Be aware that if you forget the file vault access code you can't sell that Mac unless you can get another comparable SSD and find a way to swap out the encrypted SDD which may or may not be soldered to the mother board.
Well, obviously this works with the boot device plugged in. Does it work with external drives whether they be spinning hard drive or SSD? Does it in crypt files as they go to dropbox or any other cloud device?
If you use a 3rd party Bluetooth keyboard and have filevault activated, you are unable to enter your password at boot time. I experienced this behavior with a MX keyboard from Logitech. I had to connect a wired keyboard every boot of my M1 Mac Mini. So I switched off filevault again.
Kirk Carver 0 seconds ago How is a TimeMachine or Carbon Copy Clone backup affected by FileVault? Are the backups also encrypted? If you need to restore a computer using a TImeMachine backup? Does the encryption impede or affect a restore?
No affected. If you choose to make the Time Machine backup NOT encrypted then the files wouldn't be encrypted. Either way, you can restore as long as you know the Time Machine encryption passcode you set.
Per Apple, “If you have a Mac with Apple silicon or an Apple T2 Security Chip, your data is encrypted automatically. Turning on FileVault provides an extra layer of security by keeping someone from decrypting or getting access to your data without entering your login password.” Because of that, Macs with Apple silicon or a T2 security chip only take a few seconds to turn on FileVault. I just verified that my turning on FileVault on my 2019 MBP, which has a T2 security chip. I’m trying to understand what a person would see in both cases if they accessed my drive when I’m logged out. If I have FileVault turn off, would they still be able to identify individual files, but not read them because they are encrypted? If so, they would still be able to try to decrypt them. OTOH if I have FileVault turned on, would they not be able to see individual files at all?
What if you access and transfer files among computers on a mixed network of Macs and Windows PC? Can I seamlessly copy and delete files on a Filevaulted Mac from my Windows and Linux computers on the same home network? Can I run Filevaluted applications on a Mac from other Macs on my home network or on a central file server?
Yes. Each computer handles access to its own files. So FileVault doesn't matter here. Not sure what you mean by "run Filevaluted applications on a Mac from other Macs" though. Each Mac would run its own applications.
Thank you so much for this video - Question - I decided to turn my file vault on and got a message that says: A recovery key has been set by your company, school, or institution. I bought this MBP from an Apple store and I'm the only user. This is very concerning to me. Is there a way to find what the recovery key has been set too?
Good question. I watched and read comments in several Techie File Vault vids and haven't seen anyone else mention this issue. I hope you found the answer, bc that seems like a unique (or weird) situation.
I had a question - If the file is protected with FileVault and I transfer the file to a Windows machine, would the file be readable in the Windows system?
File Vault protects the data on the drive. When you open a file or move it the file is decrypted at that point. So moving a file across a network or onto another drive means the copy you make now has nothing to do with File Vault encryption. It is just a regular file.
Im confused , I read everything on the M1 is encrypted using their hardware T2 chip whether filevault is on or off, File vault secures the encryption key and password to get in , if the drive is removed it does not matter if filevault was on or off . Unless Im reading things incorrect. Seems the Encryption of the drive and filevault description here is for older macs. Maybe :)
The T2 encryption will protect the drive if it is removed from the computer an separated from the T2 chip. But it will not protect it if someone simply connects to the computer in Target Disk mode. FileVault does.
So, Im new to Mac and wondering how often or when will be required to input the File Vault Recivery Code? Everytime the computer is rebooted or turned off and back on again? What situations prompt for the code?
If everything works normally, you will never have to use it. Just entering your account password, like you do every day when logging on to your account on your Mac, will unlock FileVault so you can use your Mac normally. The recovery code is for if you forget your user password and want to access the disk without it.
I plan to start using FileVault and am wondering if it has any affect on apps like Chronosync when mirroring data to external drives? FileVault will only encrypt the internal drive, not the individual files or external drives being mirrored or backed-up correct ?
Would there be any issues cloning an encrypted hard drive to one that is not encrypted? I have an external ssd I work off that I've just encrypted, and the drives I will mirror it to are not encrypted.
