On iOS there is the option to have the device delete all data after 10 failed login attempts. How can I have the same option on macOS so that my SSD gets deleted/reformated after x failed attemps to log into my user account?
MacOS – way to automatically format/delete the SSD after x failed login attempts
disk-formathigh sierraloginmacosSecurity
Best Answer
With on-board tools (and without using external services like "Find my Mac" & "Erase my Mac remotely" via iCloud) it's impossible to erase or reformat the boot volume with
diskutil ...
because the disk is busy.You can remove your user folder though:
The method below uses a password policy and depending on the state of the user login capabilities, a launch daemon and a bash script invoked by the daemon will remove the user folder.
Create a password policy plist on your desktop:
The user login capabilities will be disabled after 10 failed login attempts for 31536000 seconds (=one year).
Create a bash script rmuserdir.sh:
in /usr/local/bin/ and make it executable. Replace the string username with your user's name but keep the angle brackets in the if statement!
Create a launch daemon org.userdirrm.plist in /Library/LaunchDaemons/ with the content:
File owner and group has to be root:wheel and file permissions have to be 644. The daemon will run every 60 seconds. You can tweak this by changing the integer in the key StartInterval.
Import the password policy:
You have to enter your (authenticator=admin) password.
Launch the daemon:
You can test the set-up by creating a stub user, changing the username in the bash script temporarily and entering wrong passwords trying to login with this stub user. You can lower the number of failed login attempts to 3 in the password policy temporarily to shorten the test.
Tweaks:
adding the (rm) -P option in the shell script:
trying to remove the root folder instead of your user folder:
or
SIP protected files won't be removed/overwritten! To remove/delete/overwrite them also, you have to disable SIP.
man srm
for further options (I haven't tested this).In my opinion the method outlined above can be circumvented by booting to Single User Mode, launching the opendirectoryd with launchctl (after the obligatory file system check and mounting the boot volume to /) and removing all password policies with
pwpolicy -clearaccountpolicies
.Therefore formatting or erasing disks or folders to "gain security" isn't recommended. Instead encrypt your main volume with FileVault2 and use good passwords for all users.