How secure is FileVault?


I'm pretty new to the world of Mac, having used mostly Windows PCs for more years than I like to admit. I've never used FileVault before, but I just turned on FileVault on my work issued MacBook. Is this really a secure encryption method, or is it just a weak "consumer use" security blanket?

Tags: FileVault, mac
Topic: Security
Answer this Question


2 total
Vote Up (10)

Here's a good background article.


"FileVault 1 was introduced with Mac OS X Panther. Encryption may apply to a user's home directory, but not the startup volume. The operating system uses an encrypted sparse disk image – a large single file – to present a volume for the home directory.
Mac OS X Leopard and Mac OS X Snow Leopard use more modern sparse bundle disk images[1] – 8 MB bands (files) within a bundle.

OS X Lion and greater offer FileVault 2,[2] which encrypts the OS X startup volume in its entirety and typically includes the home directory – without using a disk image. For this approach to disk encryption, authorised users’ information is loaded from a separate non encrypted boot volume[3] (partition/slice type Apple_Boot).

Systems with FileVault 2 may describe FileVault 1 as legacy FileVault."

Vote Up (7)

FireVault II is as secure as your password for the most part. It uses 128-bit AES encryption. If someone got hold of your Mac and didn't have your FireVault password, they might be able to boot it from an external drive, but that would only let them reach the non-encrypted portions of your system (which at least in the original FireVault was all the stuff that is not in your home folder.

Ask a question

Join Now or Sign In to ask a question.
A type of body scanner in wide use across U.S. airports through last year fails to spot well-concealed weapons including guns and knives, computer security researchers contend.
A modified version of Android uses a system of modularized plugins to help make sure the latest security tools make it into the hands of end users as quickly as possible.
The UPS Store said Wednesday that malicious software was found on the systems of 51 of its franchises in 24 U.S. states, although no fraud has been detected yet.
Start-up SentinelOne is offering security software for behavior-based malware detection intended to augment, not replace, the type of full anti-virus endpoint protection suites that typically also have signature-based defense, a firewall and other features.
A type of malware called Reveton, which falsely warns users they've broken the law and demands payment of a fine, has been upgraded with powerful password stealing functions, according to Avast.
An analysis by security researchers of 48,000 extensions for Google's Chrome browser uncovered many that are used for fraud and data theft, actions that are mostly undetectable to regular users.
University and vendor researchers are congregating in San Diego this week at USENIX Security '14 to share the latest findings in security and privacy, and here are 5 that jumped out to me as being particularly interesting.
Nearly all of Facebook's outbound notification emails are now encrypted while traveling the Internet, a collaborative feat that comes from the technology industry's push to thwart the NSA's spying programs.
Many former employees retain alarming levels of access to critical business applications after they've stopped working for a company, a survey for cloud services firm Intermedia has claimed.
Symantec will consolidate its cluttered Norton line of security software, folding nine products into one online service that can be used across desktop computers and mobile devices.
Join us: