Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Different passwords for Filevault and administration

A

aiannaccone

macrumors newbie
Original poster
Apr 30, 2013
2
0
I'd like to encrypt my files with a reasonably long passphrase, so that my data is safe from brute force attacks even if my computer is stolen. I don't mind entering that long password once on boot/login, but I'd rather not have to enter a long passphrase when I make administrative changes.

Is there a way to use two different passwords, a long one for Filevault and login and a shorter one for administration?

Alternatively, can I simply disable password prompts for administrative changes? I can give myself password-less superuser privileges on the command-line using the sudoers file. Is there a comparable setting for GUI-driven privilege requests?

Thanks in advance.
 
aiannaccone said:
I'd like to encrypt my files with a reasonably long passphrase, so that my data is safe from brute force attacks even if my computer is stolen. I don't mind entering that long password once on boot/login, but I'd rather not have to enter a long passphrase when I make administrative changes.

Is there a way to use two different passwords, a long one for Filevault and login and a shorter one for administration?

Alternatively, can I simply disable password prompts for administrative changes? I can give myself password-less superuser privileges on the command-line using the sudoers file. Is there a comparable setting for GUI-driven privilege requests?

Thanks in advance.
Click to expand...

No way around this. When you setup FV2 you are saying "allow this/these accounts to login and unlock FV2", so the login password for a given account unlocks FV2. There is no way to disable to app. install password prompt either. That is a security feature to stop unwanted applications potentially carrying malware from installing themselves.
 
No,I don't believe so as it uses your userid password to authenticate you. That is it does decryption on the fly once you are authenticated. The login process for OSX would need to change to have two different passwords. FileVault is integrated into OSX in such a way that you use your userid password.

----------

There is Symantec Drive Encryption's application which may fit your needs better. When it was PGP before Symantec I'd recommend this but now that Symantec owns them I don't think its a good idea (their mac products have not been the best) but check them out.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back