Password recovery from beyond the grave

On Call Every disaster recovery plan needs to contain the “hit by a bus” scenario. But have you ever retrieved a password from beyond the grave? One Register reader has. Welcome to On Call.

Today’s tale, told by a reader Regomized as “Mark” takes us back some 15 years when he was handling the IT needs for a doctor’s office. The job was relatively simple and involved keeping the systems up and running as well as taking the odd call when things went wrong and he wasn’t on-site.

His contact at the practice worked at the reception desk, and Mark would exchange pleasantries with this individual on his way to deal with whatever that day’s needs were. This went on for some time until there was a mysterious lull in contact. There was not a peep from the office until, after a few months, the on-call phone rang. It wasn’t his usual contact, and Mark was asked if there any chance he could pop by?

Readers can probably guess what came next, but Mark was oblivious. He turned up and headed directly to where his usual contact sat. But there was somebody else in the chair, staring blankly at an iMac screen.

It transpired that his contact had unexpectedly passed away (it actually turned out they had been poorly for some time.) Their sudden departure had therefore come as a shock and, it appeared, had been so sudden that no handover of how the back office worked had been done.

Luckily, Mark had set up most of the systems and had a backup administrator account. He was therefore able to log in and get things up and running… except for getting access to the recently deceased’s home folder.

This was a problem. His contact dealt with all the correspondence for the office and had, without his instruction, enabled FileVault. This was a problem.

FileVault had been introduced with Mac OS X Panther in 2003. It allowed the user to encrypt their home directory to keep data safe from prying eyes. Unfortunately, the data was a little too safe; neither Mark nor any of the office staff had any idea what password was used and his backup account was of no use. He knew a few of the user’s old passwords and tried some combinations, but had no luck.

The data was essential (it always is) and Mark explained to the office management what their former employee had done and that it would take a bit more research and effort to get around the issue.

Amid all the headscratching and an undoubted wish that someone had come up with a disaster recovery plan for this very scenario came an unexpected invitation. Would Mark like to go to the funeral?

Our hero was taken aback. However, he liked the late office worker and so – yes – he’d pay his respects.

The ceremony was a few days later and Mark opted to also attend the subsequent wake. While partaking in some of the free food and drink on offer, he gave his condolences to the deceased’s coworkers, also hoping to glean some clue as to what the password might be. No joy, although we’d have to mutter… “not the time or place” for testing the cybersecurity waters.

He was about to give up when an someone shuffled up to him.

“Are you Mark?” she queried.

Yes, yes he was.

“I’ve been asked to give you a letter,” said the woman.

Mark took the envelope and opened it, more than a little nervous about what might be about to come from beyond the grave.

He unfolded the paper, and handwritten in its centre was a single word.

Could it be…?

“Bingo!” Mark told us, “I tried later that day and was able to unlock the good doctor’s personal correspondence over the last dozen or more years.”

Sadly, Mark’s story does not end so well: “I was rewarded for that success a few months later by being informed that they no longer had any need of my services.”

Ever been approached by someone at a funeral proffering messages from the great beyond? Or is your disaster recovery planning so effective that not even the demise of user can stop the great IT machine ticking over? Tell us, with an email to On Call. ®

READ MORE HERE