How to Encrypt, Decrypt, and Recover Mac Hard Drive Files?
Summary: This blog shares various methods to encrypt and decrypt a Mac hard drive and recover files lost from an encrypted drive. Download the free-to-try Mac data recovery software to recover encrypted hard drive files.
Contents
What is Mac hard drive encryption?
macOS provides FileVault to encrypt your Mac hard drive which helps protect your data from prying eyes and hackers. FileVault full-disk encryption (FileVault 2) uses XTS-AES-128 bit encryption with a 256-bit key to help prevent unapproved access to the information on your startup disk.
How to Encrypt or Decrypt Mac Hard Drive?
macOS has several native methods to encrypt and decrypt a Mac hard drive. The following sections illustrate the methods in detail. Also, learn how to recover data from an encrypted or corrupt Mac hard drive.
Methods to Encrypt or Decrypt Mac hard drive:
A. Encrypt or Decrypt Storage Drive using Finder
macOS Finder allows you to encrypt or decrypt your internal or external Mac hard drive and volume quickly.
To encrypt your Mac hard drive by using Finder, perform the following steps:
- Use the internal Mac volume or connect the external storage drive you wish to encrypt.
- Launch Finder, and from the left pane, secondary-click a drive or volume and select the Encrypt ‘Drive_Name’ option.
- Set a password and hint as requested by macOS. Wait till the hard drive encrypts. And, from now on, you need to key in the password to unlock the drive.
Similar to encrypting a hard drive, macOS Finder also makes the process of decryption easy.
To decrypt a hard drive by using Finder, perform the following steps:
- Open Finder, and from the left pane, secondary-click on the encrypted hard drive and select the Decrypt ‘Drive_Name’ option.
- After Mac decrypts the drive, access the hard drive directly without any password.
B. Encrypt or Decrypt Storage Drive using FileVault
FileVault is the native disk encryption application that allows you to encrypt your startup disk. It uses your login password as an encryption key.
Steps to encrypt your Mac hard drive using FileVault:
- Go to Apple menu > System Preferences > Security & Privacy > FileVault tab.
- Click the Lock icon and enter admin credentials. Click the “Turn On FileVault” button.
- Provide a password to encrypt the disk. Your Mac encrypts the disk in the background. You can check the encryption progress from the FileVault section.
- After encryption, restart your Mac and provide the login password to finish starting up.
When you don’t want to keep your Mac hard drive encrypted any longer due to some reason, you can decrypt your encrypted Mac hard drive by using FileVault.
Steps to decrypt your Mac hard drive using FileVault:
- Open the FileVault tab from Security & Privacy, as explained before. Click the “Turn Off FileVault” button. Your Mac decrypts the disk in the background. You can check the decryption progress from the FileVault section.
- After decryption, restart your Mac. Now, you won’t need any password to unlock your Mac hard drive.
C. Encrypt or Decrypt Storage Drive using Disk Utility
Disk Utility has the option to erase your Mac hard drive in an encrypted format—APFS (Case-sensitive, encrypted), Mac OS Extended (Journaled, Encrypted), or Mac OS Extended (Case-sensitive, Journaled, Encrypted).
Steps to encrypt your Mac hard drive using Disk Utility:
- For non-startup disk, launch Disk Utility from Finder > Applications > Utilities. Or else, press Command + Spacebar to bring Spotlight. Type ‘disk utility’ and click the Disk Utility search result to launch the application.
- From Disk Utility, select the internal non-boot Mac volume or the external hard drive you want to protect via password, then click the Erase tab.
Warning: Erasing a drive will remove all its content, so back up before performing the erase operation.
- In the Format section, click the drop-down menu to select an encryption format.
- In the Name section, provide your hard drive with a name and click Erase. Before macOS erases the drive, it displays a dialog box asking for a password.
- Enter the password that is easy to remember yet difficult to crack for others. Don’t forget to provide a Password Hint. Disk Utility completes the erase process of your hard drive.
- When the erase process is over, the encrypted drive mounts on the Mac. Enter the drive’s password each time you access it. If you forget the password, the drive will turn inaccessible.
Steps to encrypt Macintosh HD, the startup disk, using Disk Utility in macOS Recovery mode:
- Start or restart your Mac and immediately by pressing and holding Command + R keys. Release the keys when the Apple logo appears. Your Mac boots into macOS Recovery mode.
