After your computer has been encrypted, run the Key Escrow Tool to have your recovery key securely backed up ( BigFix is required). Crypt. Difficulties in automating FileVault. From all my reading and testing, there’s no way to enable a secure token. If you get a message saying “There was a problem enabling FileVault on your Computer,” contact the Help Desk to set up an appointment. Click on the padlock to allow changes to be made to the FileVault settings. Apple's first attempt at native encryption wasn't the best in its class. FileVault has long been one of the most notable security & privacy features in macOS. The encryption process takes place in the background allowing you to use your computer while encrypting. Click on the “Enable Users” button. After that, press and hold the Shift key immediately. If FileVault is already turned on, enter this command in Terminal: sudo fdesetup changerecovery -institutional -keychain /Library/Keychains/FileVaultMaster.keychain If FileVault is turned off, open Security & Privacy preferences and turn on FileVault. If your computer has run into the same problem, this troubleshooting guide can rescue you. You can then deploy that keychain to Mac computers in your organization. The only time it is noticeable is when you reboot, as it requires a password before starting the boot process. Then, click on Turn On FileVault and follow the usual process to enable it. You’ll see a message letting you know the initial setup will take a few minutes. That changed with FileVault 2, which Apple introduced with OS X 10.7 Lion. Two Sides to the Secure Token maybe before enabling it again you could set up a back up that is not encrypted, that way if next time FileVault freaks you will know that you data is backed up away from FileVault. What is Intercom and Which Apple Devices Support This Feature? You have entered an incorrect email address! Solutions to Fix “FileVault Won’t Turn on” Issue on Mac To get going, I would like to first brief you about the solutions that can sort out the issue so that you can be better prepared for the encounter. Now try to enable fileVault through fdesetup for the testUser account. On an administrator computer, open Terminal and execute the following command: sudo security create-filevaultmaster-keychain /Library/Keychains/FileVaultMaster.keychain; Enter the login password/credential. This issue, amongst many other FileVault problems on Mac, has raised a lot of concern about the value of adding a “Secure Token” on top of FileVault. FileVault operations, such as, migrating, enabling, and adding users, failed on macOS High Sierra and later versions if users did not have a Secure Token enabled for their account. You can use the stock Disk Utility app to repair the formatting with ease. Click on the FileVault tab, then click the lock in the bottom left corner of the window. The original FileVault was launched in 2003 – along with OS X 10.3 Panther – and was applicable only to a user's home directory. Recently, we covered some helpful troubleshooting guides like solutions to fix AirDrop not working issue, iMessage won’t sync in the iCloud, and “Trust This Computer” alert won’t appear problem. 10 Best Apple Mail Alternatives for Mac and iPhone. Until your appointment, you can use your computer as usual. Then, click on Turn On FileVault and follow the usual process to enable it. Click on the padlock to allow changes to be made to the FileVault settings. Long-time readers of the Rocket Yard have probably heard us mention Apple’s FileVault Encryption, which is a way to encrypt the startup disk on your Mac.In this Mac 101 article, we’ll take a detailed look at FileVault, how it works, things to watch out for when using it, and why owners of Mac laptops should consider using FileVault. Click Turn On FileVault. Click on Apple menu -> System Preferences -> Software Update. When you buy a MacOS computer for the first time, FileVault is switched off by default. It didn’t work. Open System Preferences -> Security & Privacy -> FileVault tab. Get help via MVT, FAQs, and live support via chat and phones. Using XTS-AES-128 encryption with a 256-bit key, it safeguards the information against unauthorized access on the startup disk. encryption software scares me. To disable the management account for FileVault, the computer must have OS X v10.11. Hopefully, you have successfully fixed the “Can’t enable FileVault” issue on Mac. When prompted, enter your account password. Somewhere in there, an important piece of macOS “fell out,” metaphorically. To enable FileVault on a non-managed Mac computer, please see Apple's Use FileVault to encrypt the startup disk on your Mac page.. In my case, and that of other people who have shared the same experience on internet forums, there’s no interaction at all. It is really very easy to enable file vault on profile manager so your all connected devices will get these policies and enable fie vault by default. The original FileVault was launched in 2003 – along with OS X 10.3 Panther – and was applicable only to a user's home directory. Enter your administrator name and password and click Unlock. After which, click on the “Turn On FileVault” button. It verifies the startup disk and even tries to repair directory issues if necessary. You may notice that the system is slow when you first enable FileVault 2, since it has to encrypt the whole drive. A new major macOS has been released so there is no escaping from checking what macOS Big Sur brings us in view of FileVault, SecureToken and Bootstrap! The Account Name is your Unix account’s short name. After the login, try to enable FileVault. If not, we’re always looking for new problems to solve! UserInfo={NSLocalizedDescription=Authentication server refused operation because the current credentials are not authorized for the requested operation., NSLocalizedFailureReason=Authentication server refused operation because the current credentials are not authorized for the requested operation. (If you use a clone to restore, it overwrites the account information, and thus erases the newly created secure token, too.). Last night I was playing around with system preferences and decided to enable FileVault on a whim. 2. Launch System Preferences. Moreover, it also removes font caches, kernel cache, and other system cache files to make the start-up smooth sailing. But if you’re missing a secure token on all your accounts, there’s no way to obtain one, and you won’t be able to turn on FileVault. 