macOS FileVault User Experience

Use this guide as a reference for what to expect when FileVault disk encryption is enabled on your UMD Managed macOS computer.

What to expect during encryption

When the FileVault disk encryption policy has been enabled on your UMD managed macOS computer, you will see the following notification. When you click submit, the computer will restart or you can defer this action for up to 1 day. Once the computer is restarted, log in normally to begin the encryption process.
After the computer restarts, the following message will be displayed. Please click Enable Now to begin encryption.
After clicking Enable Now, FileVault disk encryption will begin. Click OK or wait until the Enabling FileVault on your system message goes away.
Top

To verify that FileVault disk encryption has been enabled, follow these steps.

What is FileVault disk encryption
- FileVault is the macOS built-in disk encryption feature. It's designed to encrypt your Mac's hard drive and all of the files located on the drive. FileVault full-disk encryption (FileVault 2) uses XTS-AES-128 encryption with a 256-bit key to help prevent unauthorized access to the information on your startup disk. Once FileVault is enabled on your Mac, all existing data will be encrypted. From then on, any new and changed data will be automatically locked down and password protected on boot to prevent unauthorized access.
How do I unlock a FileVault encrypted Mac?
- Unlocking a FileVault encrypted MacBook is completed when you log in using your password. The drive will be unlocked after a system boot or reboot.
What happens when I change my Mac password?
- When you change your password, the FileVault password is synced at the time of change.
What happens if you forget your password and can't unlock your Mac?
- Please contact your Departmental IT support or the DIT Service Desk and they will be able to provide a passcode to unlock the Mac drive.