- From the macOS Utilities window, select Disk Utility and click Continue. Erase the startup disk in an encryption format after backing it up by using Time Machine.
- Reinstall macOS from the macOS Utilities window. Finally, restore the backed-up data from the Time Machine backup drive to the encrypted drive.
Disk Utility also allows you to decrypt a Mac hard drive that you have erased using an encryption format.
Steps to decrypt your Mac hard drive using Disk Utility:
- Open Disk Utility, then select your encrypted storage drive.
- To unlock the hard drive, go to File > Unlock ‘Drive_Name.’
- Enter the password when prompted.
- To decrypt the hard drive, go to File > ‘Turn Off Encryption.’
D. Encrypt or Decrypt Storage Drive using Terminal
The Terminal is a powerful application that can help you to encrypt or decrypt your Mac hard drive. But since you need to have a complete know-how of Terminal commands, any incorrect operation can result in data loss. So, back up your data from the drive before executing any Terminal command.
Steps to encrypt a hard drive using Terminal:
- Launch Terminal from Finder > Application > Utilities.
- Type the code “diskutil apfs list” and hit Return. The Terminal produces a list of all APFS volumes and containers. Note down the APFS volume ID information.
- To encrypt volume, type “diskutil apfs encryptVolume /dev/apfs_volume_id” and hit Return. Type the password for encryption when asked. Type again to confirm the password.
- To monitor encryption progress, type “diskutil apfs list” and hit Return.
Similarly, you can decrypt your encrypted Mac hard drive by using Terminal.
Steps to decrypt an APFS encrypted drive using Terminal:
- Launch Terminal. Type “diskutil apfs list” and hit Return to know the APFS volume ID.
- Type “diskutil apfs unlockVolume /dev/apfs_volume_id -passphrase type_the_key”, then hit Return to unlock the volume.
- Type “diskutil apfs decryptVolume /dev/apfs_volume_id” and hit Return to decrypt the volume. Authenticate when prompted.
- To monitor decryption progress, type “diskutil apfs list” and hit Return.
For other drives, do the following:
- Launch Terminal and type the code “diskutil cs list” and hit Return. The Terminal produces a core storage list in a hierarchy. Copy the alphanumeric code that is logical volume UUID, which is next to Logical Volume Group.
- Type “diskutil cs decryptVolume logical_volume_uuid -passphrase type_the_key” and hit Return.
But what if you delete few crucial files from an encrypted hard drive, or the drive itself turns corrupt. In such cases, you need to salvage your lost data.
Data Recovery on Encrypted Mac Drive
A. Recover Encrypted Mac Hard Drive with Time Machine
Mac data loss can occur from an encrypted hard drive due to accidental deletion, formatting, or corruption. So, setting up a Time Machine backup hard drive is the need of time.
Time Machine performs incremental backups of your encrypted Macintosh HD as per the schedule. And in case of data loss, you can use Time Machine to restore your lost data to your Mac drive.
Steps to recover encrypted Mac hard drive with Time Machine:
- Ensure your Time Machine backup drive is connected to your Mac. Launch Time Machine from the Launchpad.
- Find the deleted or lost files by using Up/Down arrows or Timeline. Select the required files and folders, then click Restore. The files will restore to their actual location.
B. Recover Encrypted Mac Hard Drive with Professional Software
What if you haven’t set up your Time Machine backup drive? Or you didn’t connect the backup drive to your Mac to perform an incremental backup. Only a Mac data recovery software can help you recover data from an encrypted hard drive in such cases.
Watch this video to know how you can encrypt, decrypt and recover MAC hard drive?
- Install the *trial version of Stellar Data Recovery Professional for Mac on your iMac, MacBook, or Mac mini from where the data is lost.
- In the ‘Select What To Recover’ screen, either select ‘Recover Everything’ or toggle on specific file types to customize your scan, then click Next.
- In the ‘Select Location’ screen, select your internal or external encrypted Mac drive. Provide the password to unlock the drive.
- When you scan your startup disk in macOS Ventura, Monterey, Big Sur, Catalina, Mojave, or High Sierra, you must load the Stellar Data Recovery extension for Macintosh HD recovery. Learn More
- Toggle on Deep Scan, then click Scan. Wait till the software scans the encrypted hard drive thoroughly. The software can also scan a corrupt encrypted drive.