@@macmost wasn't sure if the encrypted drives files mirror properly to a drive that's not encrypted. I'm essentially cloning files with chronosync from an encrypted ssd to a hdd that is not encrypted. Or does this not matter? Thanks
Sir on Mac files can be stored on both the native hard disk( Macintosh HD) or under a specific user account. If someone were to take my Mac, open it up and connect its hard disk to another computer to view the files will the files that are saved inside my username folder be available to him? Because ofcourse he doesn't know my password and can't login under my username. I am talking about a mac with disabled filevault obviously. Thanks and regards
If you have a recent Mac, then the data on the drive is encrypted. Someone wouldn't be able to access the data on it outside of your Mac. On older Macs you can do it too, using File Vault.
@@namansingh4684 The disk encryption protects the drive if it is taken from your Mac. But you need to enable File Vault to tie the encryption to your login account for total protection.
Ty for sharing. I got my first mac yesterday and is a macbook air m2. I absolutely love it but i am still learning on how to personalise and do its settings etc. could i ask a question please - Do you recommend with FileVault on and with Firewall on to add an xtra layer such as an antivirus programme or will there be no need. For example, in all my iphones using along the years never had an issue re security , or to feel my data has been breached. So will this apply to a Mac?
I have not used this yet, but plan to do some traveling soon. I keep my genealogy docs copied to a separate portable drive. I’m going to assume that they would copy over in encrypted format, right? So only usable on my computer. I may need to rethink my iCloud usage. Thanks for your wisdom.
No, that's not how it works. If you copy a file to a drive the file is there on the drive as the real file. It isn't encrypted (unless that happens to be an encrypted drive).
Hi Gary, Great videos you have. I have a 2021 Macbook Pro 16", 1) So i have file vault turned off, and if say it got stolen then nobody can read the files if they cant get into the computer, right?. 2)But if they took out the hard drive then could they access the files by putting the drive in to another computer? 3) If file vault is on then no one can read the files anywhere? Back up with time mechine Is this encrypted if i don't have file vault turned on, or if i have file vault turned on then are the back ups drive encrypted or do i have to encrypt the back up as well hope you make sense of this many thanks ste
You have an M1 MacBook Pro. With this Mac, the entire internal drive is encrypted. Even without FileVault it can't read the files. It would not be easy to remove the "hard drive" on newer Macs, because it isn't a separate part, it is integrated. You'd need to have some valuable state secrets on there for it to be worth it for someone to try. But even then, it is still encrypted. FileVault adds an extra layer of security. If you are concerned about security, use it. If not, then you still have most of the protection. When you start a Time Machine backup it gives you the option to encrypt it. Sounds like you want to say yes to that.
Connecting a hard drive to another PC isn't the only way to access your data. It is pretty easy to reset the password and access the MacBook itself without encryption.
@@ryanzmuda3167 Search for "check for FileVault recovery key" and a few posts show up you can try. I've never used any of those techniques so I can't tell you if they will solve your problem or not.
Be aware that if you forget the file vault access code you can't sell that Mac unless you can get another comparable SSD and find a way to swap out the encrypted SDD which may or may not be soldered to the mother board.
I never knew what FileVault was or how it worked before now. Thanks Gary.
It’s almost like security with in security. Very informative video tutorial today! Thank you, Gary! 👏👍🏻❤️
Thanks Gary. Another great video!
ty nice and short and precise
Well, obviously this works with the boot device plugged in. Does it work with external drives whether they be spinning hard drive or SSD? Does it in crypt files as they go to dropbox or any other cloud device?
No. FileVault is for the boot drive. To protect an external drive, you can configure it to be encrypted when you format it in Disk Utility.
You answer my question very clearly, thanks a lot.
thank u for this video and answering questions in the comments!!
If you use a 3rd party Bluetooth keyboard and have filevault activated, you are unable to enter your password at boot time. I experienced this behavior with a MX keyboard from Logitech. I had to connect a wired keyboard every boot of my M1 Mac Mini. So I switched off filevault again.
