On Tuesday, a macOS 10.13.1 security issue was revealed—a flaw that allows root access to a Mac without the need for a password. Developer Lemi Orhan Ergin tweeted that anyone can log into a Mac by entering the user name root without a password. The first time you try to login, it won’t work. But if you try it again, you will be granted access. Here’s Erign’s tweet:
Dear @AppleSupport, we noticed a HUGE security issue at MacOS High Sierra. Anyone can login as “root” with empty password after clicking on login button several times. Are you aware of it @Apple?
But here is a simple temporary fix:
Is listed step by step here.
Or you you want to do an even easier fix follow these steps:
– Open Terminal
– Enter sudo passwd root
– Enter your password
– Now enter a new password for root
– Verify by entering the new password again
– Now your done
Do note when a patch arrives you will have to change your root password again, this is just a temporary fix.