Encrypting second partition with Filevault 2 and an institutional recovery key

New Contributor III

Hey guys,

Anyone know of a way to transparently do this on Mountain Lion or (pushing it) Lion? I've gone through the fdesetup options in Mountain Lion and nothing stands out.


Valued Contributor

As far as I know, it can't be done.

You can create an encrypted CoreStorage volume on another disk/partition, but if you want full FileVault 2 functionality, it must be a bootable volume. You'd then boot into that volume and use the normal methods to enable FileVault on the startup disk.


Valued Contributor III

Greg's right, this isn't possible currently with a non-boot disk. You can set up the non-boot drive to be encrypted, but it can only be unlocked with a password.

I have a couple of posts on how to encrypt a non-boot drive available here:



If you need non-boot drives to be encrypted and have alternate recovery methods, I recommend looking to hardware encryption. IronKey has solutions that may work for your environment:


New Contributor III

No problem thanks for the responses - Just as I thought it can be done but not with the same institutional key. Doesn't help me unfortunately