{"id":4582,"date":"2012-05-08T07:38:55","date_gmt":"2012-05-08T07:38:55","guid":{"rendered":"http:\/\/www.intego.com\/mac-security-blog\/?p=4582"},"modified":"2015-02-05T10:38:08","modified_gmt":"2015-02-05T18:38:08","slug":"filevault-bug-exposes-user-passwords","status":"publish","type":"post","link":"https:\/\/www.intego.com\/mac-security-blog\/filevault-bug-exposes-user-passwords\/","title":{"rendered":"FileVault Bug Exposes User Passwords"},"content":{"rendered":"<p>If you use Apple&#8217;s FileVault to encrypt your Mac&#8217;s hard drive, you should be careful. Security researcher David Emery <a href=\"http:\/\/cryptome.org\/2012\/05\/apple-filevault-hole.htm\">has discovered a bug<\/a> in Mac OS X 10.7.3 that may expose your FileVault password. According to Emery, &#8220;Someone, for some unknown reason, turned on a debug switch&#8221; in Mac OS X 10.7.3, which has the effect of writing a log containing your FileVault password in plain text form.<\/p>\n<p>However, this only seems to apply to users who had FileVault turned on before the release of OS X Lion. If you only turned on FileVault in Lion, then you are safe.<\/p>\n<p>To be fair, it&#8217;s not entirely simple for someone to break into a Mac by accessing this file. Emery says that:<\/p>\n<blockquote><p>the log in question can also be read by booting the machine into firewire disk mode and reading it by opening the drive as a disk or by booting the new-with-LION recovery partition and using the available superuser shell to mount the main file system partition and read the file.<\/p><\/blockquote>\n<p>While that may seem like gibberish to many readers, you can be sure that plenty of malicious users know exactly what that means. And, as <a href=\"http:\/\/www.zdnet.com\/blog\/security\/apple-security-blunder-exposes-lion-login-passwords-in-clear-text\/11963\">Emil Protalinski of ZDnet points out<\/a>, &#8220;it would be possible for cyber criminals to write very specific malware that knows where to look on a targeted system.&#8221;<\/p>\n<p>If you are using FileVault, and had been using it prior to Lion, here&#8217;s what you can do to protect your Mac and your files.<\/p>\n<ol>\n<ol>\n<li>First, back up your Mac to protect against any possible data loss.<\/li>\n<li>Next, open System Preferences from the Apple menu and click on the Security &amp; Privacy icon. Click on the padlock and enter your administrator&#8217;s password to be able to make changes. (You may see a dialog when opening this preference page saying that &#8220;You are using an old version of FileVault.&#8221; If you do, click on Turn Off Legacy FileVault and skip step 3.)<\/li>\n<\/ol>\n<\/ol>\n<p><center><br \/>\n<a href=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2012\/05\/filevault-prefs.png\"><img loading=\"lazy\" title=\"filevault-prefs\" src=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2012\/05\/filevault-prefs.png\" alt=\"\" width=\"600\" height=\"480\" \/><\/a><\/center><\/p>\n<ol>\n<li>Click on Turn Off FileVault to turn off FileVault.<\/li>\n<li>Click on Turn On FileVault to turn FileVault on again. A dialog will display a &#8220;recovery key,&#8221; and offer to store this with Apple. This is a good idea, since if you forget your password you won&#8217;t be able to access any of your files. Follow the instructions to do this. You will then need to restart your Mac, and the encryption process will take some time, depending on how big your hard disk is.<\/li>\n<li>The password used for FileVault is the same as your user account password. Make sure to use a different password from the one you used originally for FileVault. To change this, go to the Users &amp; Groups pane in System Preferences and click on your account name. Click on Change Password and follow the instructions to set a new password.<\/li>\n<\/ol>\n<p>If you perform the above, your new password will be used for FileVault and the text file that is written to your disk will contain the old password; make sure they are different, really different. Don&#8217;t just change it from, say, &#8220;MyPet&#8221; to &#8220;MyPet2;&#8221; use a password that is in no way related to the previous one.<\/p>\n<p>For more information about FileVault, read <a href=\"http:\/\/support.apple.com\/kb\/HT4790\">Apple&#8217;s technical note<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>A bug in Apple&#8217;s FileVault in OS X Lion may expose your password. Read how you can fix this and protect yourself if you use FileVault to encrypt files on your Mac.<\/p>\n","protected":false},"author":3,"featured_media":4594,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"spay_email":"","jetpack_publicize_message":"","jetpack_is_tweetstorm":false},"categories":[5],"tags":[573,353,96],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v17.4 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<meta name=\"description\" content=\"A bug in Apple&#039;s FileVault in OS X Lion may expose your password. Read how you can fix this and protect yourself if you use FileVault to encrypt files on your Mac.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.intego.com\/mac-security-blog\/filevault-bug-exposes-user-passwords\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"FileVault Bug Exposes User Passwords  - The Mac Security Blog\" \/>\n<meta property=\"og:description\" content=\"A bug in Apple&#039;s FileVault in OS X Lion may expose your password. Read how you can fix this and protect yourself if you use FileVault to encrypt files on your Mac.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.intego.com\/mac-security-blog\/filevault-bug-exposes-user-passwords\/\" \/>\n<meta property=\"og:site_name\" content=\"The Mac Security Blog\" \/>\n<meta property=\"article:published_time\" content=\"2012-05-08T07:38:55+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2015-02-05T18:38:08+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2012\/05\/FileVault.png\" \/>\n\t<meta property=\"og:image:width\" content=\"100\" \/>\n\t<meta property=\"og:image:height\" content=\"100\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Peter James\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#organization\",\"name\":\"Intego\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/\",\"sameAs\":[],\"logo\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#logo\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png\",\"contentUrl\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png\",\"width\":875,\"height\":875,\"caption\":\"Intego\"},\"image\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#logo\"}},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#website\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/\",\"name\":\"The Mac Security Blog\",\"description\":\"Keep Macs safe from the dangers of the Internet\",\"publisher\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.intego.com\/mac-security-blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/filevault-bug-exposes-user-passwords\/#primaryimage\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2012\/05\/FileVault.png\",\"contentUrl\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2012\/05\/FileVault.png\",\"width\":\"100\",\"height\":\"100\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/filevault-bug-exposes-user-passwords\/#webpage\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/filevault-bug-exposes-user-passwords\/\",\"name\":\"FileVault Bug Exposes User Passwords - The Mac Security Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/filevault-bug-exposes-user-passwords\/#primaryimage\"},\"datePublished\":\"2012-05-08T07:38:55+00:00\",\"dateModified\":\"2015-02-05T18:38:08+00:00\",\"description\":\"A bug in Apple's FileVault in OS X Lion may expose your password. Read how you can fix this and protect yourself if you use FileVault to encrypt files on your Mac.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/filevault-bug-exposes-user-passwords\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.intego.com\/mac-security-blog\/filevault-bug-exposes-user-passwords\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/filevault-bug-exposes-user-passwords\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.intego.com\/mac-security-blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"FileVault Bug Exposes User Passwords\"}]},{\"@type\":\"Article\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/filevault-bug-exposes-user-passwords\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/filevault-bug-exposes-user-passwords\/#webpage\"},\"author\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/d0c16bd0a4dd8f82d91204f400c8d116\"},\"headline\":\"FileVault Bug Exposes User Passwords\",\"datePublished\":\"2012-05-08T07:38:55+00:00\",\"dateModified\":\"2015-02-05T18:38:08+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/filevault-bug-exposes-user-passwords\/#webpage\"},\"wordCount\":536,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/filevault-bug-exposes-user-passwords\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2012\/05\/FileVault.png\",\"keywords\":[\"FileVault\",\"Password Security\",\"Passwords\"],\"articleSection\":[\"Security News\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.intego.com\/mac-security-blog\/filevault-bug-exposes-user-passwords\/#respond\"]}]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/d0c16bd0a4dd8f82d91204f400c8d116\",\"name\":\"Peter James\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#personlogo\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/0626bfb4ada576ba5aa775322329ad47?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/0626bfb4ada576ba5aa775322329ad47?s=96&d=mm&r=g\",\"caption\":\"Peter James\"},\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/author\/peter\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"description":"A bug in Apple's FileVault in OS X Lion may expose your password. Read how you can fix this and protect yourself if you use FileVault to encrypt files on your Mac.