macOS FileVault Encryption

Macs running macOS 10.14 Mojave or greater are eligible for this service.

Computer encryption for Macs is provided by FileVault2.  Sophos Central is installed and stores a copy of the FileVault recovery key on a secure central server.

Index:

Changes to your computer with FileVault Encryption

Once your computer has been encrypted with FileVault, you may notice some minor changes to the way things look on your computer.


Not all user logins are available (Authorized User Account)

If you attempt to login but cannot find your user account when accessing a computer, it may be that your account isn't an authorized user. You can authorize additional users to power on the Mac. This requires an administrator account and the user to be added must enter their password.

To allow additional users to power on the Mac:

  1. Go to System Preferences > Security & Privacy > FileVault tab
  2. Click the lock in the bottom left corner and enter an administrator's username and password
  3. Click on the Enable Users... button
  4. Select a user to add from the list and click the Enable User... button next to the user name
  5. The selected user must then enter their password
  6. The user is now able to log in after powering on the computer
"Enable Users..." in FileVault options in system preferences

Add additional users to boot your mac via system preferences: Click the apple icon on the top left ->

If you are unable to add authorized users please submit a ticket to help@ucsc.edu mentioning encryption and "Add FileVault Authorized Users".

Recovery Process

If you forget your macOS logon password, use the following steps to get your recovery key -

  1. After entering your password incorrectly 3 times, you will be offered the option to enter your recovery key.
    • On Intel based Macs, you'll be able to enter your recovery key at the Login screen
    • On Apple Silicon based Macs, you will reboot into a recovery mode where you will be enter the recovery key
  2. Contact your local support technician or email help@ucsc.edu to receive a recovery key
  3. Enter the recovery key
  4. The Mac starts and you are asked to enter a new password and a password hint.

 

To get the prompt for your recovery key. Click the question mark within the text bar. If it is not visible, try incorrectly entering your password. 

How to confirm Sophos Central is installed

You will see the Sophos shield icon in the menu bar

sophoswin.png