macOS-Security-and-Privacy-Guide icon indicating copy to clipboard operation
macOS-Security-and-Privacy-Guide copied to clipboard

Published 20 hours ago verified publisher icon drduh

Question: Why remove the admin account from FileVault?

Open halo opened this issue 2 years ago • 2 comments

I have difficulties wrapping my head around this recommendation:

The admin account can also be removed from FileVault.

What is the benefit of not being able to unlock the disk using the administrator account? I thought the admin account is supposed to be more difficult to be compromised than the normal user account. So why would only the user account get the FileVault key?

I think I understand the technical details, but don't understand the threat scenario. I would appreciate any clarification.

Thank you for your time 🙂

halo avatar Apr 17 '22 20:04 halo

I can't think of any particularly strong reason to do this, other than as a general separation of privilege, but even then the risk is difficult to comprehend. Feel free to remove or change that directive.

drduh avatar Aug 21 '22 18:08 drduh

Also from https://support.apple.com/HT203998

If FileVault is enabled, a hidden user may continue to appear in the initial login window after the computer is turned on or restarted.

which leads the whole thing ad absurdum

beerisgood avatar Aug 21 '22 20:08 beerisgood

Thanks for the fix!

drduh avatar Dec 26 '22 18:12 drduh