- Joined
- Nov 10, 2006
- Messages
- 324
- Reaction score
- 6
- Points
- 18
- Location
- Leeds, England
- Your Mac's Specs
- 17" Core Duo Macbook Pro
It's always bothered me if either of my iMacs got stolen. Not so much the computers themselves as they're insured but the content on them as they contain source code and content for hundreds of clients' sites. I had always assumed that if you stole a Mac and could log in you could remove the hard drive, mount it and get access to most of the data.
I was delighted to read about FileVault 2 this morning though, I'd never heard of it before. I've got two iMacs that I upgraded to Yosemite and have just enabled FileVault. It is encrypting as we speak…
I still have a few questions/concerns though:
1. Am I right in saying that FileVault and KeyChain decrypt on login and encrypt on logout or shutdown. If this is that case and your Mac is on screen saver or asleep and a thief comes in, pulls the power cord and mounts the drive later on, won't the contents and all your keychains set to “Always allow” be accessible? Or does it rely on something in RAM that is wiped when the power goes?
2. So long as you don't leave your machine unattended when logged in is setting a separate password for any given keychain pointless? I tried it for a time and found it annoying.
Logging out every night or when I leave the machine unattended is no big deal and I always shut down when I go away for more than a day. I just want to know if in this instance using FileVault and KeyChain in this way are secure enough so that any thief would not be able to access any of my clients' data and my emails, etc. I also encrypt both my Time Machine drives.
I realise I'm being hyper-safe here. The average thief in my area would not likely have much computer expertise. They almost certainly won't be a cryptographer else they'd be earning better money elsewhere.
Thanks a lot.
P.S. If FileVault encrypt/decrypts everything every time you login and does it not completely kill performance?
I was delighted to read about FileVault 2 this morning though, I'd never heard of it before. I've got two iMacs that I upgraded to Yosemite and have just enabled FileVault. It is encrypting as we speak…
I still have a few questions/concerns though:
1. Am I right in saying that FileVault and KeyChain decrypt on login and encrypt on logout or shutdown. If this is that case and your Mac is on screen saver or asleep and a thief comes in, pulls the power cord and mounts the drive later on, won't the contents and all your keychains set to “Always allow” be accessible? Or does it rely on something in RAM that is wiped when the power goes?
2. So long as you don't leave your machine unattended when logged in is setting a separate password for any given keychain pointless? I tried it for a time and found it annoying.
Logging out every night or when I leave the machine unattended is no big deal and I always shut down when I go away for more than a day. I just want to know if in this instance using FileVault and KeyChain in this way are secure enough so that any thief would not be able to access any of my clients' data and my emails, etc. I also encrypt both my Time Machine drives.
I realise I'm being hyper-safe here. The average thief in my area would not likely have much computer expertise. They almost certainly won't be a cryptographer else they'd be earning better money elsewhere.
Thanks a lot.
P.S. If FileVault encrypt/decrypts everything every time you login and does it not completely kill performance?