I’ll share a story about how macOS passwords can be easily reset, so we should set firmware passwords as a countermeasure.
I heard the scary story that “if a Mac is stolen, passwords can be easily reset,” so I’ll introduce password reset methods and countermeasures.
If you can't log in with the new password after restarting your Mac, follow these additional steps:
- Restart again, then immediately press and hold Command-R or other macOS Recovery key combinations until you see the Apple logo or spinning globe, then release.
- When the "macOS Utilities" window appears, choose Utilities > Terminal from the menu bar.
- In the Terminal window, type "resetpassword" and press Return to open the "Reset Password" assistant shown above.
- Select "Password doesn't work when logging in" and click Next, then follow the onscreen instructions for your user account.
Source: Change or reset the password of a macOS user account - Apple Support (macOS ユーザアカウントのパスワードを変更またはリセットする - Apple サポート)
That’s all from the Gemba on wanting to take countermeasures so that resetpassword cannot be used if a Mac is stolen.