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.intego.com\/mac-security-blog\/filevault-bug-exposes-user-passwords\/","og_locale":"en_US","og_type":"article","og_title":"FileVault Bug Exposes User Passwords  - The Mac Security Blog","og_description":"A bug in Apple's FileVault in OS X Lion may expose your password. Read how you can fix this and protect yourself if you use FileVault to encrypt files on your Mac.","og_url":"https:\/\/www.intego.com\/mac-security-blog\/filevault-bug-exposes-user-passwords\/","og_site_name":"The Mac Security Blog","article_published_time":"2012-05-08T07:38:55+00:00","article_modified_time":"2015-02-05T18:38:08+00:00","og_image":[{"width":"100","height":"100","url":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2012\/05\/FileVault.png","type":"image\/png"}],"twitter_card":"summary_large_image","twitter_misc":{"Written by":"Peter James","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Organization","@id":"https:\/\/www.intego.com\/mac-security-blog\/#organization","name":"Intego","url":"https:\/\/www.intego.com\/mac-security-blog\/","sameAs":[],"logo":{"@type":"ImageObject","@id":"https:\/\/www.intego.com\/mac-security-blog\/#logo","inLanguage":"en-US","url":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png","contentUrl":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png","width":875,"height":875,"caption":"Intego"},"image":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#logo"}},{"@type":"WebSite","@id":"https:\/\/www.intego.com\/mac-security-blog\/#website","url":"https:\/\/www.intego.com\/mac-security-blog\/","name":"The Mac Security Blog","description":"Keep Macs safe from the dangers of the Internet","publisher":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.intego.com\/mac-security-blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"ImageObject","@id":"https:\/\/www.intego.com\/mac-security-blog\/filevault-bug-exposes-user-passwords\/#primaryimage","inLanguage":"en-US","url":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2012\/05\/FileVault.png","contentUrl":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2012\/05\/FileVault.png","width":"100","height":"100"},{"@type":"WebPage","@id":"https:\/\/www.intego.com\/mac-security-blog\/filevault-bug-exposes-user-passwords\/#webpage","url":"https:\/\/www.intego.com\/mac-security-blog\/filevault-bug-exposes-user-passwords\/","name":"FileVault Bug Exposes User Passwords - The Mac Security Blog","isPartOf":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/filevault-bug-exposes-user-passwords\/#primaryimage"},"datePublished":"2012-05-08T07:38:55+00:00","dateModified":"2015-02-05T18:38:08+00:00","description":"A bug in Apple's FileVault in OS X Lion may expose your password. Read how you can fix this and protect yourself if you use FileVault to encrypt files on your Mac.","breadcrumb":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/filevault-bug-exposes-user-passwords\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.intego.com\/mac-security-blog\/filevault-bug-exposes-user-passwords\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.intego.com\/mac-security-blog\/filevault-bug-exposes-user-passwords\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.intego.com\/mac-security-blog\/"},{"@type":"ListItem","position":2,"name":"FileVault Bug Exposes User Passwords"}]},{"@type":"Article","@id":"https:\/\/www.intego.com\/mac-security-blog\/filevault-bug-exposes-user-passwords\/#article","isPartOf":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/filevault-bug-exposes-user-passwords\/#webpage"},"author":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/d0c16bd0a4dd8f82d91204f400c8d116"},"headline":"FileVault Bug Exposes User Passwords","datePublished":"2012-05-08T07:38:55+00:00","dateModified":"2015-02-05T18:38:08+00:00","mainEntityOfPage":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/filevault-bug-exposes-user-passwords\/#webpage"},"wordCount":536,"commentCount":0,"publisher":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#organization"},"image":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/filevault-bug-exposes-user-passwords\/#primaryimage"},"thumbnailUrl":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2012\/05\/FileVault.png","keywords":["FileVault","Password Security","Passwords"],"articleSection":["Security News"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.intego.com\/mac-security-blog\/filevault-bug-exposes-user-passwords\/#respond"]}]},{"@type":"Person","@id":"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/d0c16bd0a4dd8f82d91204f400c8d116","name":"Peter James","image":{"@type":"ImageObject","@id":"https:\/\/www.intego.com\/mac-security-blog\/#personlogo","inLanguage":"en-US","url":"https:\/\/secure.gravatar.com\/avatar\/0626bfb4ada576ba5aa775322329ad47?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/0626bfb4ada576ba5aa775322329ad47?s=96&d=mm&r=g","caption":"Peter James"},"url":"https:\/\/www.intego.com\/mac-security-blog\/author\/peter\/"}]}},"jetpack_featured_media_url":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2012\/05\/FileVault.png","jetpack_publicize_connections":[],"jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p4VAYd-1bU","amp_enabled":true,"_links":{"self":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts\/4582"}],"collection":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/comments?post=4582"}],"version-history":[{"count":7,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts\/4582\/revisions"}],"predecessor-version":[{"id":35527,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts\/4582\/revisions\/35527"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/media\/4594"}],"wp:attachment":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/media?parent=4582"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/categories?post=4582"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/tags?post=4582"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}