macOS FileVault User Experience
Use this guide as a reference for what to expect when FileVault disk encryption is enabled on your UMD Managed macOS computer.
- What is FileVault disk encryption
- FileVault is the macOS built-in disk encryption feature. It's designed to encrypt your Mac's hard drive and all of the files located on the drive. FileVault full-disk encryption (FileVault 2) uses XTS-AES-128 encryption with a 256-bit key to help prevent unauthorized access to the information on your startup disk. Once FileVault is enabled on your Mac, all existing data will be encrypted. From then on, any new and changed data will be automatically locked down and password protected on boot to prevent unauthorized access.
- How do I unlock a FileVault encrypted Mac?
- Unlocking a FileVault encrypted MacBook is completed during login using your password. The drive will be unlocked after a system boot or reboot.
- What happens when I change my Mac password?
- When you change your password, the FileVault password is synced at the time of change.
- What happens if you forget your password and can't unlock your Mac?
- Please contact the DIT Service Desk and they will be able to provide a passcode to unlock the Mac drive.
1. When the FileVault disk encryption policy has been enabled on your UMD managed macOS computer, you will see the following notification. The computer will restart and display a prompt to enable disk encryption.
2. After the computer restarts, the following message will be displayed. Please click Enable Now to begin encryption.
3. After clicking Enable Now, FileVault disk encryption will begin. Click OK or wait until the Enabling FileVault on your system message goes away.
To verify that FileVault disk encryption has been enabled, follow these steps.
- Open System Preferences and click Security & Privacy.
- Click on the FileVault tab.
- The status will say FileVault is turned on and a recovery key has been set.