As someone who has spent many months over the years trying to recover files from failing disks, FileVault would have been a disaster. In most cases, I have been able to recover 80-90% of the files completely and earned the owner’s eternal gratitude. If they were encrypted, I may have been able to recover the files but would the contents ever be able to be used?
Perhaps the problem has gone away with the use of SSDs. With magnetic disks, you could just keep reading a block hundreds of times and if once it worked, you had the data. From my experience, an SSD is either working or irretrievably dead.
Given that all data on Apple internal SSDs is already encrypted, I don’t think historical experiences with recovering data from hard disks are particularly relevant anymore. That’s why I explicitly described it as DriveSavers-level recovery that would use the Mac’s hardware key to decrypt the data as it was being recovered. Plus, SSDs and modern filesystems are less likely to suffer corruption to start.
Of course, none of this extreme data recovery is necessary when data is backed up, as it should be.
I can imagine situations where it would be good to have File Vault enabled. For now, however, having nothing to hide, I store nothing on my drives that I wouldn’t be willing to share with anyone. I don’t keep, say, unencrypted passwords or recovery keys on my drives, but I do want my heirs/executors/holders of powers of attorney to be able to access my records.
Maybe I’m just thinking about such eventualities because of my age, but I also remember having to do the same as executor of my dad’s will. His iBook wasn’t password protected (a small relief at the time), but his estate-relevant information was kept in AppleWorks formats, and it took me some effort to find applications that could extract information from those files. (Pages, for example, was introduced just after my father’s death.)
Just a quick warning though: in my work as an Apple-specific consultant, I’ve seen folks experience serious data loss due to FileVault corruption of some kind. We never could figure out how it happened, but we had no recourse but to erase the drive and set up as new. I’ve never trusted FV since then.
I believe that should no longer be an issue for Apple Silicon or Intel machines with T2 and SSD boot drives - which should be the only machines running Tahoe. If I am reading Howard Oakley’s explanation right, data is always encrypted on these drives, and turning on FileVault should only protect the actual encryption key from anyone without the passphrase to an account with FileVault unlocking permission. So, turning on FileVault on these machines does not change the encryption of data on the volume at all, so should not cause any sort of corruption.
Some things that are important to know for those of you who administer Macs and/or running a Mac as a server. If FileVault gets enabled, you can’t access the login screen over the network (immediately following boot up). AND following a power on, or reboot, if the system isn’t logged into within a certain time window (seems like 5-10 minutes), the system will shut down. These factors can really screw you over, if you aren’t prepared for them.
Regarding the talk of getting locked out…
I’ve been an independent Apple consultant for 25+ years and I regularly encounter people that “forget” their login password. This used to not be a big deal. There were workarounds. But those went away in recent years, as Apple has tightened up Mac security.
This makes it important to have an alternative admin login on every Mac. Especially in light of a Mac OS bug that rears its head sometimes, where even typing in the correct password is not acknowledged as correct and you get locked out of user account.
There are only two workarounds:
Boot into Restore mode and use terminal ‘resetpassword’ command (a pain for those not familiar)
Boot into alternate admin account and reset the user account password in question (you can reset it to the same thing that it was before, this action unlocks the account in question).
But with macOS Tahoe, if you have ‘Remote Access’ enabled in your Sharing settings (this enables SSH access), you can now log in via SSH pre user login, then enter an Administrator’s account password to ‘unlock’ the machine and complete the full boot.
And at that point, you can either log in via normal SSH, or use tools like Screen Sharing.
One quirk: if my Mac was only connected to WiFi, I couldn’t get connected pre-login. If I plugged it into Ethernet (wired networking), it worked fine. Not sure if that’s a bug or if that’s by design (maybe the WiFi password, which is stored in the account’s Keychain, isn’t accessible during early boot stages when the ‘lightweight SSH’ server is running?).
Can you explain how this happens? They can’t use the Mac without it, so it’s hard to see how they could forget without some effort, such as changing it multiple times in quick succession and then not needing it for the maximum 6.5 days before being asked again.
Though if you’re using auto-login, I believe macOS prevents you from using FileVault, so forgetting a password on a Mac that does auto-login couldn’t cause additional data recovery problems due to FileVault boot protection.
I can say that this has happened to me. I created a new user account on a Mac, basically a temporary account to try something out, and forgot to write down the password, and couldn’t remember or guess the password the next time I wanted to use the computer with that account. Of course this was fine with me - I could just roll my eyes at myself, log in to my normal account, delete the account, and create a new one again.
So I could see the scenario: a user gets a new computer, sets up the first account, uses the computer for a while, and then can’t remember the password the next time they are prompted for it - because it is possible to use a computer, as you say, for up to about a week before being prompted for the passcode again. I see this a lot, usually about phones or iPads, on Reddit - though I sometimes suspect it is someone who has “found” a device and is trying to find a workaround for knowing the passphrase, I truly believe that there are people who set up these devices and almost immediately forget their passcode. Actually, it seems to happen a lot with Apple Account / Apple ID passwords.
Fair enough, though in such a scenario, there’s little opportunity to create enough data that being unable to use DriveSavers-level repair would be problematic.
Which was why I specifically said in the article: “for someone experiencing cognitive decline.” It’s very sad, and I’m sure it happens all the time.
I’ve been an independent Apple consultant for 25+ years and I regularly encounter people that “forget” their login password.
Ditto, but I would say it happens astonishingly often.
They set-up their new computer and then are aghast a year later when they need to put in their login password because: auto-login was set; they never updated the OS; they never installed new software; they never wrote anything down.
Further, you have folks who get nervous when they’re asked for their AppleID, Apple Account, or Administrator login. (Gee! Might Apple want to make a clear visual and verbal distinction when requiring nervous-making things?) And then they mistype things long past the try-limit and . . . meltdown.
Don’t even talk to me about banks & credit card sites with quiz questions, 2FA, etc. which seem to cause near collapse when passwords are forgotten and money is on the line.
This is why, to the great amusement of my more discerning clients, that I forced them to purchase a notebook and note down every password they have—every time they changed it (put a lot of blank spaces between entries). On paper. In ink. And kept in a secret drawer that only their wives and husbands and trusted second-in-commands know about.
For fancy persons using password managers, I forced them to print out the database every 6 months or so. (Apple’s Passwords now makes this very easy where you can export a CSV.)
Why? Because when you’re distracted and/or beside yourself with worry about making the mortgage payment in time paper & ink is hugely comforting.
We had an office of about 50 Macs. Everyone had access to the same things and everything was on the servers so machine security wasn’t really an issue. Many of these machines would have been logged in for many months without restarting and if you asked a user for their password they would have no idea. They’d give their email password, their server login and pretty much anything other than the machine password. We caved and ended up giving all machines the same login and they’d need to call admins for any updates (that was a requirement anyway - no-one could install anything without the admin’s approval). I should point out everyone had different server and email loigins which were deactivated when someone left.
It wasn’t highly secure but worked for us. The point is machines can go for lengthy periods without requiring a password. Our record for a machine being on was over 5 years - an old Filemaker Server which just ran until we changed systems.
All these stories about how people forget their passwords makes me think we should recommend FileVault even more strongly, since then they won’t be able to use auto-login and forget their password.
