When you set up OS X for the first time, your initial account will be an administrative one, allowing you to configure the system and install applications. Albeit rare, errors that occur when upgrading or restoring from backup, or otherwise when making heavy modifications to the system, could result in your admin account being destroyed so you cannot log in to it or use it for changing system settings.

If it happens then one quick but well-known and convenient trick for recovering administrative status on a system trigger Apple’s Setup Assistant tool. This will run before any accounts have been loaded, and will run in “root” mode, allowing you to create accounts on your Mac.

Even though the Setup Assistant only runs once when you first install OS X, it remains on your computer and is prevented from running by the presences of a hidden file called “.AppleSetupDone” in a system folder on your Mac. Therefore, to have the Setup Assistant run again so you can create a fresh admin account, you simply need to remove this file:

1. Reboot your Mac and hold Command-S at the boot chimes to load into Single User mode.
2. At the command prompt, run the following command to make the filesystem writable:

   mount -uw /

3. Run the following command to remove the hidden file:

   rm /var/db/.AppleSetupDone

When complete, enter “reboot” and the prompt to restart the system, and you will now see the Setup Assistant load when OS X starts up. Proceed through its various screens, and create your new account. You might consider using a different username than any previous accounts on the system, to ensure there are no conflicts with the present and faulty accounts.

Now you can log into the new admin account, and better manage the prior ones on your system, including deleting and recreating them accordingly.

Given that this method can be used to gain administrative access to OS X systems, you might be concerned about security risks it poses. Granted, if you have sensitive documents on your system, then anyone can reset account passwords or get admin access in this way, and be able to access the documents; however, there are a few steps you can take to ensure your system is safe.

First, be sure all sensitive material on your system is password-protected. This means that instead of leaving your financial and medical information directly on your hard drive, consider using encrypted disk images or other encryption options to ensure they are not accessible. Even if someone gains access to your account, without your keychain password or the password for the encrypted files, they will not be able to access them. Along these lines, you might also consider enabling FileVault and encrypting any external drives you use with your Mac (including Time Machine backups), to secure access to your files.

The next option is to set a firmware password for your Mac, which will prevent booting to alternative boot modes and external disks. To do this, reboot to the OS X installation drive (be it a DVD or the Recovery HD partition in OS X Lion or later), choose your language when prompted, and then choose the “Firmware Password” option in the Utilities menu. Enter your password in the appropriate fields, and then nobody will be able to reset PRAM, boot to Safe Mode, Single User mode, or to alternative boot drives unless they either disable the password or supply it when prompted.