openssl enc -aes-256-cbc -e -in fileToEncrypt -out encryptedFileThe password will be asked twice for safety.
openssl enc -aes-256-cbc -d -in encryptedFile -out fileToEncryptThe password will be asked.
A firmware password offers an advanced level of protection : it is a lower level layer of security that is set on the actual Mac logicboards firmware, rather than at the software layer like FileVault encryption or the standard login password.
The result of setting an firmware password is that your Mac can't be booted from an external boot volume, single user mode, or target disk mode, and it also prevents resetting of PRAM and the ability to boot into Safe Mode (e.g. to reset an user password), without logging in through the firmware password first.
This effectively prevents a wide variety of methods that could potentially be used to compromise a Mac.
Setting a firmware password is rather simple :
On regular restart or boot of your Mac, nothing will change.
It's only when attempting to boot from alternate methods that you'll have to enter it.
You're using one of these methods when you attempt to boot from an Mac OS X installer drive, an external boot volume, Recovery Mode, Single User Mode, Verbose Mode, Target Disk Mode, resetting the PRAM, or any other alternative booting approach.
As you can see, there are no hints or details provided on the screen.
An incorrect firmware password does nothing and offers no indication of login failure except that the Mac won't boot.