Kirk Carver
0 seconds ago
How is a TimeMachine or Carbon Copy Clone backup affected by FileVault? Are the backups also encrypted? If you need to restore a computer using a TImeMachine backup? Does the encryption impede or affect a restore?
No affected. If you choose to make the Time Machine backup NOT encrypted then the files wouldn't be encrypted. Either way, you can restore as long as you know the Time Machine encryption passcode you set.
I’ll be using file vault on my new iMac ….when I can get the “pennies” together…😉😉😉
Excellent 👏👏
Per Apple, “If you have a Mac with Apple silicon or an Apple T2 Security Chip, your data is encrypted automatically. Turning on FileVault provides an extra layer of security by keeping someone from decrypting or getting access to your data without entering your login password.” Because of that, Macs with Apple silicon or a T2 security chip only take a few seconds to turn on FileVault. I just verified that my turning on FileVault on my 2019 MBP, which has a T2 security chip.
I’m trying to understand what a person would see in both cases if they accessed my drive when I’m logged out.
If I have FileVault turn off, would they still be able to identify individual files, but not read them because they are encrypted? If so, they would still be able to try to decrypt them.
OTOH if I have FileVault turned on, would they not be able to see individual files at all?
The drive is encrypted. Without decryption, it would just be garbage random bits.
Thank you
What if you access and transfer files among computers on a mixed network of Macs and Windows PC? Can I seamlessly copy and delete files on a Filevaulted Mac from my Windows and Linux computers on the same home network? Can I run Filevaluted applications on a Mac from other Macs on my home network or on a central file server?
Yes. Each computer handles access to its own files. So FileVault doesn't matter here. Not sure what you mean by "run Filevaluted applications on a Mac from other Macs" though. Each Mac would run its own applications.
Thank you so much for this video - Question - I decided to turn my file vault on and got a message that says: A recovery key has been set by your company, school, or institution. I bought this MBP from an Apple store and I'm the only user. This is very concerning to me. Is there a way to find what the recovery key has been set too?
Good question. I watched and read comments in several Techie File Vault vids and haven't seen anyone else mention this issue. I hope you found the answer, bc that seems like a unique (or weird) situation.
I had a question -
If the file is protected with FileVault and I transfer the file to a Windows machine, would the file be readable in the Windows system?
File Vault protects the data on the drive. When you open a file or move it the file is decrypted at that point. So moving a file across a network or onto another drive means the copy you make now has nothing to do with File Vault encryption. It is just a regular file.
Im confused , I read everything on the M1 is encrypted using their hardware T2 chip whether filevault is on or off, File vault secures the encryption key and password to get in , if the drive is removed it does not matter if filevault was on or off . Unless Im reading things incorrect. Seems the Encryption of the drive and filevault description here is for older macs. Maybe :)
The T2 encryption will protect the drive if it is removed from the computer an separated from the T2 chip. But it will not protect it if someone simply connects to the computer in Target Disk mode. FileVault does.
So, Im new to Mac and wondering how often or when will be required to input the File Vault Recivery Code? Everytime the computer is rebooted or turned off and back on again? What situations prompt for the code?
If everything works normally, you will never have to use it. Just entering your account password, like you do every day when logging on to your account on your Mac, will unlock FileVault so you can use your Mac normally. The recovery code is for if you forget your user password and want to access the disk without it.
I plan to start using FileVault and am wondering if it has any affect on apps like Chronosync when mirroring data to external drives? FileVault will only encrypt the internal drive, not the individual files or external drives being mirrored or backed-up correct ?
FileVault encrypts the internal drive. But it decrypts automatically for you when you are logged in. That includes any apps you are using.
@@macmost great, thank you!
Would there be any issues cloning an encrypted hard drive to one that is not encrypted? I have an external ssd I work off that I've just encrypted, and the drives I will mirror it to are not encrypted.
@@srphoto90 Issues in what sense? The non-encrypted drive is now a copy of your data that can be easily read by anyone, if that is what you mean.
