How to Encrypt, Decrypt, and Recover Mac Hard Drive Files?

Summary: This blog shares various methods to encrypt and decrypt a Mac hard drive and recover files lost from an encrypted drive. Download the free-to-try Mac data recovery software to recover encrypted hard drive files.


How to Encrypt, Decrypt, and Recover Mac Hard Drive Files?

Table of Contents

1. What is Mac hard drive encryption?
2. How to Encrypt or Decrypt Mac Hard Drive Using

3. Data Recovery on Encrypted Drive Using

4. What if the decryption password is lost?
5. Conclusion

1. What is Mac hard drive encryption?

macOS provides FileVault to encrypt your Mac hard drive that helps protect your data from prying eyes and hackers. FileVault full-disk encryption (FileVault 2) uses XTS-AES-128 bit encryption with a 256-bit key to help prevent unapproved access to the information on your startup disk.

2. How to Encrypt or Decrypt Mac Hard Drive?

macOS has several native methods to encrypt and decrypt a Mac hard drive. The following sections illustrate the methods in detail. Also, learn how to recover data from an encrypted or corrupt Mac hard drive.

Encrypt or decrypt Mac hard drive by using:

A. Encrypt or Decrypt Storage Drive using Finder

macOS Finder allows you to encrypt or decrypt your internal or external Mac hard drive and volume quickly. To encrypt your Mac hard drive by using Finder, perform the following steps.

Step 1) Use the internal Mac volume or connect the external storage drive you wish to encrypt.

Step 2) Launch Finder, and from the left pane, secondary-click a drive or volume and select the Encrypt ‘Drive_Name’ option.

Encrypt Mac USB

Step 3) Set a password and hint as requested by macOS. Wait till the hard drive encrypts. And, from now on, you need to key in the password to unlock the drive.

Create Encryption Password

Similar to encrypting a hard drive, macOS Finder also makes the process of decryption easy. To decrypt a hard drive by using Finder, perform the following steps:  

Step 1) Open Finder, and from the left pane, secondary-click on the encrypted hard drive and select the Decrypt ‘Drive_Name’ option.

Step 2) After Mac decrypts the drive, access the hard drive directly without any password.

B. Encrypt or Decrypt Storage Drive using FileVault

FileVault is the native disk encryption application that allows you to encrypt your startup disk. It uses your login password as an encryption key. To encrypt your Mac hard drive using FileVault, perform the following steps:

Step 1) Go to Apple menu > System Preferences > Security & Privacy > FileVault tab.

Step 2) Click the Lock icon and enter admin credentials. Click the “Turn On FileVault” button.

FileVault

Step 3) Provide a password to encrypt the disk. Your Mac encrypts the disk in the background. You can check the encryption progress from the FileVault section.

Step 4) After encryption, restart your Mac and provide the login password to finish starting up.

When you don’t want to keep your Mac hard drive encrypted any longer due to some reason, you can decrypt your encrypted Mac hard drive by using FileVault. The steps are as follows.

Step 1) Open the FileVault tab from Security & Privacy, as explained before. Click the “Turn Off FileVault” button. Your Mac decrypts the disk in the background. You can check the decryption progress from the FileVault section.

Step 2) After decryption, restart your Mac. Now, you won’t need any password to unlock your Mac hard drive.

C. Encrypt or Decrypt Storage Drive using Disk Utility

Disk Utility has the option to erase your Mac hard drive in an encrypted format—APFS (Case-sensitive, encrypted), Mac OS Extended (Journaled, Encrypted), or Mac OS Extended (Case-sensitive, Journaled, Encrypted). To encrypt your Mac hard drive by using Disk Utility, perform the following steps:

Step 1) For non-startup disk, launch Disk Utility from Finder > Applications > Utilities. Or else, press Command + Spacebar to bring Spotlight. Type ‘disk utility’ and click the Disk Utility search result to launch the application.

