Hello! I have a small issue with understanding the logic behind the recovery methods of FileVault in macOS High Sierra. I have read Apple support articles and also contacted Apple Support on Twitter, but they sent me the same support articles I already read. I also posted my question on the Apple Communities forum but unfortunately no one seems to answer. Perhaps you guys can help me out.
So the story behind my misunderstanding goes as follows: during the computer's initial setup I enabled FileVault and I chose to store a recovery key on iCloud instead of storing it offline myself. However I changed my mind, decrypted the disk, encrypted it again but this time made sure to not use iCloud for the recovery key. I thought everything was okay until I checked the Reset Password Assistant. When I went into the Reset Password assistant, I was able to login using my Apple ID and it automatically retrieved a recovery key which allowed me to reset my password. I assumed this shouldn't be possible since I opted for an offline recovery key for FileVault. To eliminate the possibility I made a mistake, I decrypted and encrypted the disk again. Before encrypting it again, I removed my home network in the WiFi settings, turned off the WiFi and restarted the Mac. I thought this would perhaps prevent my Mac from sending a recovery key to iCloud. And by the way, under Users & Groups I didn't enable "Allow user to reset password using Apple ID" (this option also disappears when enabling FileVault). Despite this, the issue persists.
These are the articles that didn't really help me with finding an answer:
So to conclude: I expected not to be able to use my Apple ID in the Reset Password assistant to retrieve the Recovery Key for FileVault as I selected the option "Create a recovery key and do not use my iCloud account". I would only expect the Reset Password assistant to retrieve my Recovery Key when I would have selected "Allow my iCloud account to unlock my disk". Since my Recovery Key was still retrieved through iCloud, I fail to understand why the option is offered to store the Recovery Key yourself without using iCloud as it seems that Apple still has access to the Recovery Key when you sign in using your Apple ID (even though the option to not use iCloud was selected before encryption).
Excuse me for the long post, but I hope I explained the issue well enough. Perhaps you guys know what's going on? Or perhaps you could check how the Reset Password assistant behaves on your Mac (in case you also opted for the offline recovery key)?
So the story behind my misunderstanding goes as follows: during the computer's initial setup I enabled FileVault and I chose to store a recovery key on iCloud instead of storing it offline myself. However I changed my mind, decrypted the disk, encrypted it again but this time made sure to not use iCloud for the recovery key. I thought everything was okay until I checked the Reset Password Assistant. When I went into the Reset Password assistant, I was able to login using my Apple ID and it automatically retrieved a recovery key which allowed me to reset my password. I assumed this shouldn't be possible since I opted for an offline recovery key for FileVault. To eliminate the possibility I made a mistake, I decrypted and encrypted the disk again. Before encrypting it again, I removed my home network in the WiFi settings, turned off the WiFi and restarted the Mac. I thought this would perhaps prevent my Mac from sending a recovery key to iCloud. And by the way, under Users & Groups I didn't enable "Allow user to reset password using Apple ID" (this option also disappears when enabling FileVault). Despite this, the issue persists.
These are the articles that didn't really help me with finding an answer:
- "Use FileVault to encrypt the startup disk on your Mac": https://support.apple.com/en-us/HT204837
- "Change or reset the password of a macOS user account": https://support.apple.com/en-us/HT202860
So to conclude: I expected not to be able to use my Apple ID in the Reset Password assistant to retrieve the Recovery Key for FileVault as I selected the option "Create a recovery key and do not use my iCloud account". I would only expect the Reset Password assistant to retrieve my Recovery Key when I would have selected "Allow my iCloud account to unlock my disk". Since my Recovery Key was still retrieved through iCloud, I fail to understand why the option is offered to store the Recovery Key yourself without using iCloud as it seems that Apple still has access to the Recovery Key when you sign in using your Apple ID (even though the option to not use iCloud was selected before encryption).
Excuse me for the long post, but I hope I explained the issue well enough. Perhaps you guys know what's going on? Or perhaps you could check how the Reset Password assistant behaves on your Mac (in case you also opted for the offline recovery key)?