FileVault - Yes or No

[Leon1das]

And here is the video. Kept it at low res - but you can see no password required with FV off...

If I was able to "tweak" something without intent - I can bet that someone could misuse this with the actual intent.
Therefore I will keep my FV on until I get support confirmation from Apple.

 

[Apple_Robert]

And here is the video. Kept it at low res - but you can see no password required with FV off...

View attachment 1726788

Thanks for making the video. That is very, very strange. I wonder if anyone else with an M1 is able to bypass a password requirement like that.

Does your Disk Utility look the same as mine?

*Disregard photo. I forgot it was taken after I rebooted and turned FV back on.

 

[Leon1das]

I am running 11.2 with a clean install and no migration.

Maybe I will just reinstall with 11.2 and see where it takes me..

But in the meanwhile would be great if anyone else who is on 11.1 could confirm if they have the same experience like me.

 

[Leon1das]

Thanks for making the video. That is very, very strange. I wonder if anyone else with an M1 is able to bypass a password requirement like that.

Does your Disk Utility look the same as mine?

Actually NO... On my drives - there is a missing word Encrypted which you have in your screenshots.
So format is APFS, and not APFS Encrypted like in your screenshots.

Which makes me wonder - if your FV is OFF how come you do have encryption?

 

[Apple_Robert]

Actually NO... On my drives - there is a missing word Encrypted which you have in your screenshots.
So format is APFS, and not APFS Encrypted like in your screenshots.

Which makes me wonder - if your FV is OFF how come you do have encryption?

Disregard that second photo. I forgot that was taken after I rebooted and turned FV back on. I will take anther shot. This is with FV off.

 

[Leon1das]

Disregard that second photo. I forgot that was taken after rebooted and turned FV back on. I will take anther shot. This is with FV off.

I confirm - its the same

 

[Apple_Robert]

I confirm - its the same

View attachment 1726798

Not a very good video one-handed but, it gets the job done.

 

[Quackers]

Even with FV off, it still says a password is required to access data. Granted, that is primarily referring to the regular boot process but, it also applies to entering Recovery mode, as far as I am aware. Does your screen show the same? After holding down the power button until you get the loading options cog wheel and clicking continue, you should see picture 2 in Recovery Console. Those two pictures were taken just now.

I get the second picture in your attachments. I can't get any further without clicking on the username and entering a password. (Interestingly I never got that screen on my returned M1 MBP, which was on 11.1).
This is on my new M1 MBA which was immediately upgraded from 11.1 to 11.2 and has never had FV turned on.

 

[Leon1das]

Thanks for the video - its clear...
I will raise the ticket with Apple tomorrow - and see where it takes me..
Since i didnt fiddle with any system settings - I see this as a potential security hole.
Meanwhile if anyone sees similar behaviour - please report here.

 

[Quackers]

I'll tell you one other thing that's different with 11.2
My Data volume is just called Data, not Macintosh HD - Data, even though the system volume is called Macintosh HD as normal.

 

[Apple_Robert]

I get the second picture in your attachments. I can't get any further without clicking on the username and entering a password. (Interestingly I never got that screen on my returned M1 MBP, which was on 11.1).
This is on my new M1 MBA which was immediately upgraded from 11.1 to 11.2 and has never had FV turned on.

Interesting. I wonder if Apple patched a problem with 11.1? I haven't looked at the release notes for 11.2, yet.

 

[Quackers]

Interesting. I wonder if Apple patched a problem with 11.1? I haven't looked at the release notes for 11.2, yet.

Just edited post 60 to add screenshot.
I wonder too They could have fixed the password bypass error.

 

[Apple_Robert]

I'll tell you one other thing that's different with 11.2
My Data volume is just called Data, not Macintosh HD - Data, even though the system volume is called Macintosh HD as normal.

You can rename that if you want. It really doesn't make a difference all though, if what you are seeing is straight from factory, that is interesting. I did a clean install this morning testing things and the pic I posted looks the same as when I opened it out of the box.

 

[Quackers]

You can rename that if you want. It really doesn't make a difference all though, if what you are seeing is straight from factory, that is interesting. I did a clean install this morning testing things and the pic I posted looks the same as when I opened it out of the box.

Sadly I can't confirm whether the data partiiton was called Macintosh HD - Data before I upgraded to 11.2 as I never looked. I literally set it up as it came and then upgraded. Didn't even sign in to Apple ID until later.
The name is immaterial to me, I'll just leave it how it is.

 

[gnasher729]

I agree with the prior posts talking about the slow old days. The lag was noticeable and it would take days to encrypt a large drive. Glad those days are over.

