I frequently see people buying used macs that are locked and end up with bricks. The number of things to check are numerous and different depending on the version of MB and macOS.
Wiped Drive without macOS
I have seen seller wipe their disk completely without macOS to sell the macbook. It will take awhile to network install macOS (1/2-1 hour) before going through all these checks. This makes for a longer purchasing effort but you probably don't want to skip all these checks.
Wiping the drive completely is unnecessary with recent macOS (Since Monterey? Can't remember) as macOS can completely wipe everything besides a basic macOS installation just like iOS resets. But seller sometime don't know this and still completely wipe the drive.
Internet Connection
Many checks will need internet connection. Sometimes meeting seller at locations without wifi. Bring a cell phone with hotspots for your own portable internet connection.
If need to network install macOS on a wiped drive, obviously want a decent speed internet connection.
Command Lines
Need to know how to use terminal commands. May need terminal command "sudo" which requires knowing the administrator privilege password.
Purchase Date
This is listed on apple warranty status website by pluggin in SN. Furthermore, if you get lucky, it might have 1-2 years of AppleCare+ remaining which shows on this check.
Coverage - Check Device Coverage (apple.com)
Battery Cycle Count and Maximum Capacity
For macOS Ventura How to Check Battery Cycles on MacBook Air (M1 or M2 ) - YouTube
For macOS Monterey
< 150 cycles is probably pretty good. 400-500+ is probably pretty worn.
SSD Wear
This requires installing software. Probably worth bring the software installer on USB stick (make sure have adapter to USB-C for USB-C port only Macs)
DriveDx - the most advanced drive health diagnostics and monitoring utility (binaryfruit.com)
S.M.A.R.T. Monitoring Tools - Browse Files at SourceForge.net
DriveDx has 15 day trial so won't be able to use if already installed previously > 15 days ago.
For smartmontools, need to option key + right click and select "open" on drop down menu to allow installing from unidentified developers. After install
diskutil list
This list all the drives. Want to find the internal SSD which is usually disk0
/usr/local/sbin/smartctl -a /dev/disk0
Looks for amount of data written. It can output in 2 styles
Data Units Written: 255,568,612 [130 TB]
175 Host_Writes_MiB 0x0022 099 099 000 Old_age Always - 107320216 (this is 107 TB)
< 50TB is pretty good. Towards 200+ is more worn.
iCloud
iCloud check. This is the easiest check. Just check to see iCloud is not signed in. However, on older macs, I think its possible to wipe disk, reinstall macOS while previously signed into icloud with Find My turned on. So best to sign into your icloud to be sure.
Its probably desirable to sign into your own icloud just to be 100% sure. I've made a dummy empty icloud account just for this purpose when buying used macbooks.
MDM DEP Lock
There are corporate owned Macbooks being sold. Often these will be MDM DEP locked. MDM DEP lock isn't necessarily stolen as when companies cycles out used Macs, IT often don't remove these. These are some workarounds for older Macbooks but I think effectively bricks the newer macbooks. Best to not have these locks. Enter terminal command "profiles status -type enrollment" to check
MBP-M1 ~ % profiles status -type enrollment
Enrolled via DEP: No
MDM enrollment: No
EFI Lock (Intel Only)
Intel Macs EFI firmware can have a password which prevents booting macOS volume stored on external drives. I think also prevents from entering recovery. Enter terminal command "sudo firmwarepasswd -check" to check
Reset and Activate (Apple Silicon on Monterey and Ventura)
Most Apple Silicon Macs should be on Monterey and Ventura now which can reset and activate quickly. The seller of course has to agree to wipe all user data from the Mac. Activation require a network connection.
macOS Monterey: How to Erase and Factory Reset your Mac! [Hard Reset] - YouTube
I think Big Sur and older macs are more complex. Will skip here.
Administrator Account and Password
If reset and activate, this is not necessary. If not, then need to make sure can log into a Administrator privileged account and password so you have the rights to do administrative tasks on the Mac.
Note admin priviledge won't help in case of MDM DEP iCloud and EFI lock. It just give you full privilege to do other necessary tasks on the mac.
Time Consuming Steps
There are 3 cases where seller "wipes" the storage that makes doing these checks time consuming
====
Anyhow, quite a few things to check. Maybe practice on a macbook you have access to before buying a used mac. Or if its too much computer skill, maybe get someone with knowledge to help check.
Wiped Drive without macOS
I have seen seller wipe their disk completely without macOS to sell the macbook. It will take awhile to network install macOS (1/2-1 hour) before going through all these checks. This makes for a longer purchasing effort but you probably don't want to skip all these checks.
Wiping the drive completely is unnecessary with recent macOS (Since Monterey? Can't remember) as macOS can completely wipe everything besides a basic macOS installation just like iOS resets. But seller sometime don't know this and still completely wipe the drive.
Internet Connection
Many checks will need internet connection. Sometimes meeting seller at locations without wifi. Bring a cell phone with hotspots for your own portable internet connection.
If need to network install macOS on a wiped drive, obviously want a decent speed internet connection.
Command Lines
Need to know how to use terminal commands. May need terminal command "sudo" which requires knowing the administrator privilege password.
Purchase Date
This is listed on apple warranty status website by pluggin in SN. Furthermore, if you get lucky, it might have 1-2 years of AppleCare+ remaining which shows on this check.
Coverage - Check Device Coverage (apple.com)
Battery Cycle Count and Maximum Capacity
For macOS Ventura How to Check Battery Cycles on MacBook Air (M1 or M2 ) - YouTube
For macOS Monterey
< 150 cycles is probably pretty good. 400-500+ is probably pretty worn.
SSD Wear
This requires installing software. Probably worth bring the software installer on USB stick (make sure have adapter to USB-C for USB-C port only Macs)
DriveDx - the most advanced drive health diagnostics and monitoring utility (binaryfruit.com)
S.M.A.R.T. Monitoring Tools - Browse Files at SourceForge.net
DriveDx has 15 day trial so won't be able to use if already installed previously > 15 days ago.
For smartmontools, need to option key + right click and select "open" on drop down menu to allow installing from unidentified developers. After install
diskutil list
This list all the drives. Want to find the internal SSD which is usually disk0
/usr/local/sbin/smartctl -a /dev/disk0
Looks for amount of data written. It can output in 2 styles
Data Units Written: 255,568,612 [130 TB]
175 Host_Writes_MiB 0x0022 099 099 000 Old_age Always - 107320216 (this is 107 TB)
< 50TB is pretty good. Towards 200+ is more worn.
iCloud
iCloud check. This is the easiest check. Just check to see iCloud is not signed in. However, on older macs, I think its possible to wipe disk, reinstall macOS while previously signed into icloud with Find My turned on. So best to sign into your icloud to be sure.
Its probably desirable to sign into your own icloud just to be 100% sure. I've made a dummy empty icloud account just for this purpose when buying used macbooks.
MDM DEP Lock
There are corporate owned Macbooks being sold. Often these will be MDM DEP locked. MDM DEP lock isn't necessarily stolen as when companies cycles out used Macs, IT often don't remove these. These are some workarounds for older Macbooks but I think effectively bricks the newer macbooks. Best to not have these locks. Enter terminal command "profiles status -type enrollment" to check
MBP-M1 ~ % profiles status -type enrollment
Enrolled via DEP: No
MDM enrollment: No
EFI Lock (Intel Only)
Intel Macs EFI firmware can have a password which prevents booting macOS volume stored on external drives. I think also prevents from entering recovery. Enter terminal command "sudo firmwarepasswd -check" to check
Reset and Activate (Apple Silicon on Monterey and Ventura)
Most Apple Silicon Macs should be on Monterey and Ventura now which can reset and activate quickly. The seller of course has to agree to wipe all user data from the Mac. Activation require a network connection.
macOS Monterey: How to Erase and Factory Reset your Mac! [Hard Reset] - YouTube
I think Big Sur and older macs are more complex. Will skip here.
Administrator Account and Password
If reset and activate, this is not necessary. If not, then need to make sure can log into a Administrator privileged account and password so you have the rights to do administrative tasks on the Mac.
Note admin priviledge won't help in case of MDM DEP iCloud and EFI lock. It just give you full privilege to do other necessary tasks on the mac.
Time Consuming Steps
There are 3 cases where seller "wipes" the storage that makes doing these checks time consuming
- Wipe the macOS completely. This require 1/2 hour worth of macOS installation and setup before can conduct the above checks.
- Wiped the macOS but require Setup. This require 5-10min going through the setup process to setup an account and perform the above checks.
- Have an macOS that is too old. Some of the above checks can not be done in El Capitan or even older macOS.
====
Anyhow, quite a few things to check. Maybe practice on a macbook you have access to before buying a used mac. Or if its too much computer skill, maybe get someone with knowledge to help check.
Last edited:
