Are new systems encrypted?
I presume new computers purchased from Apple come with Mojave preinstalled. I’m wondering if these systems come with encryption turned on by default for the system drive.
Thanks very much.
Question marked as
FileVault is not just encryption.
FileVault also adds the magic that allows certain users to decrypt the drive and immediately log in to their account.
First iterations of FileVault2 required certain designated users to decrypt the drive before anyone could log in. Now, those users are immediately logged into their accounts when they "log in" on the FileVault decryption login window.
The T2 chip encrypts the drive on those Macs, regardless of FileVault.
If you enable FileVault on one of them, you get the Login/Decrypt feature of FileVault, but the drive remains encrypted by the T2 chip.
So, FileVault is not enabled on T2 Macs, but the drive is encrypted.
If you want to control the decryption process with a user login password, you would need to enable FileVault.
The drive is not encrypted by FileVault, the login/decrypt function is tied to the decryption key on the T2 chip.
