Use the Recovery Key to unlock FileVault 2 over Target Disk Mode to recover data if you don't know the user's password.

ClassicII
Contributor III

For some time now corporate security has requested a better way to recover data if an employee quit or was let go and they didn't know the users password.

They normally would have to go into recovery, follow additional steps so they can attempt to decrypt the device... then wait for the decrypt to finish. Then boot it up login and connect to the network or plug in a hard drive.

Now you can just connect the Mac over Target Disk Mode and use the FV2 Personal Recovery to unlock the disk in terminal!

https://mrmacintosh.com/filevault-2-target-disk-mode-unlock-using-the-personal-recovery-key/

4 REPLIES 4

edickson
Contributor

While I do like this (working in IT) it's a reminder to not store any personal data on company equipment as it can still be accessed by IT even after a user leaves the company.

Not applicable

I actually use this process for backing up the computers when upgrading via Carbon Copy Cloner, unlock and clone!

TSOAFTVPPC
Contributor

I thought target disk mode was going away?!

ClassicII
Contributor III

Target Disk Mode is here to stay for the time being it seems!