grapes911 said:The File Vault password is not coupled with your login password. Meaning if you change you login password, you File Vault password does not change.
Personally, I prefer PGP. It allows me to encrypt and sign files and emails with the same key. Plus it is universal and cross-platform.
generik said:Yeah.. apparently I was prompted the first time and I did set it
Is it possible to turn it off? Kinda a security loophole when you think about it.
generik said:I figured that a thief who has physical access to your machine can always use a boot up disc, reset your system's master password, then reset your password, and gain access.
So what's the point?
whocares said:If the data is really sensitive, only physically locking the computer up is safe. Even without Master Password set, FV can be crakced (given the thief has enough time to decrypt the data). Of course if it's only your accounts or credit card number, I wouldn't worry too[/t] much
Cfg5 said:Does anyone actually use filevault?
generik said:Yeah.. apparently I was prompted the first time and I did set it
Is it possible to turn it off? Kinda a security loophole when you think about it.
Cfg5 said:Does anyone actually use filevault?
I highly doubt anyone short of the NSA can break the RSA encryption I use via PGP. The NSA even not be able to break it. Very secure.kingjr3 said:No encryption is going to be secure enough if someone has physical access to a machine...
whocares said:If the data is really sensitive, only physically locking the computer up is safe. Even without Master Password set, FV can be crakced (given the thief has enough time to decrypt the data). Of course if it's only your accounts or credit card number, I wouldn't worry too[/t] much
ElectricSheep said:True, it would only require 2^120 (or so) operations to break 128-bit AES. The amount of time needed to do this makes breaking the key in your lifetime infeasible.
I've never used File Vault for the same reason stated earlier, that drama with it not decrypting and corrupting the Home folder scared me away from it for life.
Resetting a user account with the master password just allows that user to login. Without the original set FileVault password, you still won't be able to read the encrypted data.
For example, say I have a user account with FileVault enabled and my password is 1234. If I forget that password, and reset the user account password using the master password, the user account password would no longer be 1234 (it would be whatever I set it to after using the master password), however, the FireVault data would still be encrypted with the original 1234 password. The master password does not change the FireVault password at all, only the login password for that user account. So unless the person knows your original password of 1234, they will not be able to see the encrypted data.
Resetting a user account with the master password just allows that user to login. Without the original set FileVault password, you still won't be able to read the encrypted data.
For example, say I have a user account with FileVault enabled and my password is 1234. If I forget that password, and reset the user account password using the master password, the user account password would no longer be 1234 (it would be whatever I set it to after using the master password), however, the FireVault data would still be encrypted with the original 1234 password. The master password does not change the FireVault password at all, only the login password for that user account. So unless the person knows your original password of 1234, they will not be able to see the encrypted data.