With the activation lock turned on, you won’t be able to erase the Mac and reinstall macOS from scratch. That chip offers the same “secure enclave” that makes Apple Pay, Touch ID, and other features available on Macs as it has been on generations of iPhones and iPads.
It can take a while to complete both decryption and encryption, but it’s worth it.Īpple is extending the activation lock protection that it added several releases ago to iPhones and iPads with macOS 10.15 Catalina to any Mac with a T2 security chip. Or, in the unlikely event you’re purchasing a computer from someone criminal who might try to get it back later, they could decrypt the drive without your permission or password.įollow Apple’s instructions to turn off FileVault and then turn FileVault back on. Without the recovery key you could be locked out. However, you should also reset FileVault encryption. The seller could and should provide that key to you. This can be provided directly to the person setting it up or stashed in an iCloud account as escrow. When you turn on the encryption, macOS generates a recovery key that allows you to decrypt a drive even if you don’t have an account password. Second, there’s a kind of security exploit available if someone else set up FileVault.
CHECKLIST IN MACDOWN PASSWORD
I suggest deleting any other accounts created on the device and changing the password on this account. Because FileVault has to be turned on for at least one account, that’s all that’s needed. On a used Mac that’s prepared for you, there should be a single account created with administrator privileges. However, there are two kinds of problems with having it enabled when you purchase a used Mac.įirst, FileVault has to be enabled on every account that you want to be able to log in. It’s terrific technology that I strongly advise using. Is FileVault turned on?įileVault encrypts the entire contents of a Mac’s drive, making files unreadable when it’s powered down. Apple says that the original receipt or invoice showing purchase of the Mac is required, and the Mac has to brought in person to an Apple Store or an Apple authorized service provider. If the seller doesn’t have the password, all isn’t lost, but it requires their participation to get the Mac unlocked. Wtih a firmware password enabled, the startup disk cannot be changed. If you want to keep the firmware password enabled, now click Turn On Firmware Password and enter a password only you know and that you make a record of, preferably in a password-management app. Enter the password.Īfter Recovery starts up, select Utilities > Firmware Password Utility (older Macs and some newer models) or Utilities > Startup Security Utility (Macs with a T2 security chip), and then Turn Off Firmware Password. If you’re prompted for a password next to a lock icon, you need the seller to provide this firmware password. Restart your Mac and hold down Command-R to start up in macOS Recovery. However, if that’s not an option or you’re not concerned, at least delete all unnecessary accounts and change the password on the main account, which must have administrator privileges. I suggest erasing the drive and reinstalling macOS via macOS Recovery.
If someone else set up a computer, you don’t necessarily know what’s running on it. (They may want to and probably should change their iCloud or other password after that, too.) Were one or more accounts created? The seller can then remotely type the password in as required. In a chat session with Messages for macOS that has the blue bubbles showing an iMessage connection, click the Details button in the upper-right corner, and then click the overlapping screens icon. Tip: If a seller balks at providing a password to you directly for something that can be typed in while booted into macOS proper-a perfectly reasonable thing to resist-you can use a slightly hidden feature for iMessages. (You should also use this checklist before selling a Mac.) That covers the basics, but you can and should dig deeper. Can you mount the disk without a password? And run Disk First Aid to ensure that no problems are reported. If shown a lock icon and password field by itself, see the firmware password section below.)
CHECKLIST IN MACDOWN INSTALL
(If macOS Recovery isn’t installed, the Mac should attempt to retrieve it over the internet and install it. Restart normally from the Finder and hold down Command-R to make sure you can start up in macOS Recovery. Shut the Mac down and perform a “cold boot”-start it up and see if you can log in with account information provided or complete macOS setup. Regardless of how you receive the Mac, check out these items-preferably before finalizing the deal.
0 kommentar(er)
