Forgot my High Sierra FileVault recovery key. Help please.

[SRLMJ23]

When High Sierra was first released, I recall when enabling FileVault 2 that it never gave me my recovery key. This apparently happened to quite a few people back then. Another MacRumors user posted a Terminal command that either showed you your current recovery key or it reset it and showed you the new reset recovery key. I cannot remember what the command did.

Well, now I have forgot my current recovery key and cannot remember the Terminal command to view it or view the reset recovery key when you run that Terminal command. Any help with this would be greatly appreciated! Thanks in advance.

Quick side question: I know my recovery key is not in iCloud (since I never got the option to choose that option or even view my recovery key) but is there a way to send it to iCloud without disabling FileVault and re-enabling it, or am I just screwed on that one? I assume I am screwed, but I just figured I would ask. Thanks again.

 

[DeltaMac]

hmm... I am confused... Did you not get a recovery key when you set up File Vault, or did you get a recovery key, which you have now forgot?
You don't need the recovery key to turn off your FileVault (which will decrypt your boot drive). All you need is your admin password. Turn off File Vault, wait for that to complete, then turn it back on. Another recovery key will be generated when you turn File Vault on.
You can also follow Apple's steps to reset your admin password - https://support.apple.com/en-us/HT202860

 

[SRLMJ23]

hmm... I am confused... Did you not get a recovery key when you set up File Vault, or did you get a recovery key, which you have now forgot?
You don't need the recovery key to turn off your FileVault (which will decrypt your boot drive). All you need is your admin password. Turn off File Vault, wait for that to complete, then turn it back on. Another recovery key will be generated when you turn File Vault on.
You can also follow Apple's steps to reset your admin password - https://support.apple.com/en-us/HT202860

So what happened was when High Sierra was released, I setup my drive as APFS and then turned on FileVault once High Sierra was done being installed BUT I never received my recovery key during any part of the FileVault process. This apparently happened to a lot of people at the time, must have been a bug.

So there was some threads started about this and in one of them someone gave a Terminal Command that either showed you your current recovery key OR reset your recovery key and showed you the new one that the system made.

So today I was going through 1Password, and noticed that my recovery key was not saved under my Apple stuff. So I am just wondering what that Terminal Command was to view or reset and view my recovery key.

 

[crjackson2134]

I think it’s simpler to just turn it off, then on again and get a new key. Since you don’t know the current key & were thinking of resetting through terminal command anyway.

 

[DeltaMac]

You can check with the terminal command

sudo fdesetup list

It will list recovery keys that are tracked by the system -- However, I don't know if it will be the actual recovery key, or simply the ID code that is encrypted at the same time as the recovery key, basically telling you that a key exists, but is not the key itself. That's a guess, so I might be wrong on that.
Best way forward (and it does work), I think would be to get a new key. Again (as crjackson2134 also recommended) you can do that by simply turning FV off, then back on again. A new recovery key will be generated then.

 

[ignatius345]

And just to state the obvious: I'd make sure you have a solid backup, if you don't already.

 

[Mike Boreham]

You do not get a recovery key if you choose the recover via iCloud account option which is what I always do. It s not a case of the recovery key being saved in iCloud. If you enter the wrong password the recovery process using your iCloud account kicks in.

It sounds to me as if you are a bit unclear about the difference between the Recovery Key and Filevault unlock key. As long as you can unlock the volume you are not screwed, even if you don't have the recovery key, which as said above can be regenerated.