- After the scan is over, select a view out of the three views Classic List, File List, and Deleted List. Expand the scanned items listed by the software.
- Double-click a file to launch its preview to check its quality. Select all the desired files.
- Click Recover to save your recoverable files. Click Browse to specify a distinct drive location, then click Save. Open the destination drive to verify the recovered data.
*The trial version of the software allows you to free scan your encrypted storage drive and preview your files for free. To save the recoverable files, activation of the software is mandatory. And why hesitate when the software has a 30-day money-back guarantee, just in case.
What if the decryption password is lost?
If the decryption password is lost, then your drive is lost forever. You can’t retrieve data from the drive anymore. For that reason, always keep the decryption password in a safe location so that it can be used as and when required.
Conclusion
Although macOS has made the encryption and decryption process easy and convenient, you should be careful in following the crucial troubleshooting steps, as a small mistake can lead to permanent data loss.
Suppose you have faced a data loss disaster, leverage Stellar Data Recovery Professional for Mac software to help you recover your data from an encrypted hard drive. Besides, the software recovers data when the drive turns corrupt during the decryption process.
This versatile software performs data recovery on APFS and can handle any logical data loss situation with ease—encryption, corruption, inaccessibility, erasure, or emptying of Trash. To check its interface, scan-capability, and other powerful features, download the free-to-try software. Scan the encrypted/corrupt drive and preview files. And once satisfied, you can activate it for a lifetime.
Hi, My External USB hard drive was accidentally erased by a Bad software without my permission, My hard drive was APFS Encrypted and I have always my password and information in my APPLE Keychain.
Now my hard drive is in APFS without encryption, if I use Lost volume scanning, and after that use Deep Scan in old APFS Volume I’ll see my file ? do you think I’ll have the option to see my encrypted volume ? and the opportunity to put my password ? I have it.
Thank you for your help
Hello hh,
Instead, try to recover the drive via Deep scan feature only (not using can’t find volume). watch this video for more.
Let me know further.
I accidentally erased a hard drive that was connected to my Mac. I was wondering if this product would help.
The drive has a GUID partition scheme. On that drive I used Disk Utility to created one large partition which was formatted as a “Mac OS Extended (Journaled, Encrypted)” volume. I know the password that was used and this drive has worked reliably for several years in that configuration.
(Even though I set it up as one large partition, my understanding is that sometimes the Mac will also create a hidden “Recovery” partition on the same drive as well. I am about 75% certain it had done so in this case.)
A few days ago, I was using the Disk Utility program and erased that volume by mistake. Disk Utility then created a new “Untitled” partition, formatted as a “Mac OS Extended (Journaled)” volume. That step took only about 5 seconds (so it did not do a low-level erase or format operation).
I have hardly used the disk at all since this happened a few days ago. I’ve mounted the drive (read the file system) a few times because I wanted to collect info about the drive. However I have not “saved” any files to it (beyond the various invisible files that the Mac OS places on a new disk).
So in summary:
– Using Disk Utility I erased the main “Mac OS Extended (Journaled, Encrypted)” volume on a drive (I have the above password used to encrypt that volume)
– Disk Utility created a new “Mac OS Extended (Journaled)” volume on that partition
– I haven’t stored any user files on the drives since
Is there any hope for getting my files (and hopefully the folder structure) a back?
Hello David,
Thanks for writing your query. Please find my reply below:
Stellar Data Recovery Professional for Mac recovers data from a formatted APFS, HFS hard drive.
–Download and install the free trial version of the software and scan your formatted Mac hard drive via Deep Scan. Allow the software to complete the scan. Once done, it will show you all the recoverable files. Since the drive was formatted and so the encryption algorithm you may not require the password to unlock the drive before scanning.
-Good to know that you have taken the precaution after formatting the drive by not writing new data to it. I advise you to scan the disk sooner than later to analyze the recovery.
Regards
Vishal
Stellar Mac Data Recovery Software works marvellously on internal and external hard drives, USB flash drives, SSD drives and many other appliances.
Dear Alfred,
Thanks for mentioned good words about mac data recovery software.
I am glad to be one of the visitors on this great website, appreciate it for posting.
