Securing Macbook w/ FileVault 2 multiple accounts + guest

Discussion in 'macOS' started by oschrenk, Aug 15, 2012.

  1. oschrenk macrumors newbie

    May 29, 2012
    I have two following main goals:
    1. Secure complete hard disk by encrypting it
    2. Guest account access
    a) for people to quickly access internet
    b) as a honey pot account to have thieves login and help me with retrieval of the device if stolen

    My setup
    I use multiple accounts myself to help me focus on tasks (1 personal (w/ admin access), 1 university, 1 office) and make use of fast user switching. As far as I understand FileVault 2 accounts are granted permissions to decrypt the drive.

    So my questions are:
    1) Does it suffice to grant my personal account permissions to decrypt the drive, and use fast user switching to login to my other accounts?
    2) If I'm logged into my personal account, and switch back into the login screen can people login to the guest account?
    3) What are the preferred choices for theft recovery applications when FileVault 2 is enabled (LoJack, Prey, or Undercover) ?
  2. oschrenk thread starter macrumors newbie

    May 29, 2012
    Re 3) So it seems that it may be impossible to setup Filevault 2with a honeypot account. FIlevault 2 encrypts the whole drive and replaces the OS based login with an EFI based login. The guest account spins up the recovery partition. Which makes sense as a guest account should not have access to the encrypted volume.

    Orbicule clearly state that their software doesn't work with Filevault 2 but there might just be a way for Prey to work on the revovery partition.

Share This Page