Does this problem allow file vault access? Unless I read it wrong (totally reasonable in my jet lagged state), this won't reset your keychain either.

`dscl` should change the FileVault disk password for the associated user as well.

Note that if you're able to run `dscl`, the disk has already been unlocked and is insecure. You may as well just copy any interesting data while you're there.

I'm wondering the same thing. I use filevault, but I don't feel like messing it up by changing the password this way.

I wonder if you can reset the password and use that password to simply disable the filevault.

Btw. My five cents. Write a script to: 1. change current users password to X 2. sudo "something really bad" 3. use password X

And there is a virus that can do anything on a mac. If you can change the password of the current user and he/she is an administrator, then any application can escalate to SU.

Yea with this I'd be worried about something doing that, making a new hidden user and then setting the password on the original account back leaving no immediately visible signs that anything is wrong.

Reverting the pw assumes you knew it in the first place, and thus didn't need to change/reset it.

The article also shows how you can obtain the current password hash without knowing the password - so you might be able to stash that away, and then surgically put the old hash back once you're root.