Hard Drive Encryption Software For Mac

Nov 30, 2018  Use FileVault to encrypt the startup disk on your Mac FileVault full-disk encryption (FileVault 2) uses XTS-AES-128 encryption with a 256-bit key to help prevent unauthorized access to the information on your startup disk. Store and share sensitive files securely with the latest in encryption software. Manage Microsoft BitLocker drive encryption, lock/unlock drives protected by BitLocker. Popular in mac.

Turn on and set up FileVault

Hard Drive Encryption Software For Mac Windows 10

FileVault 2 is available in OS X Lion or later. When FileVault is turned on, your Mac always requires that you log in with your account password.

Mac
  1. Choose Apple menu () > System Preferences, then click Security & Privacy.
  2. Click the FileVault tab.
  3. Click , then enter an administrator name and password.
  4. Click Turn On FileVault.

If other users have accounts on your Mac, you might see a message that each user must type in their password before they will be able to unlock the disk. For each user, click the Enable User button and enter the user's password. User accounts that you add after turning on FileVault are automatically enabled.

Choose how you want to be able to unlock your disk and reset your password, in case you ever forget your password:

  • If you're using OS X Yosemite or later, you can choose to use your iCloud account to unlock your disk and reset your password.*
  • If you're using OS X Mavericks, you can choose to store a FileVault recovery key with Apple by providing the questions and answers to three security questions. Choose answers that you're sure to remember.*
  • If you don't want to use iCloud FileVault recovery, you can create a local recovery key. Keep the letters and numbers of the key somewhere safe—other than on your encrypted startup disk.

If you lose both your account password and your FileVault recovery key, you won't be able to log in to your Mac or access the data on your startup disk.

Hard Drive Encryption Software For Mac

Encryption occurs in the background as you use your Mac, and only while your Mac is awake and plugged in to AC power. You can check progress in the FileVault section of Security & Privacy preferences. Any new files that you create are automatically encrypted as they are saved to your startup disk.

When FileVault setup is complete and you restart your Mac, you will use your account password to unlock your disk and allow your Mac to finish starting up. FileVault requires that you log in every time your Mac starts up, and no account is permitted to log in automatically.

Mac Os Encryption

Reset your password or change your FileVault recovery key

If you forget your account password or it doesn't work, you might be able to reset your password.

If you want to change the recovery key used to encrypt your startup disk, turn off FileVault in Security & Privacy preferences. You can then turn it on again to generate a new key and disable all older keys.

Hard

Turn off FileVault

If you no longer want to encrypt your startup disk, you can turn off FileVault:

  1. Choose Apple menu > System Preferences, then click Security & Privacy.
  2. Click the FileVault tab.
  3. Click , then enter an administrator name and password.
  4. Click Turn Off FileVault.

Decryption occurs in the background as you use your Mac, and only while your Mac is awake and plugged in to AC power. You can check progress in the FileVault section of Security & Privacy preferences.

Learn more

  • Learn how to create and deploy a FileVault recovery key for Mac computers in your company, school, or other institution.
  • If you're using FileVault in Mac OS X Snow Leopard, you can upgrade to FileVault 2 by upgrading to OS X Lion or later. After upgrading OS X, open FileVault preferences and follow the onscreen instructions to upgrade FileVault.
  • RAID partitions or non-standard Boot Camp partitions on the startup drive might prevent OS X from installing a local Recovery System. Without a Recovery System, FileVault won't encrypt your startup drive. Learn more.

* If you store your recovery key with Apple or your iCloud account, there's no guarantee that Apple will be able to give you the key if you lose or forget it. Not all languages and regions are serviced by AppleCare or iCloud, and not all AppleCare-serviced regions offer support in every language. If you set up your Mac for a language that AppleCare doesn't support, then turn on FileVault and store your key with Apple (OS X Mavericks only), your security questions and answers could be in a language that AppleCare doesn't support.

Mac computers that have the Apple T2 Security Chip integrate security into both software and hardware to provide encrypted-storage capabilities. Data on the built-in, solid-state drive (SSD) is encrypted using a hardware-accelerated AES engine built into the T2 chip. This encryption is performed with 256-bit keys tied to a unique identifier within the T2 chip.

The advanced encryption technology integrated into the T2 chip provides line-speed encryption, but it also means that if the portion of the T2 chip containing your encryption keys becomes damaged, you might need to restore the content of your drive from a backup. This content includes system files, apps, accounts, preferences, music, photos, movies, and documents.

Always back up your content to a secure external drive or other secure backup location so that you can restore it, if necessary. You should also turn on FileVault for additional security, because without FileVault enabled, your encrypted SSDs automatically mount and decrypt when connected to your Mac.

Make a backup

Set up Time Machine or another backup method to regularly back up your Mac to a secure external source.

Files that you store in iCloud Drive, as well as photos and videos that you store in iCloud Photo Library, are automatically uploaded to iCloud. When you use iCloud Photo Library, full-resolution photos and videos are stored on your Mac by default and included in a Time Machine backup. If you choose to optimize iCloud Photo Library on your Mac, the full-resolution originals are not included in a Time Machine backup.

Turn on FileVault

Though the SSD in computers that have the Apple T2 Security Chip is encrypted, you should turn on FileVault so that your Mac requires a password to decrypt your data.

To turn on FileVault, follow these steps:

  1. Choose Apple menu () > System Preferences, then click Security & Privacy.
  2. Click the FileVault tab.
  3. Click , then enter an administrator name and password.
  4. Click Turn On FileVault.