Review this video. He makes a comment:
But all joking aside, this is serious stuff. This is like the highest level type of issue you could ever run in to. All your passwords, anybody out there with a password on a Mac running this version of High Sierra, you have no security right now, essentially.
My issue with this is simple - do not ever take pro advice from someone not pro in the field he or she is advocating for.
Yes, this is a very, very serious issue. That said, it is by far not the most serious type of vulnerability in IT. This is an example of a local vulnerability. You must have local access to the Mac in order to perform this hack. By local I mean local desktop access, and by default Mac does not allow for remote desktop access.
Far more serious is a remote vulnerability, whereby someone can compromise your system remotely without needing physical access. Reason is simple - there are 7.5 billion potential people out there that can attack you remotely, but there are only a handful of people in the world that has local desktop access to your Mac. This reduces your risk profile dramatically.
I am not downplaying this vulnerability, just stating that he has no qualification to be an authoritative voice on IT security.
Also, keep in mind if someone has local, physical access to your Mac or Linux or Windows PC, it is trivial to gain local administrator access to it. Computers have never been secure against local attacks when an attacker has physical access to your device. It will take only a couple of minutes longer than this vulnerability, but it is trivial nonetheless.
That is why you perform full disk encryption - that way your data is at least protected.