10.4: A FileVault/wake from sleep password issue

Jul 10, '06 07:30:03AM

Contributed by: martyl

Beware sleeping your Mac from a FileVault account! I have a FileVault-enabled non-admin on my PowerBook G4, and I have it set to require a password to wake the computer from sleep or screensaver.

If I close or sleep my PB under this account (or choose Lock Screen from the Keychain menu), then wake it, the system asks for password authentication. However, if I then type the name and password of an admin account (instead of the FileVault account), voila! I get full access to the encrypted account and all FileVault contents.

The screensaver authentication is apparently significantly different (and less secure) than the loginwindow authentication.

[robg adds: I haven't tested this one, so if someone who uses FileVault could confirm it, please post your results in the comments.]

Comments (13)


Mac OS X Hints
http://hints.macworld.com/article.php?story=20060705184726593