Overview of encryption of college computers
Getting Started
The initiation of encryption will only take a few minutes. The rest will complete in the background while you work normally.
Mac encryption requirements
- A single user computer - if coworkers need to be able to boot up and log into the computer, please confer with T&I before continuing.
- macOS High Sierra 10.13 or higher if the Mac has an SSD hard drive or
- macOS Mojave 10.14 if the Mac has either a Fusion drive or a traditional spinning hard drive.
- If you are on an older OS version, you can upgrade to Catalina via Self Service.
- Connection to the campus network (on campus or via VPN) while you initiate the process.
- If the computer is a laptop, plug in to power.
- Close all open programs, as the process will require a logout.
- Open the Self Service app and choose "Encrypt with FileVault".
- Don't see it? Double check the requirements above. If you need help, contact T&I so we can investigate further. Include your computer's Davidson College property tag number.
- You will be prompted for your password, warned of impending logout, prompted for your password again, then logged out. The logout may take a little longer than normal as the encryption process starts.
- Once you see the login screen, you may log in again and resume normal work.
The initial encryption will now be happening in the background. On laptops, it happens only when the computer is plugged in to power (it pauses when on battery). It's OK to sleep or shut down as needed; encryption will resume when you turn it back on.
- Check the status of encryption at System Preferences, Security & Privacy, FileVault.
- On the newest models, encryption may complete almost immediately.
- On older models, encryption may take a few hours if there is very little data saved or several days for large drives with a lot of data.
Ongoing Use
When you reboot the computer, you will see a slightly different login screen that appears almost immediately after the computer is turned on - the computer cannot boot until you use your password to allow the hard drive to be read. Once the computer is booted, it will behave just as it did before encryption.
- As long as your Mac and network passwords are in sync, you will only be prompted for your password once at startup.
- If your password is changed from somewhere other than the Mac, your passwords will get out of sync. Remember your old password, and see above for details on getting back in sync. Users of encrypted macOS computers are strongly advised to change their network password only via their Mac's System Preferences while on the campus network.
- Please watch for the emailed warnings of approaching password expiration and change it ahead of the deadline.
- If the password is changed elsewhere (for example, via identity.davidson.edu/portal) you may need to use a combination of the old and new passwords on the next restart and login, until the Mac account, FileVault, and Keychain passwords are all synchronized again. If they are not all back in sync after two reboot+login cycles while connected to the campus network, run "FileVault Password Resync" from Self Service.