Mac

What Is FileVault on macOS and How Do I Use It?

Kris Wouk Updated 16-12-2019

Most people are aware that privacy is a big concern when it comes to digital information. How can you be sure that the data on your computer is kept safe from prying eyes?

Advertisement

Using strong passwords can help keep your information safe, but that’s only a small part of what you can do to protect your privacy. Encryption play a big part in safeguarding your information, especially if your laptop gets stolen. That’s why FileVault disk encryption on your Mac is a lifesaver.

What Is FileVault? A Brief History

Apple’s FileVault is a type of disk encryption. What this means is that it hides your information from prying eyes by essentially scrambling it. If somebody were to look at an encrypted text file, for example, it would look like complete gibberish. The only way to unscramble it is by using a key that only you (or in this case, macOS) know.

If someone steals your laptop, they might have the hardware, but they can’t get to the information. This applies even if they take out the disk and try to read it with another computer. Without encryption, doing so would allow anyone to easily see what’s on your storage drive.

The original version of FileVault wasn’t as useful as it could be. It encrypted your home folder, which is likely where all your personal data is, but left the rest of your system untouched. If a program stored private information somewhere else on your system, it wasn’t protected.

A fully encrypted disk

Advertisement

Starting in Mac OS X Lion, Apple introduced FileVault 2. This encrypts your entire SSD or hard drive instead of just your home folder. As another benefit, FileVault 2 also uses overall stronger encryption than the original version, helping to keep your data even safer.

Going forward, you may encounter some terms you’re not familiar with. While we’ll try to keep it simple, encryption is a complex topic, so there may be cases where you came across more technical terms. We have a list of basic encryption terms 10 Basic Encryption Terms Everyone Should Know and Understand Everyone's talking about encryption, but if you find yourself lost or confused, here are some key encryption terms to know that'll bring you up to speed. Read More that should help you out in that case.

Should You Use FileVault?

If you’re wondering whether you should use FileVault, the default answer is yes, you should. There aren’t many occasions where it’s a bad idea to use FileVault. That said, FileVault encryption is more useful in some cases than others.

If you have an old Mac mini sitting in your house that you use to store your iTunes music catalog for playing over Airplay, FileVault isn’t strictly necessary. On the other hand, on the MacBook that you carry with you for business, FileVault disk encryption is essential. If you travel with your Mac laptop frequently, take a look at our list of tips for keeping your Mac safe on the road 8 Ways to Make Traveling With Your Mac Secure and Simple Traveling with your MacBook? Here are some essential tips to secure your machine and make bringing it along easier than ever. Read More .

Advertisement

You should know that FileVault encryption doesn’t come without a cost. On any device, encryption will have some sort of performance penalty.

In most cases, encryption only adds marginal performance overhead, but if your computer is already struggling, this may slow it down even more. If you’re using a RAID setup or run Boot Camp, you may not be able to use FileVault at all.

Password protection is part of the encryption process

Once FileVault has encrypted your disk, you must log into your computer with your account password to unlock your files. As a consequence, you cannot use automatic login on your Mac when FileVault is enabled.

Advertisement

You may already have FileVault encryption enabled on your computer, especially if you bought your Mac recently. In the next section, we’ll look at how you can check.

Is FileVault Already Enabled on Your Mac?

Checking whether you have FileVault enabled on your Mac is simple. Open System Preferences, then navigate to the Security & Privacy settings. Here, select the FileVault tab at the top of the screen.

You’ll see a brief overview of what FileVault does, as well as a grayed-out button to turn it on or off. At the bottom of this screen, you may see a message saying FileVault is turned on for the disk “Macintosh HD” or something similar. If you do see this message, FileVault is already enabled on your computer.

Message displaying that FileVault is enabled

Advertisement

If the message instead begins with FileVault is turned off, you’ll need to enable it manually.

How to Enable FileVault on Your Mac

Enabling FileVault is simple. If you’re not already there, launch System Preferences, then click on Security & Privacy. Here, click on the FileVault tab.

On this page, you’ll notice the button labeled Turn On FileVault is disabled. All you need to do is click the lock icon at the bottom of the screen, then enter your administrator password. Now click the button to enable FileVault encryption.

Enabling FileVault encryption

If you have multiple users on your computer, you’ll need to enter the password for each user. Now you need to choose how to unlock your disk and reset your password if you ever forget it. You have two options: use iCloud to unlock your disk, or create a FileVault recovery key.

Using iCloud is easier, but slightly less secure. If someone can compromise your iCloud account, they can decrypt your computer’s drive. Using a FileVault recovery key is typically more secure, but if you ever lose this key and forget your password, there is no way to recover it.

Choosing iCloud or FileVault recovery key

If you opt to use a FileVault recovery key, keep it safe. This means you should store it somewhere other than your now-encrypted Mac system drive, such as a password manager or a safe. No matter which method you choose, encryption will take a while, but it happens in the background so you can keep using your computer.

How to Disable FileVault

Disabling FileVault disk encryption, should you ever want to, is easy. The process starts the same way that enabling FileVault does. Open System Preferences, then go to Security & Privacy and click the FileVault tab. Click the lock at the bottom of the screen and enter your password.

Turning off FileVault

Now, click the button labeled Turn Off FileVault. The decryption process will start. As with encryption, this takes place in the background, so feel free to continue using your computer.

FileVault Is Just the Beginning of Encryption

Using strong passwords and encrypting your Mac with FileVault encryption will go a long way toward keeping your information safe. However, you can do much more. Each additional method you add is another lock on the door between your data and someone looking to get their hands on it.

This could mean switching to a more secure email provider or using two-factor authentication, but it often means even more encryption. If enabling FileVault on your Mac has you wondering where else you might be able to use encryption, you’ve got options. For a place to start, take a look at our guide to using encryption in your daily life 5 Ways to Encrypt Your Daily Life With Very Little Effort Digital encryption is now an integral part of modern life, protecting your personal information and keeping you safe online. Read More .

Related topics: Computer Security, Encryption, Mac Tips.

Affiliate Disclosure: By buying the products we recommend, you help keep the site alive. Read more.

Whatsapp Pinterest

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. Azrn
    December 30, 2014 at 4:42 pm

    hi, i try to unlock the changes. after i fill the password it lock back. how to turn unlock it n turn on file vault? did i need to create the file vault 2?

  2. K. C.
    May 30, 2014 at 12:06 am

    This is all very nice, but I don't trust any of the native encryption methods. I'm sure they have a backdoor in place for NSA and other 3 letter agencies.
    Without access to the source code we'll never know. That's why closed source is untrustworthy wrt security.
    AFAIK the backdoor is a requirement for U.S. companies and Apple is a U.S. company.
    So much for encrypting your data with OS means.