Apple races to fix password security flaw

Apple is scrambling to fix a newly discovered security flaw that enables people to access Mac computers without a password. 

The bug in MacOS High Sierra, the most recent version of the company’s computer operating software, was discovered by Turkish software developer Lemi Ergin, BBC News reports.

Ergin revealed on his Twitter page that anyone can log in to a Mac computer by entering the word “root” as the username, leaving the password field blank and then hitting the enter key a few times. 

Ergin, whose tweet has been shared “hundreds of thousands of times”,  has been criticised for publicly disclosing the security flaw, reports The Daily Telegraph. 

Developers typically notify the company in private and allow a fix to be issued before making the fault public, says the newspaper.  

According to Mac Rumors, the MacOS High Sierra “trick” allows users to bypass the administrator security systems and “see everything on the computer”. 

An Apple spokesperson told the website that the company was “working on a software update to address this issue”.

“In the meantime, setting a root password prevents unauthorised access to your Mac,” the spokesperson said. Click here for instructions on how to carry out the quick fix.  

Apple computers running older operating systems, such as El Capitan and Yosemite, are not believed to be affected by the security flaw.