute on the SharePoint page - How to do so?
I don't think using the User Profile properties is the way to go. So, Could you please guide me on how to use C# or JavaScript to retrieve the value from AD attribute of each user and show it on the SharePoint site?
Thanks for your inputs !Using C# or javascript to authenticate the user to AD to read the property directly will be very difficult. Creating a custom user profile property and adding a sync from AD to that property is definitely the easiest way to do what you are describing.
Once its in User Profiles there are lots of samples on how to add it to the page.
Paul Stork SharePoint Server MVP
Principal Architect: Blue Chip Consulting Group
Blog: http://dontpapanic.com/blog
Twitter: Follow @pstork
Please remember to mark your question as "answered" if this solves your problem. -
Why does an Inbound IDoc no change and differs from an Outbound IDoc no?
Hi Experts,
This seems to be a basic question..! But can someone kindly clarify why an IDoc number gets changed when sent from one R/3 system to another R/3 system and how does this happen???
i.e., whenever an IDoc was triggered from R/3 system A to R/3 system B through XI/PI, the Inbound IDoc number (in system B) differs from the Outbound IDoc number (in system A)... Why does this happen and how???
Thanks in advance!
Br,
G@neshHi Ganesh,
The IDOC numbers are always Unique,
IDOC can be generated in SAP system as a result of internal testing (WE19), or
can be posted from a non sap system (say PI).
So every time a new IDOC comes, it is assigned a new number to avoid confusion and also this plays a
critical role in the end to end testing and validation.
If you look at the control record of the IDOC you can see a element called DOCNUM. this stores to actual IDOC number.
from PI side you can use IDX5 and in ECC We02/05 to notice the idoc numbers.
Regards,
Srinivas -
AE 3D axis orientation is different from 3D programs?
Here is something that has been bothering me forever:
Is the AE x y z coordinate system aligned differently from 3D programs such as Blender or am I just stupid?
In blender, the blue Z-arrow points up (vertically) in the front view. But in AE it's the green Y arrow that is pointing up.
I really thought these were agreed upon standards (after all coordinate systems have existed way before any computer programs), so it might be that I'm missing something here. Are the coordinate systems really different between AE and other 3D applications (like Blender)?
Thank you!Actually Blender is the odd one out here. Most other 3D animation programs use the Y is the world up axis. On the other hand, Z up is traditional in CAD since it is assumed that plans are drawn in the XY plane in the top down elevation. So in fact neither is wrong in the specific context. And image processing programs traditionally use XY with the origin in the top left corner because that is how CRT tubes work and how any image needed to be drawn in the dark ages of computer graphics, hence most image and video formats still use that today. And you are mistaken - there is no "standard" here, it's all tradition/ habitual use of these things....
Mylenium -
Requirement type from User parameters ?
Hi Gurus,
today while doing a scenario in test system about strategy 50. after runnig MRP I found the Convrtable Planned orders are created in place of Un converatble Planned Orders.
i found the Error That System Showing req Tpe As vsf instead vse.. which is maintained in User parameters of MD61.
1. my Doubt is how Can system Accept a requirement which is not Available in its material master ?
regards,
Venkat.Hello Venkat,
System take data from User parameter maintained in MD61, You should Blank User parameter in MD61, if we maintained the values blank it always take data from config like req type & class.
You just maintained User parameter default blank and save.
In MD61 User paramter have priority over Configuration setting.
Using the SHDO to restrict user to change theses values.
Check and confirm
Regards
Umesh Mali -
Choose a password that is different from your last 5 passwords
Hi Experts
"Choose a password that is different from your last 5 passwords."
I want to take this setting off. So that you can use the same password every time.
What I have done is: -Transaction - rz10
-Change the following parameter "login/password_history_size = 0"
-stop and start the SAP system.
Are there any other settings that I must change?
ThanksThis is not possible.
The password may not be changed to any of a useru2019s last five passwords, if the user changes the password himself or herself.
The administrator can reset a useru2019s password to any password, even to one of the last five passwords of this user. This is necessary, since the administrator should not know the passwords of the users. The user is prompted to change the password at the first interactive logon.
Regards,
Pavan -
Problem in RFC as JCO changed from user/password to SSO
Hi all
Initially i was using CO with user/password properties but now it has been changed to SO.
In my webdynpro project there are 3 RFC Models being used.
Out of which 2 are working fine and giving the desired results but 1 RFC works fine on the R/3 side but from the webdynpro side it does not work just displays bapireturn - "Not successful".
