Hidden Admin Acccount

JefferyAnderson
Contributor

In the past, we have never hidden the admin account. I'm testing with it hidden. One problem I have noticed is that when I had to go to Startup Security on a T2 enabled MacBook Pro I had to enter a user password. The only user available in the dropdown was the one user account on the device and not the hidden admin. If this was a former employee's device I would not have their password and would not be able to change startup options. Also, since we have FileVault enabled, we wouldn't even be able to boot into recovery mode and wipe the device without the user's password.

How do we accomplish wiping a drive and changing startup security options if we don't have a visible admin account?

2 REPLIES 2

JefferyAnderson
Contributor

Never mind. I just realized we can use the FileVault Personal Recovery Key to unlock the drive in Recovery Mode.

PaulHazelden
Valued Contributor

You should be able to select some other log in, when it shows the pre populated section with the visible account. Usually a bit of text under the user account picture.
This will get you to a standard log in, where you can type in the hidden admin account name and password.