Just a heads up. So, 3 forensic guys have found that FV2 doesn't do encryption 'properly'. By that, they mean that it is possible to read an encrypted volume knowing only the user password (it is possible to derive the master key of the encryption from the password). They have developed a set of libraries that can mount and read a FV2 encrypted disk without having physical access to the machine in question, even without running OSX. From the conclusion: "Our work allows any forensic investigator to use ar- bitrary tools to decrypt any data from a FileVault 2 encrypted volume, when the user password or a recovery token of the system are known. Further more, we have implemented an open source library and tooling to analyze and mount volumes encrypted with FileVault 2. We have also made an informal security analysis of the system and found, among others, that the entropy of the recovery password can be improved and that part of the user data is available in the clear." http://eprint.iacr.org/2012/374.pdf While this means that the average user has nothing to worry about (unless you're relying on it for privacy), it shouldn't really be used for company machines where IP is potentially held, as FV2 isn't an adequate protection. Thought some people might be interested.