What is FileVault in macOS & Should You Actually Use It?

Key Takeaways
  • FileVault, a built-in security feature for Macs, encrypts all data on the device using full-disk XTS-AES-128 encryption with a 256-bit key. It's usually enabled by default on modern Macs for protecting sensitive information, and can be manually activated or deactivated.
  • Offers robust encryption and is user-friendly, but may slow down older Macs and poses a risk of data loss if the recovery key is forgotten. To enable FileVault, navigate to "System Settings" > "Privacy & Security" on your Mac.
  • Unlike Disk Utility encryption, which requires disk formatting, FileVault encrypts seamlessly without such requirements. For additional security, particularly against malware, software like MacKeeper can be used alongside FileVault.

Are you considering protecting your data with encryption, especially after hearing so much about it? You might be unsure if encrypting your data in today’s digital world is a good option. Perhaps you’re a health or business professional looking for a secure way to keep client details safe. Apple offers a solution for Mac users called FileVault.

In this article, we’ll guide you on what FileVault is, how it works, and how it differs from Disk Utility encryption. We’ll also explore the pros and cons of using FileVault, show you how to activate it, and discuss alternatives to FileVault. This information will help you decide if FileVault’s data encryption is the right choice for you.

What is FileVault?

What is FileVault?

FileVault is a special kind of security software designed for Mac computers. When you first get a Mac, FileVault is turned on by default, but you can deactivate or activate it yourself. Once activated, it secures everything on your computer.

If your computer is off and someone tries to access it without knowing your password or a special recovery key, they won’t be able to get to your files. Even if they remove the hard drive from your Mac, they can’t read the data on it. The data looks mixed up unless they have the right password or recovery key.

FileVault isn’t just about keeping your information safe from prying government eyes; it’s also great for preventing theft. If someone steals your laptop and doesn’t have the password or recovery key, the hard drive becomes almost worthless to them.

READ MORE: How To Enable or Disable Write Protection for a Disk Drive ➜

How does FileVault work?

How does FileVault work?

FileVault is a security feature on Mac computers locking away what you save and create on your device. It’s also built into iPhones and iPads, but it’s always on these devices – you can’t switch it off like on a Mac.

If your Mac is a newer model, like an iMac Pro, or has an Apple T2 Security Chip, it already automatically protects your data pretty well. But you can turn on FileVault for even stronger security. FileVault’s protection is robust. It uses full-disk XTS-AES-128 encryption with a 256-bit key, which is a fancy way of saying it’s super secure.

XTS-AES-128 is a powerful encryption method that scrambles data using a 256-bit key, making it extremely difficult to break. It divides data into small blocks and encrypts each one separately, adding an extra layer of security. This technique is especially good at protecting the data stored on your computer from unauthorized access.

It’s so secure that even the world’s fastest computer would need billions of years to break into a system protected by this encryption, trying a million different keys every second.

Only someone with administrator access to the Mac can switch FileVault on or off. When you enable FileVault, you’ll get options to access your data normally, like using your iCloud account and its password or a unique recovery key.

READ MORE: How to Protect & Hide Your Browser Fingerprint – Updated for 2023 ➜

Is FileVault different from the Disk Utility encryption?

FileVault vs Disk Utility

FileVault and Disk Utility are both built into macOS to help keep your data safe, but they’re used in different ways. They use the same strong encryption to protect your information but have different purposes.

Using FileVault means you can encrypt the data on your Mac as you save it without formatting or erasing your drive. This makes it a convenient choice if you want to protect your existing and new data easily.

On the other hand, using Disk Utility to encrypt data is a bit more complex. It involves formatting your drive, which can take time and isn’t always the best option for everyone. It’s a good choice if you want to format your disk and encrypt its data simultaneously.

However, it can’t encrypt your disk while keeping all your current data. Disk Utility can be especially useful if you want to encrypt only part of your home directory.

READ MORE: Elon Musk to Introduce Encrypted DMs in His “Twitter 2.0” Vision ➜

Pros and cons of FileVault

Pros and cons of FileVault

Here are some of the pros and cons which will help you decide whether you should enable FileVault or not:


  • It works with older Apple devices, even those no longer officially supported by Apple.
  • You can set up FileVault on your own or through your IT department, whether for your device or many in a network.
  • It protects all the data on your disk, both what’s there currently and what you add in the future.
  • Backing up your encrypted data is easy with Time Machine, which automatically creates backup sets.
  • Only certain user accounts, usually those with administrative rights, can unlock disks encrypted with FileVault. This means people without these rights can’t access the disk’s data, regardless of other permissions.
  • FileVault uses a strong encryption method called XTS, based on the AES algorithm. It encrypts data in 128-bit blocks with a 256-bit key, making it very secure.


There are some drawbacks when it comes to enabling FileVault.

