Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Robdmb

macrumors regular
Original poster
Nov 5, 2008
211
24
Do most people enable FileVault? Any disadvantages/performance hits associated with it? Also, does it have to be enabled at time of system install for best performance or can it be done at any time? Thanks.
 

Gregg2

macrumors 604
May 22, 2008
6,785
894
Milwaukee, WI
I haven't taken a scientific survey, but based on reading threads here and elsewhere, my impression is that most people do NOT have FileVault enabled. If you do, don't forget your passwords!
 

dwfaust

macrumors G3
Jul 3, 2011
8,342
13,576
I haven't taken a scientific survey, but based on reading threads here and elsewhere, my impression is that most people do NOT have FileVault enabled. If you do, don't forget your passwords!

One should not lose passwords even without FileVault enabled. I understand what you are saying, but if you cannot remember your administrator password, you have bigger issues.

I do use FileVault for obvious reasons - the whole of my life is contained within the disk - my finances, my personal data, my treasured memories (all backed up multiple times/ways, of course). It needs to be protected securely... so I encrypt my drives.
 

Weaselboy

Moderator
Staff member
Jan 23, 2005
32,979
13,219
California
Do most people enable FileVault? Any disadvantages/performance hits associated with it? Also, does it have to be enabled at time of system install for best performance or can it be done at any time? Thanks.
There is a disk performance hit, but it is small. Here is a speed test.

First thing I do on every Mac I buy is turn on FV2. You can do it as part of setup or later if you like. Once it is setup it is very transparent. The big downside it if you lose your password, your data is a goner. Apple does have a way for your to save a recovery key with your AppleID if you want.
 

Ener Ji

macrumors 6502
Apr 10, 2010
428
314
I've used Filevault for years. Wouldn't consider going without it. This makes me think of an interesting question, however. I wonder if Apple will ever turn Filevault on by default for new Macs? Perhaps for OS 10.12?
 

Ebenezum

macrumors 6502a
Mar 31, 2015
782
260
I've used Filevault for years. Wouldn't consider going without it. This makes me think of an interesting question, however. I wonder if Apple will ever turn Filevault on by default for new Macs? Perhaps for OS 10.12?

I'm not certain that is wise default choice because there is risk of data loss if user forgets password. At the minimum it should be made absolutely clear for the user during the install and user should be given the option to not use FileVault.
 

Modernape

macrumors regular
Jun 21, 2010
232
42
The only disadvantage to Filevault (hence the reason I don't enable it), is you have to enter your login password after every wake from sleep or screensaver (unless one of you running it now can update my belief?).
 

steve62388

macrumors 68040
Apr 23, 2013
3,054
1,851
With all the shenanigans recently I went full crypto not too long ago. FileVault on Macbook and iMac. Encrypted local iPhone and iPad backup, encrypted Time Machine, encrypted NAS', VPN. The whole lot.
 
  • Like
Reactions: MRxROBOT and chabig

gnatmm

macrumors member
May 23, 2015
31
3
Italy
I moved from a mba 13 to a open box rMB. The new rMB was on Yosemite so I had to upgrade to 10.11.4 before installing my latest time machine backup. I did not check on the new rMB for FV so now i can't turn it on and also find my Mac is not working. Is there a quick fix rather than booting an external drive and create the partition FV needs before turning it on and restoring my data again? Thanks
 

ABC5S

Suspended
Sep 10, 2013
3,395
1,646
Florida
And this is why I hope Apple introduces Touch ID on any new Mac's. I have to enter the passcode numerous times per day, and this would be a great tool.
 

throAU

macrumors G3
Feb 13, 2012
8,164
6,106
Perth, Western Australia
Do most people enable FileVault? Any disadvantages/performance hits associated with it? Also, does it have to be enabled at time of system install for best performance or can it be done at any time? Thanks.

I have it enabled.

Disadvantage: instead of 1.4 gigabytes per second SSD transfer speed on my MBP, i now get about 750 megabytes per second read/write.

So yes, there's a bit of a performance hit associated with it, but my machine is still very very fast.


edit:
as you can see, in my case the io hit was almost 50%.

BUT, it depends how fast your CPU is and how fast your IO is. On a machine with a spinning hard drive there will be basically zero impact. If you have a SATA2 or SATA3 SSD and a post sandy bridge Mac, there's likely zero performance impact. On a New Macbook, late model Macbook Air, or current 13" MBP, the storage is way quicker than the CPU can keep up with for encryption.
 

MRxROBOT

macrumors 6502a
Apr 14, 2016
611
513
1011100110
I wouldn't use my Macbook without it, but then again privacy & security is important to me. With Blackmagic I'm seeing 1409 Write 1811 Read, not much of a performance hit here with 25% disk space available at the moment.

I don't think anyone can answer this question for you without knowing what Mac this is regarding. Provide more information if you want answers that are are tailored to you and your machine as the answers vary widely.

Yes FileVault can be enabled at any time.
 
