Favicon

You are here: Home > Device Management > Apple > macOS > Commands > Unlock User Accounts

Unlock User Accounts

Learn how to remotely unlock macOS user accounts disabled due to failed login attempts using Applivery. Restore access and maintain security.

5 min read

TL;DR

Unlock blocked macOS user accounts remotely using Applivery to restore access and maintain security.

Managing user access issues is an essential part of maintaining smooth operations and security across corporate macOS devices.

Occasionally, a user account may become blocked after exceeding the allowed number of failed login attempts—typically due to password policies enforced. When this occurs, users may see the message “Your account has been disabled” after waiting and entering the correct password.

Warning

Users cannot attempt to enter the password again until the lockout period has fully expired. If the next password entered is incorrect, the lockout duration will increase.

This lockout cannot be removed using any command or script due to macOS security restrictions.

However, if the lockout period ends and the next password entered is correct, the user will still receive the “Your account has been disabled” message.

To restore access, you can remotely unlock the affected user account directly from the Applivery dashboard.

How to unlock a user account

1
Navigate to the target Device

Once in the Applivery Dashboard, go to any of your Devices (1) and open the Commands (2) tab.

2
Find the Device

Click + New command (3) and select Unlock User Account (4)

unlock user account

The command status should change to Done within a few minutes, after which you can notify the user so they can attempt to log in again.

Note

If the command remains Pending or does not change, check the following:

  • The Mac is connected to a valid, managed WiFi network.

  • The MDM profile is correctly installed and has the required permissions for user management.

Special cases: devices with FileVault enabled

If FileVault is active:

  • The unlock command will not work until the disk is unlocked at login using the user password or the FileVault recovery key.

  • If the user cannot unlock the disk, the only solution is to reset the password through Recovery Mode using the FileVault Recovery Key.

Recommendations

To maintain efficient and secure account management:

  • Periodically review password policies and lockout thresholds applied via Applivery.

  • Communicate expected wait times and unlock procedures to users to reduce confusion.

  • Document each unlock request or support action for proper traceability.

By keeping these practices in place and maintaining clear communication with users, you can quickly and proactively resolve account lockouts, reinforcing security and improving the user experience across your macOS fleet.

Key Takeaways

  • macOS accounts can be remotely unlocked using Applivery after lockout.
  • FileVault requires the disk to be unlocked before an account can be unlocked.
  • Regular review of password policies is essential.
  • Clear communication with users about lockout procedures is important.