User profile for user: kat.s
kat.s Author
User level: Level 1
0 points

Filevault password not updating

Hello,


I'm an IT professional and have been setting up some MacBooks for our users recently. Company policy is that ALL laptops must be encrypted and the easiest way for us to do that is with Filevault.


I've set up three so far in the past few weeks that have come shipped with Yosemite and I'm having a few problems.


I do all the config I need, and create a local administrative account for the user. The last step I do is encrypt using Filevault. The user then comes to see me, resets their password (via System Preferences > Users & Groups while logged in as me) Then, if they reboot the MacBook, they are unable to login through Filevault. If I log in first, however, and log out instead of shutting down, they can then log in. It is like the system isn't updating the Filevault password?


On one MacBook, decrypting and re-encrypting the drive appeared to resolve the issue, however I've been working on one this afternoon where this has not worked. I've reset the user's password twice - it accepts the older one for Filevault, but then returns to the login screen where the newer password is accepted.


I was wondering whether anyone else had this problem, and what they have done to fix it? We didn't have any trouble like this in Mavericks!


Note: the affected machines are all MacBook Pros, running 10.10.2


Many thanks,

Kat

MacBook Pro with Retina display, OS X Yosemite (10.10.2)

Posted on Feb 25, 2015 7:54 AM

Reply
7 replies
User profile for user: keg55
keg55
User level: Level 6
11,755 points

Feb 25, 2015 8:20 AM in response to kat.s

I believe on accounts set to Administrator privs, changing works fine when restarting/shutting down. I have 2 accounts. Both are admins and both are enabled to unlock the encrypted disk. Changing one's password and restarting or rebooting, accepted the new password to unlock the disk.I don't know about Standard accounts.


And you're sure you enabled both the system admin and the user account during the encryption phase?

Reply
User profile for user: keg55
keg55
User level: Level 6
11,755 points

Feb 26, 2015 6:02 AM in response to kat.s

Take a look at this CNN link regarding FileVault and password resets. It may or may not help.


From that link, I get the impression that when using System Preferences/Users & Groups to change a User's password, THAT user needs to be logged in for the changed password to sync with the EFI FileVault password. Just a guess.


So, maybe when a User wants to change their password, try letting the User login instead of the local administrator and let that User open System Preferences/Users & Groups to change their password. Restart and test to see if that fixes the issue you described.

Reply
User profile for user: David@work
David@work
User level: Level 1
4 points

Feb 24, 2016 8:59 AM in response to kat.s

Given all that we've covered in this thread I see Apple's logic in having the user who's password you want to change be the currently logged in user.


In an enterprise setup where there are mac's in remote area's with local support admin accounts for techs to use, what would be the recommended method then to update the password for the local support account?


Do you script something to remove a support account and re-add it each time you want to update the password?

Reply

This thread has been closed by the system or the community team. You may vote for any posts you find helpful, or search the Community for additional answers.

Filevault password not updating

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.
Learn more Sign up