Bold, exactly, just a day or so ago someone did just that, could not login, got an Error.I've been using FileVault on a couple of machines for quite a while now.
I've yet to have any problems but of-course you should always have a backup regardless of whether you use FileVault or not.
Performance wise I notice no difference at all, benchmark wise I lose a couple of MB/s but nothing major. Visually the only difference is the login screen which appears before the OS boots on startup.
The one thing to be careful of is if you have moved your home directory to another drive, and then attempt to encrypt the drive containing the home directory.
Works fine. Very minimal impact to performance. I also have my Time Machine and other external drives encrypted.Filevault safe? Recommended? Or the advanced Mac users recommend against using it?
+1 Very minimal impact on speed and there is really no good reason not to do it. Once enabled it is transparent to the operator. I also encrypt Time Machine backups.Filevault safe? Recommended? Or the advanced Mac users recommend against using it?
I disagree. It is only transparent if you already have your mac setup not to auto-login and always prompt you for a password on boot ups and resuming from sleep. For many of us that is annoying and we don't want to have to constantly punch in the password, that seems like a good reason not to use it.+1 Very minimal impact on speed and there is really no good reason not to do it. Once enabled it is transparent to the operator. I also encrypt Time Machine backups.
Constantly? How often do you sleep or restart your Mac?I disagree. It is only transparent if you already have your mac setup not to auto-login and always prompt you for a password on boot ups and resuming from sleep. For many of us that is annoying and we don't want to have to constantly punch in the password, that seems like a good reason not to use it.
Disk encryption without a password to login/decrypt would be rather pointless though, unless you were able to use a token or key of some sort which isn't supported by FileVault2.I disagree. It is only transparent if you already have your mac setup not to auto-login and always prompt you for a password on boot ups and resuming from sleep. For many of us that is annoying and we don't want to have to constantly punch in the password, that seems like a good reason not to use it.
Huh? I think it goes without saying that if one enables encryption, some sort of login PW will be required. No different than a normal login PW operationally.I disagree. It is only transparent if you already have your mac setup not to auto-login and always prompt you for a password on boot ups and resuming from sleep. For many of us that is annoying and we don't want to have to constantly punch in the password, that seems like a good reason not to use it.
I think other than the password, it is transparent. And unless someone is sleeping or rebooting their Mac every 5 minutes, I don't think it's an issue.I think what was meant is going from a auto login no PW setup to file fault is not so transparent..... extra steps are now required.
That is true. However, my web browser has cookies for how many sites that have my credit card on file? The passwords for my email ar eon the keychain. Since I get my bills electronically, I have copies of those bills on my computer.Well, using FileVault makes sense ONLY if you need it. If you don't have a reason to encrypt your data, why use it?
S-
Constantly. I have a laptop and move a lot during a given day. I don't sit 9-5 in an office.Constantly? How often do you sleep or restart your Mac?
Agreed, but I'm just pointing out for some usages and for convenience, Filevault is not recommended. Only if you think you need a high level of security would you use it. So I was responding to the OP and the one I responded to at the same time. I'm not worried about losing or having my laptop stolen so for me its a waste to add in that extra security.Disk encryption without a password to login/decrypt would be rather pointless though, unless you were able to use a token or key of some sort which isn't supported by FileVault2.
I guess I assumed that anyone wanting to secure their computer would expect to have to use a password of some sort.
Sure, but the point is Filevault is not transparent compared to having it off. There is a noticeable impact of turning it on. Now if your aim is security, there by all means turn it on so as you point out, operationally its no different than if you have auto-login and similar features turned off.Huh? I think it goes without saying that if one enables encryption, some sort of login PW will be required. No different than a normal login PW operationally.
Exactly. And so I was suggesting unless you need strong security, it's a serious inconvenience.I think what was meant is going from a auto login no PW setup to file fault is not so transparent..... extra steps are now required.
Yeah but the cookies don't show the entire CC and in order to get keychain to reveal the passwords you must enter your administrator password, so all the important information is encrypted anyway.That is true. However, my web browser has cookies for how many sites that have my credit card on file? The passwords for my email ar eon the keychain. Since I get my bills electronically, I have copies of those bills on my computer.
All in all, someone can have a lot of personal info on a computer. Enough to allow for credit card fraud or identity theft. I'd rather not take the risk.
