Posted on 03-11-2021 10:41 AM
We have a user with a 2019 MacBook Pro that reported that she could no longer log in. The failure is happening at the FileVault authentication prompt on bootup, and it appears to have been triggered by the Big Sur 11.2.3 update. (Last report to Jamf Pro for the machine was hours before with an OS version of 11.2.2, and macOS Recovery on the device shows the version on the volume as 11.2.3) What makes this interesting:
Secondary admin account that we set also is not accepting the password. We are 100% sure that this password is correct.
The personal recovery key for the device I pulled from Jamf is not accepted by FileVault's recovery key prompt either. (The device name/serial matches between the machine and the Jamf record, so I'm 100% positive this is a good recovery key)
Key mappings don't seem to be messed up -- Locale is set correctly in the top right corner to U.S., and issue is reproducible with an external keyboard.
Can reset passwords successfully from macOS Recovery, but ultimately the new passwords and old passwords alike are never accepted by FileVault.
Ultimately I have an institutional recovery key also installed, and I'm sure the personal recovery key will work fine if unlocking this over target disk mode, so I'm not too worried about the user's local data being lost.
That said, I'm just boggled as to what in the world happened, why, and if others are seeing this... At the moment I have 10 machines that took 11.2.3 successfully with FileVault enabled, so it's at least not happening everywhere.
Posted on 03-11-2021 11:33 AM
I was testing Jamf connect, and I am seeing similar behavior ...but not the same.. password change with JC.. and that "looked like it worked" but both the new and old password would not unlock system prefs or the log in window....The FV key did work for me and the required password change after that log in did work correctly ....
There are issue with older versions Big Sur and passwords that could be fixed with a SMC Reset, but that didn't work for me or I didn't reset the SMC correctly : )
C
Posted on 03-11-2021 12:11 PM
Thanks for the comment @gachowski! This one affected machine is strictly local user accounts, no Jamf Connect/AD join, etc. I also tried an SMC reset yesterday to no avail.