MacOS systems includes a native Drive Encryption solution called FileVault, which ensures the machine is fully encrypted.
The Symantec Endpoint Encryption FileVault client (SEE FileVault client) will manage the Recovery Keys for Mac users in case a passphrase is forgotten. If a passphrase is forgotten, the Symantec Endpoint Encryption Administrator will be able to recover the keys and allow access back into the machine.
There are a few scenarios where Recovery Key windows will pop up to save your Recovery Key data to the server. It is important to enter your Mac OS FileVault passphrase at these recovery screens to ensure if a passphrase is forgotten, the Recovery Key will allow access back in.
Scenario 1: Migrate Recovery Key Screen - This screen is what registers the users on the machines and sends up the Recovery Key to the Encryption Server. It is critical you enter your passphrase on this screen to manage your Personal Recovery Key from the Encryption Server:
Scenario 2: Update Recovery Key Screen - When your FileVault Recovery Key changes, the SEE FileVault client must send up the new key to the server.
Enter the passphrase here to send the new Recovery Key to the server:
Scenario 3: Add User Screen - This screen is to add more FileVault users who login to the machine. Only authorized users should be added here.
If this pops up for your own user, enter the details here:
TIP: For information on how to troubleshoot the "Add current user" screen that will not accept credentials, see article TECH254704.
Subscribing will provide email updates when this Article is updated. Login is required.