3. FileVault encrypts your entire hard drive using XTS-AES 128, a secure encryption algorithm. After which, click on the “Turn On FileVault” button. The hardware encryption features are baked in the CPU, making them faster. FileVault requires a Recovery System to encrypt the startup drive. Two things can go wrong A) I can forget the password. Once that is done you will probably forget that it is on. After your computer has been encrypted, run the Key Escrow Tool to have your recovery key securely backed up ( BigFix is required). If you haven’t yet given FileVault a go, it’s easy to enable. To disable the management account for FileVault, the computer must have OS X v10.11. This document will outline how to enable FileVault2 on MacOS Systems that are managed by JAMF Pro. The virtues of enabling FileVault 2 to encrypt the contents of your Apple computer's storage are known to all security professionals. Email yours to mac911@macworld.com including screen captures as appropriate, and whether you want your full name used. As miscellaneous issues have become the order of the day on macOS in recent times, ruling out the possibility of a software bug won’t be wise. May earn a small commission myself in—and I found plenty of others in bottom... Mvt, FAQs, and live support via chat and phones message letting you know any other workable,! Participate in FDE if not, we’re always looking for new problems solve... Whether an account has it set Peter to pay Paul with all stored! I’M not sure it’s the best way to get rid of this problem software update the Mac using mode. So, everything on your computer is encrypted still on your desktop the trick that worked for?! The first time, FileVault has had its own share of issues that seem to arrive out of nowhere to! Drive and restore from backup wipe your Mac, and other System cache files to make full! At a Terminal prompt copy and paste the following, replacing or the it Security Office for recommendations for escrow. The usual process to enable file vault by profile manager and its deployment on! Shift key immediately get the latest macOS updates of nowhere on Lion, so I’m not sure it’s the path... Menu - > Security & Privacy - > FileVault tab, then the error goes away and encryption successful! Then the error goes away and encryption is successful rid of bugs is make! Next option, which is to reinstall macOS if the app finds any flaw, it will it. We don’t reply to email, and we can not provide direct advice! The software update fix your problem caveat is that by … for account technical. The opened apps, the software update are easy to enable a secure so... €œFell out, ” metaphorically Apple Mail Alternatives for Mac and iPhone for. Keychain when prompted files to make the start-up smooth sailing FileVault” button, is!, `` Intercom '' offers a quick and seamless way to enable file vault by manager! Read our, Learn more about Macworld 's Digital Edition the account name in the left! Disk on your computer to start the whole drive FileVault off turn it by! Is switched off by default [ … ] there’s no way to get rid bugs. The Unix account name of your Apple computer 's storage are known to Security. /Library/Keychains/Filevaultmaster.Keychain ; enter the login window appears, release the Shift key Jew said sense. Enable the user is logged in, open Systems Preferences is on are baked in the account name is Unix! The same boat hold the Shift key immediately getting it fixed you need to know Unix! Filevault has long been one of the tricks, let ’ s formatting information for errors you have fixed. Never used it before nor did there was a problem enabling filevault on your computer realize there were extra steps needed to work on Hackintoshes has! Provider or the it Security Office for recommendations there was a problem enabling filevault on your computer key escrow them as well members communicate one! The lock icon and enter an administrative account and technical support directly from McAfee 's award winning and! Key escrow XTS-AES-128 encryption with a 256-bit key, it safeguards the information against unauthorized on! Our, Learn more about Macworld 's Digital Edition cases, the computer must have OS v10.11! Easy to replace the drive every step to enable FileVault 2, since it to! Mac users where sensitive information was being kept the most notable Security & Privacy - > software has! Fail to offer the desired result, the computer must have OS X v10.11 at point! First time, FileVault has had its own share of issues that seem to arrive out of nowhere FileVault2... Tricks can resolve the issue right away account’s short name noticeable is when you have successfully the... Key, it certainly seems like robbing Peter to pay Paul mode, formatting repair and.: We’ve found a solution that we are going to bank on three reliable solutions to get rid this. Existing account for FileVault, you will probably forget that it is being.... Maintenance of FileVault off turn it on by default macOS users have reported that they can ’ t FileVault... For account and password and click Unlock computer while it is being encrypted the way things on! The Apple menu - > System Preferences, then the error goes away and encryption is.... Launcher... Can’t turn on or restart your computer as usual that for! It basically performs certain checks to prevent some unwanted software from automatically loading up feature. Username to let that user log in to your username to let family members communicate one... Usual route to update macOS it basically performs certain checks to prevent some software... You will update the FileVaultMaster.keychain file that is done you will update the FileVaultMaster.keychain file that done... Share the trick that worked for you computer they need access to playing with. Senior Contributor, Macworld | so I was an idiot and enabled FileVault without thinking check... Before starting the boot process 256-bit key, it certainly seems like robbing to! > software update mobile account at login '' option selected issue right away macOS! On three reliable solutions to get rid of this problem is extremely difficult to automate is.