FileVault is secure if you keep the door locked

I did some research to see exactly how strong encryption is if you use Apple’s FileVault. (Windows has BitLocker).


1. If your laptop is stolen while powered on, if someone has the right hardware they can read your ram and steal all vault passwords. This is unlikely but possible.


2. If your laptop is off they can brute force your password. For a simple 6 character password this would take ~1000 EC2 computing days and cost ~$5,000. A 7 character password would cost $40,000 to break and 8 character $2.5 million. Use lowercase, uppercase, numbers and symbols for the best password protection. You must also use secure virtual memory or passwords will be written to disk.


If you don’t use FileVault nor BitLocker and your laptop is stolen then your bank accounts, your email, your passwords and you are compromised.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: