The security vulnerabilities discovered this time is just as serious. Only simple terminal commands are needed to see the password in macOS 10.13.1. Fortunately, this issue has been fixed in the latest version of macOS High Sierra.
After converting unencrypted APFS to the encrypted APFS file system, this bug still exists. However, converting non-APFS to APFS and then encrypting this bug will not happen. In the macOS 10.13.1 system, you only need to use the following command in the terminal application to see the clear text password.
log stream –info –predicate ‘eventMessage contains “newfs_”‘
Source, Image: mac4n6