I've had this issue since I've used Filevault on OSX (three years) and can't seem to fix it. I've googled around and have come across others who have the same issue.
I have Filevault2 disk encryption enabled. When I put my computer to sleep, I want to destroy the filevault encryption key so that I have to log back in to system encryption.
Right now what happens is: I close the lid, my computer sleeps, I open the lid the next morning, log in as a user and my computer is promptly awake. It appears that my computer never purged the encryption key.
So I changed a few settings:
sudo pmset -a destroyfvkeyonstandby 1
So that the key will be destroyed when the system moves from sleep to standby mode.
And then:
sudo pmset -a standbydelay 300
So that my computer will leave sleep and enter standby mode after 300 seconds (five minutes).
However, when I put my computer to sleep, I have the issue I described above in the first paragraph.
How do I get my computer to purge the filevault key. I know that the system is decrypted because when I wake the computer, 1) it only requires touching a key (vice hitting the power button that would be required from standby mode) and 2) while at the login screen, my computer logs on to wi-fi and connects to my VPN. That should not happen if the computer is not decrypted.
Any ideas?
I have Filevault2 disk encryption enabled. When I put my computer to sleep, I want to destroy the filevault encryption key so that I have to log back in to system encryption.
Right now what happens is: I close the lid, my computer sleeps, I open the lid the next morning, log in as a user and my computer is promptly awake. It appears that my computer never purged the encryption key.
So I changed a few settings:
sudo pmset -a destroyfvkeyonstandby 1
So that the key will be destroyed when the system moves from sleep to standby mode.
And then:
sudo pmset -a standbydelay 300
So that my computer will leave sleep and enter standby mode after 300 seconds (five minutes).
However, when I put my computer to sleep, I have the issue I described above in the first paragraph.
How do I get my computer to purge the filevault key. I know that the system is decrypted because when I wake the computer, 1) it only requires touching a key (vice hitting the power button that would be required from standby mode) and 2) while at the login screen, my computer logs on to wi-fi and connects to my VPN. That should not happen if the computer is not decrypted.
Any ideas?