Step 2) From Disk Utility, select the internal non-boot Mac volume or the external hard drive you want to protect via password, then click the Erase tab. Warning: Erasing a drive will remove all its content, so back up before performing the erase operation.

Disk utility > Erase Warning

Step 3) In the Format section, click the drop-down menu to select an encryption format.

Erase USB

Step 4) In the Name section, provide your hard drive with a name and click Erase. Before macOS erases the drive, it displays a dialog box asking for a password.

Step 5) Enter the password that is easy to remember yet difficult to crack for others. Don’t forget to provide a Password Hint. Disk Utility completes the erase process of your hard drive.

Password Hint

Step 6) When the erase process is over, the encrypted drive mounts on the Mac. Enter the drive’s password each time you access it. If you forget the password, the drive will turn inaccessible.

To encrypt Macintosh HD, the startup disk, you need to open Disk Utility in macOS Recovery mode. Steps are as follows:

Step 1) Start or restart your Mac and immediately by pressing and holding Command + R keys. Release the keys when the Apple logo appears. Your Mac boots into macOS Recovery mode.

Step 2) From the macOS Utilities window, select Disk Utility and click Continue. Erase the startup disk in an encryption format after backing it up by using Time Machine.

Step 3) Reinstall macOS from the macOS Utilities window. Finally, restore the backed-up data from the Time Machine backup drive to the encrypted drive.

Disk Utility also allows you to decrypt a Mac hard drive that you have erased using an encryption format. The steps are as follows.

Step 1) Open Disk Utility, then select your encrypted storage drive.

Step 2) To unlock the hard drive, go to File > Unlock ‘Drive_Name.’

Step 3) Enter the password when prompted.

Step 4) To decrypt the hard drive, go to File > ‘Turn Off Encryption.’

best-mac-data-recovery-software-banner

D. Encrypt or Decrypt Storage Drive using Terminal

The Terminal is a powerful application that can help you to encrypt or decrypt your Mac hard drive. But since you need to have a complete know-how of Terminal commands, any incorrect operation can result in data loss. So, back up your data from the drive before executing any Terminal command. Steps to encrypt a hard drive using Terminal are as follows:

Step 1) Launch Terminal from Finder > Application > Utilities.

Step 2) Type the code “diskutil apfs list” and hit Return. The Terminal produces a list of all APFS volumes and containers. Note down the APFS volume ID information.

Step 3) To encrypt volume, type “diskutil apfs encryptVolume /dev/apfs_volume_id” and hit Return. Type the password for encryption when asked. Type again to confirm the password.

Step 4) To monitor encryption progress, type “diskutil apfs list” and hit Return.

Similarly, you can decrypt your encrypted Mac hard drive by using Terminal. Steps to decrypt an APFS encrypted drive are as follows:

Step 1) Launch Terminal. Type “diskutil apfs list” and hit Return to know the APFS volume ID.

Step 2) Type “diskutil apfs unlockVolume /dev/apfs_volume_id -passphrase type_the_key”, then hit Return to unlock the volume.

Step 3) Type “diskutil apfs decryptVolume /dev/apfs_volume_id” and hit Return to decrypt the volume. Authenticate when prompted.

Step 4) To monitor decryption progress, type “diskutil apfs list” and hit Return.

For other drives, do the following:  

Step 1) Launch Terminal and type the code “diskutil cs list” and hit Return. The Terminal produces a core storage list in a hierarchy. Copy the alphanumeric code that is logical volume UUID, which is next to Logical Volume Group.

Step 2) Type “diskutil cs decryptVolume logical_volume_uuid -passphrase type_the_key” and hit Return.

But what if you delete few crucial files from an encrypted hard drive, or the drive itself turns corrupt. In such cases, you need to salvage your lost data.