As the properties of the JCO changes to USer/password , the RFC works fine giving the desired results
Plz let me know wht cld be the problem
Thanks and RegardsVindhya,
With SSO, the details of the user who's logged in goto R/3 and thus determines if the user has authorizations to run this RFC. This user could be different from the user you were using previously without SSO.
Meaning, this time, with SSO, the user is you whereas the user for user/pwd is someone else and you dont have authorizations to run the RFC??
And another thing, even if you can successfully run that RFC logging into R/3, your userid may not have RFC authorizations (which is required to do a RFC call). IF thats the case, you need to talk to your security/basis guys.
Lemme know if that could be the case in your situation.
Rajit
Message was edited by:
Rajit Srinivas -
Keychain password different from login password
I've gotten mixed feedback on this: What additional security, if any, is obtained by making your keychain password different from your login password?
I concede that if:
- any shoulder-lookers/keyloggers have equal access to the login and keychain passwords
- the login password isn't being used for anything else
- the login password isn't being stored in some other insecure location (maybe in a script for use in a sudo command)
- you're not using ftp/some other protocol w/insecure logins to connect to that computer and get data
then there is no reason to have separate login and keychain passwords.
But what I'm saying is that there are lots of little things (like those I mentioned above) that can be security holes that one simply doesn't think about. A user who is truly concerned about security may wish to simply have two separate passwords, thereby avoiding many (not all) potential insecurities.
ddr -
The Apple ID that appears in my iCloud account is different from the one I use every time I' m requested by Apple. I forgot the password for the iCloud id. I need to know how to change the iCloud id and make them both the same.
Is this a second hand iPhone?
-
I have an iCloud account that is different from my apple account. How can I recover the forgotten password
Hello Bgenie
If you have forgotten the password to that Apple ID, then go to My Apple ID and you will see and option to reset your password. You will need to answer the security questions or if you have a rescue email address set up you can get it sent to that email to reset the password. Check out the article for more information.
Apple ID: If you forget your password
http://support.apple.com/kb/ht5787
Regards,
-Norm G. -
How do I transfer all my Firefox saved passwords to my new hard drive and operating system? Going from xp to windows 7. I have the old hard drive hooked up as drive f. Can I copy and paste from old drive directory to new drive directory?
You need to copy 2 files, key3.db and signons.sqlite, from the old [[profiles|profile folder]] to the profile folder on the new computer.
-
Hello.
in Solaris 10 i need auditing process create, delete, privilege escalation, set and change password and etc... from users account and group.
I set settings:
in file syslog.conf:
*.info;mail.none;cron.none;audit.notice @IP-Remote-syslog-server-SIEM
in file /etc/security/audit_control:
dir:/var/audit
flags:lo,ad,ex,cc,am,no,fc,fd
minfree:20
naflags:lo
plugin:name=audit_syslog.so;p_flags=lo,ad,ex,cc,am,no
in file /etc/security/audit_user:
root:lo,ad:no
Now I see in the logs only the fact of a connection via SSH and run processes on behalf of users. Creation. delete users, change passwords for some reason do not is logged.
Many users. For each individual write permissions in the file /etc/security/audit_user not possible, it is likely to forget any new user (or there is a possibility in this file one line to describe the audits for all accounts?)
Where is the mistake?You are most likely hitting Bug 15779000 user/role/groupadd/mod/del don't audit their use.
And the fix is only available in S11.2.
-- Renaud
Maybe you are looking for
-
I have a new MacBook Air with a USB super drive. I put in a DVD and I get nothing. No Icon on the desk top, no help from DVD player. How do I get it to play and how to eject it now that it's in?
-
Installing Windows 7 on Macbook Pro 10.6.8
I'm trying to install windows 7 on mac using bootcamp assistant. But this thing keeps popping up in the middle of partition process. Any ideas?
-
How to use object collection with linked objects
<p>Hi,</p><p>I'm using VS2005 Crystal reports in a c# client app (server has database, but client does not have!). So the use of the objects transfered to the client seemed to me a good solution for showing reports on the client. The objects mostly l
-
is it possible to get a keyed-out (transparency)with alpha set to black, quicktime animation file from fcp to even remotely have anything to do with flash? i've already tried the stupid adobe media encoder and it still won't convert. is premiere the
-
Can a reader enabled form do this ... ?
I have a flowable Dynamic PDF form that pre-populates form fields based on a schema , etc. <br />It was designed using Live Cycle Designer 8.2 and Acrobat 9.0 . <br /><br />When I am using it with Acrobat - I usually go to <Forms> ... <Import Data> a