WARNING: Disable FileVault before preparing your Mac for sale

[James Godfrey]

Hi all

Have posted already about this but just thought I would warn people of a potential new feature of FileVault, I have spoke to apple support and they have confirmed this is a security feature of FileVault.

Basically if you leave FileVault enabled before booting into recovery, unlocking your disk and erasing it then reinstalling macOS to prepare your Mac for a re-sale, during the set up process it will request your old password as the disc was previously encrypted, which leaves a new owner unable to set up the Mac.

This should not happen if FileVault is disabled before restoring your Mac.

I spoke to apple support and they confirmed this is normal and it is a security feature (similar to activation lock on iOS), however there is no mention of it on apples support pages.

If anyone can confirm this also happens with them with Mojave it would be great to find a workaround.

 

[archvile]

What year/make/model Mac did you do this with?

This does not happen with the 2015 MBP, I can confirm that, as I have always had FileVault on but was able to do a full wipe/clean reinstall of Mojave when the final public version was released (was running the beta up until the last one), and it never prompted for the previous disk's encryption password.

Maybe this is a feature of the T1/T2 chips? Which would make sense.

I'm glad they have added this feature to gain feature parity with iOS.

I know with my MacBook Pro, Find My Mac can be disabled simply by resetting PRAM. I have reported this as a bug many, many times but as of 10.14.1 is still not fixed. Only way for me to prevent this is to have a Firmware Password enabled, which prevents any boot options unless you enter the correct password.

 

[James Godfrey]

It’s the base model mid 2017 MacBook Pro

 

[archvile]

It’s the base model mid 2017 MacBook Pro

Non-touch Bar? I don't think the Non-Touch Bar models have the T1 chip. So this is interesting then.

I'm reading through the T2 Security Guide that Apple just released to see if it mentions this anywhere.

https://www.apple.com/mac/docs/Apple_T2_Security_Chip_Overview.pdf

 

[James Godfrey]

I see a lot of users may use FileVault as an alternative of secure erase with their SSD (as secure erase options are not available or needed according to apple for SSD’s).

Therefore many users of potentially newer macs may think that erasing a Mac with FileVault enabled is a way of securing their data when selling their Mac, however, this will in turn run into an issue of having to provide your old password to the new user in order for them to set it up.

I presume the only way to securely erase a Mac with an SSD now is to enable FileVault, erase and restore the Mac set it up without FileVault, then erase and restore it again.

I can fully understand why this feature is enabled as FileVault is more geared to protecting your data if your Mac gets stolen, rather than having it as a workaround for a secure erase when selling your Mac.

I have suggested to apple to include this information on their support pages as it will lead to potential issues for newer Mac owners when they come to sell their machines.
[doublepost=1540988941][/doublepost]Yes non Touch Bar version 128GB base model
[doublepost=1540989464][/doublepost]The steps I took to wipe my Mac and reinstall macOS Mojave were as follows with FileVault enabled:

Signed out of iTunes/iCloud/iMessage etc...

Rebooted by using Command R

Went into disk utility mounted Macintosh HD with my password (it did show an alternative user with loads of letters and number which I think was the guest account). Erased it into APFS format.

Exited disk utility and installed macOS Mojave.

Once installed I went through the set up process and at some point it prompted for my previous password used with with the disk as it was previously encrypted.

Strange

 

[archvile]

I see a lot of users may use FileVault as an alternative of secure erase with their SSD (as secure erase options are not available or needed according to apple for SSD’s).

Therefore many users of potentially newer macs may think that erasing a Mac with FileVault enabled is a way of securing their data when selling their Mac, however, this will in turn run into an issue of having to provide your old password to the new user in order for them to set it up.

I presume the only way to securely erase a Mac with an SSD now is to enable FileVault, erase and restore the Mac set it up without FileVault, then erase and restore it again.

I can fully understand why this feature is enabled as FileVault is more geared to protecting your data if your Mac gets stolen, rather than having it as a workaround for a secure erase when selling your Mac.

I have suggested to apple to include this information on their support pages as it will lead to potential issues for newer Mac owners when they come to sell their machines.
[doublepost=1540988941][/doublepost]Yes non Touch Bar version 128GB base model
[doublepost=1540989464][/doublepost]The steps I took to wipe my Mac and reinstall macOS Mojave were as follows with FileVault enabled:

Signed out of iTunes/iCloud/iMessage etc...

Rebooted by using Command R

Went into disk utility mounted Macintosh HD with my password (it did show an alternative user with loads of letters and number which I think was the guest account). Erased it into APFS format.

Exited disk utility and installed macOS Mojave.

Once installed I went through the set up process and at some point it prompted for my previous password used with with the disk as it was previously encrypted.

Strange

Hmm, when I did this I used a USB installer, wonder if that is the difference vs. doing it through Recovery? Maybe that's why it never asked me for the previous password. I did the exact same method as you (sign out of everything), and then booted off the USB drive, ran Disk Utility, wiped the drive (which was still encrypted with FileVault), then ran the installer.

 

[James Godfrey]

Ah I installed via internet recovery so maybe this comes with that, if you ever do it from internet recovery let me know if it is normal behaviour as tbh apple support did a lot of digging on this as they never heard of it before. Maybe it is starting to be implemented when installing macOS from the internet rather than USB