FileVault

Discussion in 'MacBook Pro' started by golfing bob, Jan 19, 2015.

  1. golfing bob macrumors member

    Joined:
    Mar 23, 2011
    #1
    I have a Mid 2010 13" Macbook Pro. I have had several issues (After upgrading from snow leopard to Yosemite) and the most recent was trying to log in. With help from this forum I am back up and running. (Thanks to all who responded). After I turned Fire Vault off all is well. My question is what risk do I take with Fire Vault Off? I am correct that if Fire Vault is on after you log in it is now accessible from the internet and it only protects when the computer is off?? Just need to understand how it works.

    Thanks,

    Bob
     
  2. SandboxGeneral Moderator

    SandboxGeneral

    Staff Member

    Joined:
    Sep 8, 2010
    Location:
    Orbiting a G-type Main Sequence Star
    #2
    FileVault is an encryption system for the computer. Having it off just means that if your computer falls into the wrong hands, someone could access the drive and get your files from it. Either directly by logging in as you or by hooking it up as a secondary device to another computer and accessing it that way.

    With FileVault turned on, the only way to access your files on the drive is by logging in as you with the proper password. Otherwise there is no way to access the files on it.
     
  3. BasicGreatGuy Contributor

    BasicGreatGuy

    Joined:
    Sep 21, 2012
    Location:
    In the middle of several books.
    #3
    If your computer is on and you are logged in, your HD is not totally secure via FileVault 2.

    One of the members here pointed the following out to me, and I have implemented it into my usage.

    Open up Terminal and input ...

    sudo pmset -a destroyfvkeyonstandby 1

    Now go to Preferences > Screen Saver > Hot Corner > Pick a corner from the options and you have several options from the drop down menu. I chose put display to sleep. Still under Preferences > Security and Privacy > General > make sure require password after sleep or screen saver is set to immediately.

    Once that is done, and you activate the hot corner you made by moving the cursor to that particular corner when you are stepping away from the computer, the FileVault password is removed from RAM and will have to be entered (again) to gain access to the computer.

    You can revert back to system default anytime by replacing the 1 with a 0

    sudo pmset -a destroyfvkeyonstandby 0
     
  4. gpspad macrumors 6502

    Joined:
    Feb 4, 2014
    #4
    How does this affect backup strategies?

    Will tome capsule create an encrypted or non encrypted copy?

    I think of setting this up, but need to have a non encrypted copy somewhere.
     
  5. SandboxGeneral Moderator

    SandboxGeneral

    Staff Member

    Joined:
    Sep 8, 2010
    Location:
    Orbiting a G-type Main Sequence Star
    #5
    You can encrypt the drive that TM backs up to with FileVault and you can encrypt the TM backups themselves in the options for 'selecting disk's' for TM or do both.
     
  6. 556fmjoe macrumors 65816

    Joined:
    Apr 19, 2014
    #6
    For additional security, this should also be paired with setting hibernatemode to 25 rather than 3, like so.

    sudo pmset -a destroyfvkeyonstandby 1 hibernatemode 25

    Hibernatemode's default setting is 3, which means it will save the contents of RAM to the disk, but will leave the memory powered. When set to 25, hibernatemode will still save the contents of RAM to the disk, but will remove power to RAM. Powering down the memory modules is a slightly safer approach than just destroying the keys alone.
     

Share This Page