CPS NEWS STAND PROFESSIONAL NEWS. PROFESSIONAL ADVISE.
Login Vulnerability Found On MacOS High Sierra
Anyone can login as “root” with empty password on MacOS High Sierra
On startup, click on "Other"
Enter username: root and leave the password empty. Press enter. (Try twice)
If you're able to log in (hurray, you're the admin now), then head over to System Preferences>Users & Groups and create a new Admin account.
Now restart and login to the new Admin Account (you may need a new Apple Id). Once you're logged into this new Admin Id, you can again proceed to your System Preferences>Users & Groups. Open the Lock Icon with your new Admin ID/Password. Assign "Allow user to administer this computer" to your original Apple ID. Restart.
If you're unable to login at startup using username: root and empty password, then login with your existing account (standard user).
Again, head over to System Preferences>Users & Groups. Click on the Lock Icon. When prompted for username and password, type username: root and leave the password empty. Press enter. This might throw an error, but try again immediately with the same username: root and empty password. This should unlock the Lock Icon. If it does, try Solution 1 next.
P.S. Solution 2 worked for me. No idea how or why. Hope this helps.