But then you could use the drive immediately.

 

[Mike Boreham]

But in the meanwhile would be great if anyone else who is on 11.1 could confirm if they have the same experience like me.

Many people who are not interested in FileVault may not bother reading this thread. In your shoes I would start a new thread asking all M1 owners to say if they can fully launch Recovery without being asked a password, and if they have FV enabled.

 

[Mike Boreham]

I am confused!

This recent article which includes M1 Macs says you can reset the password simply by booting to Recovery. This is what Leon1das appears to be experiencing

The More detailed article about Recovery mode, linked in the first article, clearly says "Select a user with administrator privileges and enter the account password when asked". This is what other M1 owners in the thread experience.

Maybe the conclusion is that CNET are not to be trusted.

 

[Apple_Robert]

But then you could use the drive immediately.

That is true. It was ok once it finally got done encrypting or decrypting. I just several days to get done, which irritated me (as to the latter) because I needed to do something sooner with the drive.

 

[Mike Boreham]

I am confused!

This recent article which includes M1 Macs says you can reset the password simply by booting to Recovery. This is what Leon1das appears to be experiencing

The More detailed article about Recovery mode, linked in the first article, clearly says "Select a user with administrator privileges and enter the account password when asked". This is what other M1 owners in the thread experience.

Maybe the conclusion is that CNET are not to be trusted.

I am further confused by discovering that I can boot my Intel iMac to Recovery without a password, and open Disk Utility and Terminal.

So if Intel MacBooks are like this they apparently all have what I called a "crass blunder by Apple".

Clearly I don't understand something about this whole issue.

 

[svanstrom]

I am further confused by discovering that I can boot my Intel iMac to Recovery without a password, and open Disk Utility and Terminal.

So if Intel MacBooks are like this they apparently all have what I called a "crass blunder by Apple".

Clearly I don't understand something about this whole issue.

Set a firmware password on your Mac - Apple Support

When you set a firmware password, users who don't have the password can't start up from any disk other than the designated startup disk.

support.apple.com

 

[Mike Boreham]

Set a firmware password on your Mac - Apple Support

When you set a firmware password, users who don't have the password can't start up from any disk other than the designated startup disk.

support.apple.com

Thanks. Yes I understand that setting a Firmware Password or setting Filevault makes booting to Recovery secure.

What I am surprised about is that the majority of Macs out there will not have a Firmware password set, and most not use Filevault....so all are insecure in that anyone stealing the Mac can launch Recovery, reset the password and access data through Terminal. This is news to me.

M1 Macs apparently are more secure (except Leon1das's) because Recovery is secure without setting a Firmware password or turning on Filevault.

Is this your understanding?

 

[Leon1das]

OK I solved it with Apple support.

For M1 Macs: If FileVault is OFF + Find my Mac is OFF = booting to Recovery does not require password and will leave your data fully unprotected..

Make sure that either one of these is ON.

Thanks for everyone's help - esp Apple_Robert

 

[Apple_Robert]

OK I solved it with Apple support.

If FileVault is OFF + Find my Mac is OFF = booting to Recovery does not require password and will leave your data fully unprotected..

Make sure that either one of these is ON.

Thanks for the follow up. I didn't think to ask whether or not you had "Find My" turned on. Glad that mystery is cleared up.

 

[Mike Boreham]

OK I solved it with Apple support.

If FileVault is OFF + Find my Mac is OFF = booting to Recovery does not require password and will leave your data fully unprotected..

Make sure that either one of these is ON.

Glad you have solved it!

Your post also explains why my Intel iMac boots to Recovery with no password....Find my Mac was OFF. !

I don't know why it was off, I always have Find my Mac ON , but have noticed it is sometimes turned off after system updates. I usually check this but obviously not this time. Maybe that is the reason your FMM was off.

Useful discussion....I have learned things!

 

[Mike Boreham]

Glad you have solved it!

Your post also explains why my Intel iMac boots to Recovery with no password....Find my Mac was OFF. !

I don't know why it was off, I always have Find my Mac ON , but have noticed it is sometimes turned off after system updates. I usually check this but obviously not this time. Maybe that is the reason your FMM was off.

Useful discussion....I have learned things!

Hmmm.....even with Find My Mac on, (and Filevault off) my Intel iMac still boots to Recovery without a password. Tried twice FMM is definitely on.

@Leon1das was the advice from Apple Support to have either FV or FMM on, specific to M1 Macs, or all Macs? From my experience seems specific to M1 Macs.