​FileVault Data Encryption For MacOS

FileVault is macOS’s built-in disk encryption feature. It's designed to encrypt your Mac's hard drive and all of the files located on the drive using 128-bit AES encryption with a 256-bit key.

Once FileVault is enabled on your Mac, all existing data will be encrypted. From then on, any new and changed data will be automatically locked down and password protected on boot to prevent unauthorized access.

Before you turn on FileVault, be aware that the initial encryption process can take hours. However, it does run in the background so you can continue using your Mac as normal, albeit not at peak levels of performance.

Also, FileVault encrypts the entire disk. Any additional users will need to be enabled so that they can unlock the disk by entering their password.

How to turn on FileVault disk encryption

1. Click on the Apple menu and select System Preferences.

2. Select Privacy & Security.

3. Click on the FileVault tab, then click the lock in the bottom left corner of the window.

4. Enter your administrator name and password and click Unlock.

5. Click Turn On FileVault.

6. Choose whether you want to link your iCloud account to FileVault to unlock the disk and reset your password or create a recovery key and click Continue.

7. Click Restart to reboot your Mac and begin the encryption process.

Choosing a FileVault Recovery Key

The FileVault recovery key deserves special mention here. If you choose this option over linking your iCloud account, it’s critical that you make a note of the recovery key and keep it in a safe place that’s not on your hard drive. Losing the recovery key makes your data unrecoverable so it’s worth writing it down and storing it in a safe place, as well as entering it into a password manager.

How do I turn off FileVault?

Once your disk has been encrypted you can turn off FileVault at any time. You might decide to do this if you find that the feature is too resource-heavy or this particular level of security isn’t for you.

1. Click on the Apple menu and select System Preferences.
2. Select Privacy & Security.
3. Click on the FileVault tab, then click the lock in the bottom left corner of the window.
4. Enter your administrator name and password.
5. Click Turn Off FileVault.