Skip navigation

HT4790: OS X: About FileVault 2

Learn about OS X: About FileVault 2

HT4790 What's the point if anyone can log into Recovery HD?

1153 Views 18 Replies Latest reply: Apr 9, 2012 8:03 PM by PauloRebelo RSS
  • Linc Davis Level 10 Level 10 (108,150 points)

    Is there any other option besides using FirmwarePassword + Filevault at the same time?

     

    Any option for what? What are you trying to do? If you think there's some way to stop people from destroying your data, forget it. Anyone who can put hands on the computer can destroy the data. The remedy for that is make multiple backups and store at least one of them off-site.

  • Topher Kessler Level 6 Level 6 (9,305 points)

    The firmware password will prevent:

     

    Resetting the PRAM/SMC

    Booting to another partition

    Taking any boot arguments (Safe Mode, Single User mode, etc.)

     

    If you couple this with FileVault, then you will have your desired setup of full password protection, in addition to the inability to recover your data by removing the hard drive. However, regardless of what you do, someone will ALWAYS be able to format your drive. There is no getting around this. Even a firmware password can be reset by altering the hardware configuration (removing or adding RAM, for instance), and the hard drive can always be removed from the system.

  • thomas_r. Level 7 Level 7 (27,055 points)

    You're manufacturing your own problems out of non-issues.

     

    If you are interested in preventing theft of data, you need encryption.  If you want to prevent loss of data, you need backups.  Without those two things, anyone who gets physical access to your computer can easily steal or destroy your data.

     

    Don't fool yourself - you can have all the firmware passwords in the world on your computer, and all I've got to do to steal unencrypted data is take the hard drive out, put it in an enclosure and read the data off of it.  This is just as true of Windows as it is of Macs.  And destruction of your data is even more trivial.

     

    If you have encryption and backups, nobody can steal or destroy your data.  No need for firmware passwords.

1 2 Previous Next

Actions

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • This solved my question - 10 points
  • This helped me - 5 points
This site contains user submitted content, comments and opinions and is for informational purposes only. Apple disclaims any and all liability for the acts, omissions and conduct of any third parties in connection with or related to your use of the site. All postings and use of the content on this site are subject to the Apple Support Communities Terms of Use.