manage filevault

I don't know about the new Mac, but on the old Mac you can easily fix the password issue with Filevault for the admin user account. Go to the "Security & Privacy" System Preferences. There is a "Change password" option there. While logged into the admin user account, change the password here. It will re-sync the login password with the Filevault password. That has been the easiest way I have discovered for fixing the Filevault issue on the Intel Macs. This process does not seem to affect the other macOS user accounts, but best to have a good backup just to be safe.

FYI, changing the user account password under "Users & Groups" will not re-sync the Filevault password with the login password. The only other option would be to turn off Filevault, then re-enable it.

With 2018+ Macs and Filevault, things get complicated because now you have the security enclave chip involved in the process which involves a black box of unknowns about how everything works now (I've seen several bugs when it comes to authenticating). If you cannot resolve the issue on the new Mac, then I would suggest starting over on the new Mac by either performing a clean install, or better yet a firmware "Restore" followed by another migration once you have resolved the Filevault issue on the old Mac. Get it resolved before you become too invested in the currently broken setup.

2023may wrote:

I got a new Apple sillicon mac running Ventura and used the Migration Assistant to transfer files from the Time Machine backup of my old Intel based Mac running Catalina.

On the Catalina setup I have 2 users - 1 standard user that is able to unlock FileVault and 1 admin user that cannot unlock (and hence can only log on AFTER the machine has already been unlocked by the standard user).

Migration Assistant allowed me to "set" the password for the Admin user and generated a password for the Standard user (which I was able to change after migration).

I can use the admin user to do any elevated stuff in Ventura, like I used to on Catalina. Except enable FileVault from the GUI. In Ventura, when I go to Privacy & Security and push the Turn On button for FileVault, the prompt to enter an admin user comes up and the above admin user/password combination that works for all other elevated stuff is not accpeted by Ventura!

sysadminctl -secureTokenStatus for both the users shows that one is set for each. I can also sudo as the admin user and run fdesetup to enable FileVault for the standard user.

BUT I would like to do it from the GUI as I feel fdesetup isn't encrypting the whole drive. Please advise!

You can try turning off FileVault on all accounts and compare your results...

Turn off FileVault encryption on Mac - Apple Support

Mac with an Apple T2 chip or SoC both M1 & M2, the data on your drive is already encrypted automatically.

Secure Enclave - Apple Support