Q: Deleting accounts does not remove FileVault decryption
Using Mountain Lion I have FileVault whole-disk encryption enabled on my Mac’s system drive. Today I removed a few accounts from my machine as I no longer had need for them.
After deleting the accounts, they have been removed from System Preferences -> Users and Groups preference pane, but when I reboot the EFI decrypt screen still include the deleted accounts. Entering their passwords decrypts Filevault and system startup commences.
This is, of course, not what I wanted. I would like all traces of the accounts I removed to be deleted – and I particularly do not want them to be able to decrypt FileVault, essentially rendering it useless. This is so contrary to user intention it must be considered a bug?
A workaround, had I not already removed the accounts, I guess I could have changed their password to something really complicated, but I can’t even do that.
Any ideas? Pretty please?
MacBook Pro (15-inch 2.4/2.2 GHz), OS X Mountain Lion
Posted on Aug 20, 2012 11:53 AM
Ok, mine just finished encrypting. And it seems the only way to remove users from the decrypt list is to turn off Filevault, allow it to decrypt, and then re-activate Filevault so that only the correct user accounts can access the system. I have exactly the same screen as you and after a bit of Googling, this seems to be the only way without doing some very user-unfriendly modifications to the system. Not the greatest answer, but I hope it helps!
Posted on Aug 22, 2012 11:08 AM