Not recommended by who? You? So you felt the need to point out that having FV2 encryption turned on would require typing in a PW? Do you honestly think anybody reading this would not know that? (<< these are rhetorical questions)Agreed, but I'm just pointing out for some usages and for convenience, Filevault is not recommended. Only if you think you need a high level of security would you use it. So I was responding to the OP and the one I responded to at the same time. I'm not worried about losing or having my laptop stolen so for me its a waste to add in that extra security.
Most users at least have a login PW, and for those users FV2 is no change at all. I will repeat what I said earlier, my assumption is anybody wanting to encrypt their disk is already at least using a login PW, so this is not a change at all.Sure, but the point is Filevault is not transparent compared to having it off. There is a noticeable impact of turning it on. Now if your aim is security, there by all means turn it on so as you point out, operationally its no different than if you have auto-login and similar features turned off.
Typing in a PW is a "serious inconvenience"? Really? (<< this is also a rhetorical question)Exactly. And so I was suggesting unless you need strong security, it's a serious inconvenience.
Right, by the community within these forums, of which I am a part.Not recommended by who? You?
Did you even read the OP? It struck me as a post by someone rather unfamiliar with what this feature even is in its most basic sense. That is the audience to which the responses in this thread should be aimed at. Coming in a thread acting superior is smug and being rather unhelpful toward the novices asking for the help in the first place is rude.So you felt the need to point out that having FV2 encryption turned on would require typing in a PW? Do you honestly think anybody reading this would not know that? (<< these are rhetorical questions)
Source?Most users at least have a login PW,
Agreed, now what about everyone else? The questions by the OP were general and not asking about particular cases.and for those users FV2 is no change at all.
Great, now instead of making assumptions how about you start actually answering the OP? Should the average joe desire to encrypt their disk, should they not use the auto-login features? Why or why not? Identify theft is real, but for most responsible adults the chances of their systems getting physically hijacked by someone is rather low.I will repeat what I said earlier, my assumption is anybody wanting to encrypt their disk is already at least using a login PW, so this is not a change at all.
Yes. Anything that isn't automatic is an annoyance and inconvenience. Why do you think Apple implemented auto-login and resumes and auto-save features in the first place? Because users found the alternatives cumbersome. Again get off your high horse.Typing in a PW is a "serious inconvenience"? Really? (<< this is also a rhetorical question)
Some of the community does recommend FileVault. So therefore it's you not recommending it.Right, by the community within these forums, of which I am a part.
....
Yes of course, though my recommendation or non-recommendation is user-specific. I suppose I should have been clearer. What I meant to imply was that anyone who is a member of the community is welcome to share their opinion in this thread, and so the rhetorical question asked by the other poster, trying to suggest I had no place commenting here, was ridiculous. Thanks for the clarification though.Some of the community does recommend FileVault. So therefore it's you not recommending it.
I have interacted with 2012Tony2012 in several threads and he is quite bright. I am very confident he understands a PW entry will be required if he uses Filevault. Of course, that is just me all up here on my high horse.(snip)
Having to type your password a few times a day is not a serious inconvenience. Having to recover from a stolen system where someone used the information on an unencrypted drive is a very serious inconvenience....
Exactly. And so I was suggesting unless you need strong security, it's a serious inconvenience.
...
Fair points. And given portables are easier and likelier to be stolen, perhaps there is greater incentive to use FileVault on them, but for most desktops to get access to them you'd have to break into the house, apartment, office, etc. to get that kind of access. Also, half decent sites require you answer security questions before proceeding with password recovery.Having to type your password a few times a day is not a serious inconvenience. Having to recover from a stolen system where someone used the information on an unencrypted drive is a very serious inconvenience.
Give me a person's system where they have cookies and possibly automatic logins in their browsers for shopping sites and a mail client that has the passwords it needs in the keychain and I'd be able to change the passwords on the websites via password recovery to the person's email and then I would have access to shopping with their credit cards.
How would you access their keychain if they had shut down or logged out?Give me a person's system where they have cookies and possibly automatic logins in their browsers for shopping sites and a mail client that has the passwords it needs in the keychain and I'd be able to change the passwords on the websites via password recovery to the person's email and then I would have access to shopping with their credit cards.
If they have automatic login, then applications which use the keychain can get to their passwords to access services. This is why I specified that mail passwords had to be on the keychain, so Mail could fetch mail.How would you access their keychain if they had shut down or logged out?
Thank youI have interacted with 2012Tony2012 in several threads and he is quite bright. I am very confident he understands a PW entry will be required if he uses Filevault. Of course, that is just me all up here on my high horse.