Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

FileVault Question

James Godfrey

James Godfrey

macrumors 68020
Original poster
Oct 13, 2011
2,074
1,713
Hi

Just wondering if anyone can help, I recently wanted to do a fresh install of Mojave, however, the disc on my MacBook Pro was encrypted with FileVault... which I presumed needed to be enabled so if I was ever to sell my Mac my data would be secure.

So i restarted with command r, entered disc utility, unlocked the disc and erased then reinstalled MacOS Mojave.

Once reinstalled, during the set up process it requested the previous password used for the disc as it was encrypted...?? Is this normal behaviour? And if so what would happen if the machine was sold onto a new owner? As obviously they wouldn’t have access to the old password?

Am I supposed to disable FileVault before restoring the Mac? Would this then make my data vulnerable?

Any help would be greatly appreciated.
 
What you described is indeed normal. (the system asking for your disk password)

Before a clean wipe and re-install, turn off fv.
 
You don't have to turn off FileVault to restore your Mac or update the OS. Just give it the password when it asks. You should not give an encrypted drive to someone else when you sell the computer.
 
Last edited:
Right no problem so just to double check... if I was to sell on my Mac and I turn off FileVault before a restore is my data safe on an SSD as there are no secure erase options?
 
When you sell your Mac, follow Apple's instructions: https://support.apple.com/en-us/HT201065

You will not have to turn off FileVault if you erase and reinstall the OS as Apple suggests (I said otherwise above but I was wrong). Reformatting the drive during installation will leave the drive unencrypted for the buyer.

Your data is not at risk because it was stored encrypted. If someone were to go look at the low level bits stored there all they will find is encrypted gibberish, with no means to decrypt it. That's why there is no longer a secure erase option--none is needed.
 
  • Like
Reactions: CoastalOR
Yeah that’s what I thought, however, when I set the MacBook back up it requested the previous password of the disc as it was previously encrypted... which I presume it would do if it was someone else setting it up for the first time making the MacBook unusable for them.
 
I think that Apple's steps should be correct, if followed in order. While you're booted to the recovery partition, you have to provide the FileVault password to unlock the drive before you can erase it. Then when you erase the drive the FileVault keys are discarded, leaving FileVault off and the data irretrievably scrambled.

Perhaps you reinstalled the OS without actually erasing the drive first. Your accounts and data would still be there, protected by the password.
 
No I definitely unlocked then erased the drive in DU then reinstalled the macOS seems very strange that it requests the previous password during set up as I presumed it wouldn’t... just got me thinking about when it comes to sell it if it would be an issue for the new owner...
 
Well if you ever go to sell the Mac. Reinstall and reboot. If it doesn't ask for the password, you're good. If it does, provide the password, log in, and turn off FileVault. I'd then reinstall once more to be safe.
 
I have a feeling this may be an extra layer of security that apple has implemented in Mojave maybe as I can’t find anyone online who has ran into this... by apples standards FileVault isn’t created with securing a Mac when selling to a new owner in mind, as an erase of in encrypted disc is enough, I think apple sees FileVault as a way of securing your Mac in the event of theft etc...
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back