  • Encryption can slow down older Macs like the 2010 MacBook Air, affecting performance and battery life.
  • Apple’s FileVault employs strong encryption, making unauthorized data access more challenging.
  • Safeguard the Recovery Key outside the local disk to avoid permanent data loss. Apple lacks a backdoor, so user responsibility is crucial.
  • Opting for iCloud as an encryption cipher may aid in password reset, but trusting Apple for online cipher security introduces inherent risks.
  • Losing the Recovery Key means irreversible data loss. Apple has no secret means to unlock data, emphasizing the user’s sole responsibility in key protection.

READ MORE: How to Fix “Time Machine Couldn’t Complete the Backup” Error on Mac ➜

How to Turn on FileVault

In the latest versions of Macs, the FileVault is enabled by default. You can turn it off and turn back on whenever you want. If your FileVault is not turned on, here is how to do it:

  1. From your “System Settings” go to “Privacy & Security.
    go to "Privacy & Security
    Go to Privacy & Security
  2. Find the “FileVault” tab. Then, click the “Turn On” at the front of FileVault option.
    Click on Turn ON
    Click on Turn On
  3. Here you might be asked to type in your laptop password or key that you use to login. A new prompt window will appear. Decide if you want to link your iCloud account with FileVault to unlock the disk. Alternatively, you can create a recovery key. Click “Continue” when you’ve made your choice.
    Choose the desired option and click Continue
    Choose the desired option and click Continue
  4. Once you click Continue, the system will start encrypting your data. This encryption may take several minutes of hours, depending upon the size of data and speed of your system. 
    Encryption will begin
    Encryption will begin
  5. Once the encryption will complete, you’ll see a “Encryption finished” message. FileVault is successfully turned on.
    FileVault activated
    FileVault activated

Remember, the first time you turn on FileVault, the encryption process may take several hours, but you can still use your Mac while it’s happening. Keep in mind that FileVault encrypts your entire disk. If you have other users on your Mac, you’ll need to add them so they can unlock the disk with their password.

WARNING: Never forget your recovery key. If you enable FileVault and then forget your login password and recovery key, you won’t be able to access your Mac. This means you’ll lose all your files and settings.

Alternatives to FileVault

While FileVault is excellent for device-level protection, it’s good to use additional software for online data security, like MacKeeper. MacKeeper is an all-in-one software solution that enhances your Mac’s privacy, performance, and overall health.

MacKeeper Homepage

The security feature in MacKeeper ensures your Mac and files stay safe. It includes Antivirus software, which is effective against big security risks like malware and spyware.

Test results from AV-TEST, a well-known testing organization, show that MacKeeper’s Antivirus blocks 99.7% of common malware, making it one of the most efficient in the industry.

READ MORE: How to Password Protect or Encrypt Excel Files➜

Should you use FileVault?

If you’re worried about someone accessing your data or if you lose your computer, FileVault is a wise choice for your Mac. It’s especially useful for stopping others from seeing your files without your password. But remember, using FileVault does have some impact on your computer’s performance.

The effect is usually small, but FileVault might make it slower if your Mac is already slow. Also, FileVault might not work if you run your Mac in a RAID config or use Boot Camp. Deciding to use FileVault depends on your needs.

However, turning on FileVault is a smart move for most people with newer Macs, especially laptops. If your Mac gets lost or stolen, your data stays safe and private.


How long does FileVault disk encryption take?

The encryption duration varies depending on your device’s data volume. The process is quick for new or less data-intensive devices, typically ranging from 20 minutes to 24 hours.

How to undo FileVault disk encryption?

You can do this by simply turning off the FileVault by following the same steps as enabling it. Disabling FileVault initiates the decryption process. This occurs in the background while your Mac is active. The time to fully undo encryption varies based on the amount of stored data.

Does FileVault disk encryption slow down Mac?

No, FileVault operates seamlessly in the background without causing noticeable slowdowns. Users generally won’t experience a significant difference in their Mac’s performance after enabling FileVault.

How can you get FileVault on your Mac?

FileVault is seamlessly integrated into the macOS operating system. Access it through the Security & Privacy pane in System Preferences and toggle FileVault on or off in the dedicated FileVault tab.

What happens if I disable FileVault on Mac?

Disabling FileVault prompts the decryption of encrypted content. The time required for this process varies but allows normal use of your Mac during decryption.

Does FileVault protect against malware?

No, FileVault’s primary function is to encrypt and secure data, not to protect against malware. To enhance overall security, users should regularly update their systems, use strong passwords, and exercise caution online. FileVault works in tandem with good computing habits for comprehensive security.


Khalid Ali

Khalid is a versatile analyst honing his expertise for the past 5 years. With certifications from Google and IBM to back him up, his knowledge extends far beyond the routine coverage of the latest trends and in the industry.