Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

User profile for user: Sammy Stefanki
Sammy Stefanki Author
User level: Level 1
85 points

Single filevault password

Hi everyone,


New Lion user here with a quick question regarding how FileVault is different from Snow Leopard. Yesterday I made the switch from Legacy FileVault to Lion's new FileVault on my MacBook's primary user account. After I decrypted my primary user account, I re-encrypted it using Lion's FileVault and set a new recovery key and everything. I then decrypted a secondary user account I have on my MacBook and went to bed, thinking that the account would decrypt over night and I could re-encrypt and set a recovery key for it when I woke up this morning.


The issue I have stems from the fact that when I woke up this morning, the secondary user account appears to already be encrypted using Lion's new FileVault. I don't see how that is possible (considering I never set a new recovery key for this secondary user account, as I was asleep when it completed "turning off" Legacy FileVault), unless the recovery key I set for the primary user account earlier in the day now applies to every single user account on the computer.


Does anyone here who is familiar with FileVault know if that is indeed the way the new FileVault works, i.e. that it only has you create one recovery key for your entire hard drive instead of different recovery keys for each user account? I just want to make sure that I haven't created a situation where I only have the recovery key for one of my user accounts, but not for the other.


Thanks a lot!

Mac OS X (10.7.3)

Posted on Feb 9, 2012 7:34 AM

Reply
Question marked as Best reply
User profile for user: Tony T1
Tony T1
User level: Level 6
10,232 points

Posted on Feb 9, 2012 7:43 AM

If you haven't already, take a look at: http://support.apple.com/kb/HT4790

View in context
2 replies
User profile for user: Sammy Stefanki
Sammy Stefanki Author
User level: Level 1
85 points

Feb 9, 2012 8:20 PM in response to Tony T1

This is a very helpful link, Tony; thank you. I understand FileVault 2 much better now.


However, I still have one last question that (hopefully) you or someone else can answer. Is there only one recovery key per machine (i.e. will the recovery key that I created using my primary user account also work to decrypt the secondary user account on my machine if I ever--heaven forbid--forget my FileVault password)? Or does each user account on each machine have a different FileVault recovery key?


The reason I inquire is that I was only asked to create a recovery key when I activated FileVault 2 from my primary user account. I was not asked to create a recovery key when I activated FileVault 2 on my secondary user account, and I want to be sure that I didn't miss something somewhere. The last thing I want to have happen is to need a recovery key for my secondary user account, have it be different from the recovery key I created through my primary user account, and be unable to get back into my secondary user account as a result.


Thanks so much for your help!

Reply

Single filevault password

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.
Learn more Sign up