Relative sent their FileVault recovery key in an open email. Now what?

[Sippincider]

Helping a relative figure out why their Mac is creating a new FileVault key with each macOS update.

Well... they sent the full key in an open email. 🤦‍♂️🤦‍♂️🤦‍♂️

How big of a security risk is this now? Could an attacker gain access to their system with the recovery key? Risk of a physical attack is low, more concerned about being low-fruit for a remote attack.

(Mac is an Mx system, so if it's better just to generate a new key please advise how. Want to avoid having to walk them through toggling FileVault off/on and any pitfalls doing that.)

 

[NoBoMac]

Nothing to worry about the mailed recovery key as need physical access to use it.

(Mac is an Mx system, so if it's better just to generate a new key please advise how. Want to avoid having to walk them through toggling FileVault off/on and any pitfalls doing that.)

Well..... will need to toggle off and on FileVault to generate a new key.

No real pitfalls as files on M Macs are always encrypted and turning FileVault on only encrypts the master encryption key. Happens "instantly".

 

[Sippincider]

Nothing to worry about the mailed recovery key as need physical access to use it.

No real pitfalls as files on M Macs are always encrypted and turning FileVault on only encrypts the master encryption key. Happens "instantly".

Good news on both of these, thank you.

Also good news that the key changes "instantly" on these machines. Didn't want to start a multi-hour process of the entire drive decrypting/encrypting itself and having an error (or someone getting impatient and doing a hard reboot... ).