|
|
10.4: A FileVault/wake from sleep password issue
no, you don't understand how file vault works.
10.4: A FileVault/wake from sleep password issue
yes but how does it decrypt it? I would bet it does not use the users passwrod to encrypt it since then you could not (easily) change a users password. I bet it uses the keychain. in whihc case everything I said is correct. that is the act of loggin in foirced by root would decrypt it.
You're correct, except not
You're correct in that the FileVault image is not encrypted with the user's password. It's encrypted with a private key that is stored in the keychain. The keychain, however, is encrypted with the user's password. [very slightly simplified]
That's why changing the account password through any method other than the Accounts prefpane results in numerous dialogs asking for the "password for the keychain 'login.'" A user cannot unlock a keychain unless the password is known, even if blessed with Admin powers. That's also why the Master Password is so important for FileVault - without that, any time the account password is forgotten all data becomes totally inaccessible. Keychain and FileVault are actually very secure if strong passwords are used.
You're correct, except not
I don't think you are correct. When I change my password on my computer or sometimes after I do a system software update, when I run a program than wants keychain access it pops up and says my keycahin password has changed do you want to update the key chain. I don't need to enter my password to do that (after what would I enter, my old one or my new one?). I just click okay. instant keychain access. |
SearchFrom our Sponsor...Latest Mountain Lion HintsWhat's New:HintsNo new hintsComments last 2 daysLinks last 2 weeksNo recent new linksWhat's New in the Forums?
Hints by TopicNews from Macworld
From Our Sponsors |
|
Copyright © 2014 IDG Consumer & SMB (Privacy Policy) Contact Us All trademarks and copyrights on this page are owned by their respective owners. |
Visit other IDG sites: |
|
|
|
Created this page in 0.06 seconds |
|