@@macmost wasn't sure if the encrypted drives files mirror properly to a drive that's not encrypted. I'm essentially cloning files with chronosync from an encrypted ssd to a hdd that is not encrypted. Or does this not matter? Thanks
Sir on Mac files can be stored on both the native hard disk( Macintosh HD) or under a specific user account.
If someone were to take my Mac, open it up and connect its hard disk to another computer to view the files will the files that are saved inside my username folder be available to him?
Because ofcourse he doesn't know my password and can't login under my username.
I am talking about a mac with disabled filevault obviously.
Thanks and regards
If you have a recent Mac, then the data on the drive is encrypted. Someone wouldn't be able to access the data on it outside of your Mac. On older Macs you can do it too, using File Vault.
@@macmost if the data is already encrypted then why bother to turn filevault on sir?
Does it provide some kind of extra security to modern macs?
@@namansingh4684 The disk encryption protects the drive if it is taken from your Mac. But you need to enable File Vault to tie the encryption to your login account for total protection.
Ty for sharing. I got my first mac yesterday and is a macbook air m2. I absolutely love it but i am still learning on how to personalise and do its settings etc.
could i ask a question please - Do you recommend with FileVault on and with Firewall on to add an xtra layer such as an antivirus programme or will there be no need. For example, in all my iphones using along the years never had an issue re security , or to feel my data has been breached. So will this apply to a Mac?
FileVault, sure. Firewall, not needed. Anti-Virus, see: th-cam.com/video/Dhl9_P8uBw0/w-d-xo.html
Thank you!
I have not used this yet, but plan to do some traveling soon. I keep my genealogy docs copied to a separate portable drive. I’m going to assume that they would copy over in encrypted format, right? So only usable on my computer. I may need to rethink my iCloud usage. Thanks for your wisdom.
No, that's not how it works. If you copy a file to a drive the file is there on the drive as the real file. It isn't encrypted (unless that happens to be an encrypted drive).
@@macmost oh, good to know. 🙂 thanks!
Hi Gary, Great videos you have.
I have a 2021 Macbook Pro 16",
1) So i have file vault turned off, and if say it got stolen then nobody can read the files if they cant get into the computer, right?.
2)But if they took out the hard drive then could they access the files by putting the drive in to another computer?
3) If file vault is on then no one can read the files anywhere?
Back up with time mechine Is this encrypted if i don't have file vault turned on, or if i have file vault turned on then are the back ups drive encrypted or do i have to encrypt the back up as well
hope you make sense of this
many thanks
ste
You have an M1 MacBook Pro. With this Mac, the entire internal drive is encrypted. Even without FileVault it can't read the files. It would not be easy to remove the "hard drive" on newer Macs, because it isn't a separate part, it is integrated. You'd need to have some valuable state secrets on there for it to be worth it for someone to try. But even then, it is still encrypted. FileVault adds an extra layer of security. If you are concerned about security, use it. If not, then you still have most of the protection. When you start a Time Machine backup it gives you the option to encrypt it. Sounds like you want to say yes to that.
thank you for the reply much appreciated @@macmost
The m1 laptop m.2 drives are soldered to the board and they are protected by a chip. What's the point of turning this on on the m1 laptops?
For typical users, probably nothing. I suppose for those that need top-level data encryption, it makes it that much harder.
Connecting a hard drive to another PC isn't the only way to access your data. It is pretty easy to reset the password and access the MacBook itself without encryption.
Sad as it is, there's always the chance your Mac could get stolen. I just turn FileVault on for all my Macs. There's really no good reason not to.
How can a user see there recovery key if they know there login. Or see if they used iCloud. How do they know.
So you don't remember if you got a recovery key or used iCloud when you set it up? You probably used iCloud.
@@macmost it's not for most people would. Is there a way to check.
@@ryanzmuda3167 Search for "check for FileVault recovery key" and a few posts show up you can try. I've never used any of those techniques so I can't tell you if they will solve your problem or not.
@@macmost ok thank you will check.