3. Mac Data Recovery on Encrypted Drive

A. Recover Encrypted Mac Hard Drive with Time Machine

Mac data loss can occur from an encrypted hard drive due to accidental deletion, formatting, or corruption. So, setting up a Time Machine backup hard drive is the need of the time. Time Machine performs incremental backups of your encrypted Macintosh HD as per the schedule. And in case of data loss, you can use Time Machine to restore your lost data to your Mac drive. Steps are as follows:

Step 1) Ensure your Time Machine backup drive is connected to your Mac. Launch Time Machine from the Launchpad.

Step 2) Find the deleted or lost files by using Up/Down arrows or Timeline. Select the required files and folders, then click Restore. The files will restore to their actual location.

B. Stellar Data Recovery Professional Software

What if you haven’t set up your Time Machine backup drive? Or you didn’t connect the backup drive to your Mac to perform an incremental backup. Only a professional Mac data recovery software can help you recover data from an encrypted hard drive in such cases. The tutorial video and steps are as follows:

Step 1) Install the *trial version of Stellar Data Recovery Professional for Mac on your iMac, MacBook, or Mac mini from where the data is lost.

Step 2) In the ‘Select What To Recover’ screen, either select ‘Recover Everything’ or toggle on specific file types to customize your scan, then click Next.

Stellar Data Recovery Professional for Mac

Step 3) In the ‘Select Location’ screen, select your internal or external encrypted Mac drive. Provide the password to unlock the drive.

Select Location

Step 4) When you scan your startup disk in macOS Big Sur, Catalina, Mojave, or High Sierra, you must load the Stellar Data Recovery extension for Macintosh HD recovery. Learn More

Step 5) Toggle on Deep Scan, then click Scan. Wait till the software scans the encrypted hard drive thoroughly. The software can also scan a corrupt encrypted drive.

Step 6) After the scan is over, select a view out of the three views Classic List, File List, and Deleted List. Expand the scanned items listed by the software.

Scan complete Successfully

Step 7) Double-click a file to launch its preview to check its quality. Select all the desired files.

Step 8) Click Recover to save your recoverable files. Click Browse to specify a distinct drive location, then click Save. Open the destination drive to verify the recovered data.

*The trial version of the software allows you to free scan your encrypted storage drive and preview your files for free. To save the recoverable files, activation of the software is mandatory. And why hesitate when the software has a 30-day money-back guarantee, just in case.

4. What if the decryption password is lost?

If the decryption password is lost, then your drive is lost forever. You can’t retrieve data from the drive anymore. For that reason, always keep the decryption password in a safe location so that it can be used as and when required.

Conclusion

Although macOS has made the encryption and decryption process easy and convenient, you should be careful in following the crucial troubleshooting steps, as a small mistake can lead to permanent data loss.

Suppose you have faced a data loss disaster, leverage Stellar Data Recovery Professional for Mac software to help you recover your data from an encrypted hard drive. Besides, the software recovers data when the drive turns corrupt during the decryption process.

This versatile software performs data recovery on APFS and can handle any logical data loss situation with ease—encryption, corruption, inaccessibility, erasure, or emptying of Trash. To check its interface, scan-capability, and other powerful features, download the free-to-try software. Scan the encrypted/corrupt drive and preview files. And once satisfied, you can activate it for a lifetime.

Comments(72)
  1. hh April 21, 2019
  2. David B. March 17, 2019
    • Vishal March 18, 2019
  3. Alfred Cohen January 24, 2019
    • Vishal January 25, 2019
  4. Liliana July 8, 2018
    • Vishal July 9, 2018
  5. leneth February 14, 2018
    • Vishal February 15, 2018
  6. Vishal October 4, 2017
    • Borisio October 11, 2017
    • Vishal October 12, 2017
  7. Justin August 24, 2017
    • Vishal August 27, 2017
      • Borisio October 3, 2017
  8. CC June 27, 2017
    • Vishal June 28, 2017
  9. V Lewin June 23, 2017
    • Vishal June 28, 2017
  10. Russell Pearce May 20, 2017
    • Vishal May 24, 2017

Leave a Reply

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.