  • Like
Reactions: Primejimbo

KALLT

macrumors 603
Sep 23, 2008
5,330
3,360
The question you need to answer is: what is the likelihood that your device might get stolen? If you worry about that risk and you have important personal data on it, then you ought to enable FileVault. If your Mac never leaves the house, you might also want to consider using a firmware password instead. It won’t encrypt your data, but it will prevent anyone from gaining access to your data as long as the HDD/SSD is still in place.

FileVault can be enabled at any time. Before the installation (by formatting the drive as ‘Mac OS Extended (Journaled, Encrypted)’ or afterwards. The latter is preferred, because the FileVault program will force you to set up a separate recovery key and will enable all user accounts to unlock the drive.

And this is why I hope Apple introduces Touch ID on any new Mac's. I have to enter the passcode numerous times per day, and this would be a great tool.

Touch ID isn’t all that secure. Reproducing fingerprints is possible and I would assume that the likelihood of finding a good sample on your laptop is higher than on your smartphone.
 

MRxROBOT

macrumors 6502a
Apr 14, 2016
611
513
1011100110
You should actually use your computer for awhile before enabling fv.
Wrong
[doublepost=1460910898][/doublepost]
The question you need to answer is: what is the likelihood that your device might get stolen? If you worry about that risk and you have important personal data on it, then you ought to enable FileVault. If your Mac never leaves the house, you might also want to consider using a firmware password instead. It won’t encrypt your data, but it will prevent anyone from gaining access to your data as long as the HDD/SSD is still in place.

FileVault can be enabled at any time. Before the installation (by formatting the drive as ‘Mac OS Extended (Journaled, Encrypted)’ or afterwards. The latter is preferred, because the FileVault program will force you to set up a separate recovery key and will enable all user accounts to unlock the drive.



Touch ID isn’t all that secure. Reproducing fingerprints is possible and I would assume that the likelihood of finding a good sample on your laptop is higher than on your smartphone.

FileVault is not only for people who think their MacBook is going to get stolen. I'm sure a lot of people's macbook have been stolen that didn't think it would happen to them. But I digress, there are other reasons for encryption and a common one is to protect your data when you pass on your computer. Secure erasing SSDs isn't as secure as it is with HDDs. The surest way of erasing your data short of destroying your drive these days is encrypting it. This will keep your contents secure when you wipe your mac before selling, which lots of people do to help subsidize the cost of a new Mac.

I on the other hand encrypt my data because I value my privacy & security.
 
Last edited:

NoBoMac

Moderator
Staff member
Jul 1, 2014
4,581
2,827
I moved from a mba 13 to a open box rMB. The new rMB was on Yosemite so I had to upgrade to 10.11.4 before installing my latest time machine backup. I did not check on the new rMB for FV so now i can't turn it on and also find my Mac is not working. Is there a quick fix rather than booting an external drive and create the partition FV needs before turning it on and restoring my data again? Thanks

Glad to see that sub-OP figured it out.

An option, with the caveat that I have not had to try this since I swapped out my HDD for an SSD a few years ago, should be able to "re-install" the OS over the existing install. Will keep user files in-place (read: not wipe that stuff out), but will create the recovery partition that FileVault needs. When I did the disk swap, I ran into the same situation in that I made a clone of the HDD via SuperDuper! which does not image the recovery partition, and merely copied that clone onto the SSD. I too could not re-enable FileVault.
 

KALLT

macrumors 603
Sep 23, 2008
5,330
3,360
I’m sure a lot of people's macbook have been stolen that didn't think it would happen to them. But I digress, there are other reasons for encryption and a common one is to protect your data when you pass on your computer.

I agree that I could have been more specific, but I actually implied that when I used the example of theft. Obviously, if you do not want to entrust someone else with your data, then encryption is the only option short of securely erasing the data. My point was that when you are not moving the device around, including giving it to someone, then disk encryption may simply be unnecessary or at least a risk worth taking.

I could come up with a number of people in my circle of acquaintances that I would not advise to enable encryption, purely because they will forget it and are likely to lose their passwords at some point.

Secure erasing SSDs isn't as secure as it is with HDDs. The surest way of erasing your data short of destroying your drive these days is encrypting it. This will keep your contents secure when you wipe your mac before selling, which lots of people do to help subsidize the cost of a new Mac.

You could do that before selling it too. For SSDs other options exist, depending on vendor (e.g. full trim).
 

MRxROBOT

macrumors 6502a
Apr 14, 2016
611
513
1011100110
I could come up with a number of people in my circle of acquaintances that I would not advise to enable encryption, purely because they will forget it and are likely to lose their passwords at some point.
Yes well people who cannot remember a key no more sophisticated than a facebook password should not be encrypting their drives. I guess I should have changed my post to say if you can use Facebook, you can encrypt your drive.


You could do that before selling it too. For SSDs other options exist, depending on vendor (e.g. full trim).
Encrypting after the fact is not that same as starting with encryption. I can go into more detail if need be.
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.