LuckyIsDog

Q: If I used FileVault 2 and forgot my recovery key, and reinstall new Mac OS X, will my old encrypted data be vulnerable?

Hello,

 

I was wondering if I used Mac OS X's FileVault 2 and forgot the recovery key, then reinstalled Mac OS X in recovery mode, would that leave my old encrypted data vulnerable? I ask this because I am selling my 2014 MacBook Pro with an SSD that does not have a secure erase free disk space feature on El Capitan. I ran boot camp on it and had family photos, work documents, etc on it. I got rid of the Bootcamp partition by expanding my Mac OS X over it, however, that does not satisfy me in knowing that my boot camp partition was securely deleted. I was wondering if it was like iPhone's erase settings and content feature where the system actually destroys the decryption key.

MacBook Pro, Mac OS X (10.7.3)

Posted on May 2, 2016 10:05 AM

Close

Q: If I used FileVault 2 and forgot my recovery key, and reinstall new Mac OS X, will my old encrypted data be vulnerable?

  • All replies
  • Helpful answers

  • by Duane,Apple recommended

    Duane Duane May 2, 2016 10:16 AM in response to LuckyIsDog
    Level 10 (124,018 points)
    May 2, 2016 10:16 AM in response to LuckyIsDog

    If you forget the password or recovery key for FileVault the data will not be available for you or anyone else.

  • by keg55,Apple recommended

    keg55 keg55 May 2, 2016 10:19 AM in response to LuckyIsDog
    Level 6 (8,407 points)
    Mac OS X
    May 2, 2016 10:19 AM in response to LuckyIsDog

    You should reinstall the version of OS X that came pre-installed on your Mac. Click on this -> What to do before selling or giving away your Mac. There are a few things you have to do prior to completely erase/repartitioning the Macintosh HD and reinstalling OS X.

  • by LuckyIsDog,

    LuckyIsDog LuckyIsDog May 2, 2016 10:19 AM in response to Duane
    Level 1 (4 points)
    Mac OS X
    May 2, 2016 10:19 AM in response to Duane

    Thanks for your reply! Do you know the best way to "forget"? Is there a recovery key stored in my keychain that I should remove, etc?

  • by Linc Davis,

    Linc Davis Linc Davis May 2, 2016 12:48 PM in response to LuckyIsDog
    Level 10 (207,958 points)
    Applications
    May 2, 2016 12:48 PM in response to LuckyIsDog

    Before you sell or give away your computer, in addition to the steps listed in this support article, please take these steps:

    1. Run Apple Diagnostics or the Apple Hardware Test. The buyer will do this (or he should), and you don't want to be surprised by the results.

    2. Reset the PRAM and the SMC, which might contain personal information.

    3. If you set a firmware password, remove it by running Firmware Password Utility in Recovery mode.

    4. If you activated FileVault in OS X 10.7 or later, turn it off.

    5. If you use Boot Camp, the partition must be deleted.

    6. If you created any other data partitions on the internal drive, remove them in Disk Utility.

    7. If the machine has an internal hard drive, erase the one remaining data partition with the option to zero out data. An SSD doesn't need to be zeroed.

    8. Remove the machine from your list of registered products. If it's still covered by an AppleCare Protection Plan, transfer the coverage to the new owner by following the instructions in the AppleCare Terms and Conditions (under the heading "Transfer of Plan.")

    Also note:

    You can't legally or practically transfer any software downloaded from the Mac App Store to the new owner of the machine, even if it was free. That includes OS X, so if you upgraded to OS X 10.7 or later, you must reinstall an older OS, either from the installation media, if applicable, or by starting up in Internet Recovery mode (option-command-R at the startup chime.) If you installed from physical media, deliver those to the new owner.

    Replacements for the original media can be ordered from Apple.

    If the machine shipped with OS X 10.4 or 10.5, then you may be able to install on it from a retail Snow Leopard` disc (which you must then transfer to the buyer.) To run Snow Leopard, the machine needs at least 1 GB of memory. The buyer should understand that if he doesn't get the original media from you, he won't get the bundled iLife applications or the Apple Hardware Test.

    The new owner will have to redownload any software that came from the App Store, if applicable, including OS X upgrades, under his or her Apple ID. If you ever updated the bundled iLife applications (Garage Band, iMovie, and iPhoto) through the App Store, you can't transfer those either. The buyer will have to purchase them. Note that iPhoto has been discontinued and is no longer available for purchase.