Thanks Liliana
hello vishal.. do i really need to buy the mac data recovery for me to get a registration key and activate the product? i really need to recover my files. thank u very much.
Hello Leneth,
Thanks for contacting Stellar Data Recovery
Yes, to save the recovered data with Stellar Mac Data Recovery; you need to register the product. Once it is activated, it will save the files to your chosen destination.
Hi Borisio,
Did you try scanning your hard drive with Stellar Mac Data Recovery software?
this is the quick scan of this drive, long one produces similar thing.
Hi borisio, try RAW Recovery on your hard drive using Stellar Mac Data Recovery.
Hi Vishal,
I have a 2TB WD external hard drive. There was an encrypted folder with password and I still remember the password.
One day, I made a mistake to format the entire WD hard drive by Disk Utility with a different format (EXfat), but I realized my mistake just after the incident and did not save/write any file in it.
(I can’t remember what was the previous format…)
Can SDR still search for the formatted encrypted folder for me to insert the password, then start restoring my folder in this situation??
Your feedback will be much appreciated.
Thank you.
Hi Justin,
We recommend you to follow the below steps to recover the data using Stellar Mac Data Recovery:
1. Select Start New Scan option from main interface screen.
2. Select the drive from which you want to search the lost /deleted volumes.
3. Select Search Lost / Deleted Volumes option from listed scanning method.
4. Click Start Scan button to start scanning process. Software will scan and display all the lost/deleted volumes of your drive.
5. Now, select the lost volume that you want to scan for data from the list of volumes.
6. Select ‘Recover Data’ option and start the scan.
Vishal can yo uplease view the poat below this one, many thanks!
Hi, I have a WD My Passport for Mac 500GB Portable External Hard Drive Storage USB 3.0. I used the password protect feature and haven’t changed my password. But all of a sudden, the same password no longer works. I have tried on 3 different computers.
May I know does the free MAC data recovery tool help to retrieve the files I need given I will continue using the same password?
Thanks for all the help.
Hi CC,
Stellar Mac Data Recovery does support data recovery of deleted files from an encrypted hard drive. Though, the first condition to perform recovery is the user must unlock the drive by the password. Once you are through, you can start the scan and recover files. In your case, the drive isn’t accepting your password, though you should at least try once with Stellar and provide the same password. However, chances are low that your drive will get unlocked. Please try once. Download the software from here
I damaged my old Macbook Pro with water. I bought a Macbook Air. I migrated data to it from a WD MyBook drive. It seemed to go smoothly. Then I had second thoughts about the Air and also bought a Macbook Pro, planning to return one of them. I migrated data the same way but not everything came over. I called tech support. The tech, for some reason, had me encrypt my hard drive. I didn’t have that much on it but it took over 37 hours. As it turns out, I prefer the Macbook Pro and want to return the Air. But the Air seems to have my all data while the Pro doesn’t. I really do not need encryption for anything. I want to decrypt the hard drive. I want to transfer all my data to the Pro. The only think I know for sure is that the Air seems to have all my data. I have an appointment with a senior advisor this evening. How do I get my data onto the Macbook Pro and how do I decrypt the external drive without losing anything? Also, will it work to migrate encrypted data to the Pro? I have a bit of a time crunch and am worried whatever process I do will take days again. Thank you.
Hi V Lewin,
I migrated data to it from a WD MyBook drive. It seemed to go smoothly. Then I had second thoughts about the Air and also bought a Macbook Pro, planning to return one of them. I migrated data the same way, but not everything came over. I called tech support. The tech, for some reason, had me encrypt my hard drive
I recommend you clone your MacBook Air hard drive to an external drive since your MBA have complete data on it. Once the backup is done, decrypt the drive (See decryption steps in the article).
I accidentally use the password assisting when encrypting my external drive, so there is no way for me to know what password I chose. I didn’t realize the “password assistant changed my password when moving the Password Assistant slider. This sucks! Why would Apple let the Password Assistant create the password and verify it at the same time. What options do have to recover my files? Should I erase the drive with a low erase setting, then try to recover as much files as I can? Please provide some help! This hard drive had over 4 years of my recordings.
Hi Russell
Without unlocking the encrypted partition data recovery is not possible using Stellar Mac Data Recovery. Erasing the HDD with low erase setting also data will not show in decrypted from, so recovery is not possible. Please let me know if there are further queries.
Thanks.