Skip to main content

Trinity College Dublin, The University of Dublin

Trinity Menu Trinity Search

IT Services Knowledge Base

You are here Device Encryption > macOS device encryption via FileVault

macOS device encryption via FileVault

Device encryption on macOS computers is provided via a program called FileVault. FileVault will encrypt the hard drive of the computer.

All macOS computers that are registered to connect to the Trinity College data network, are automatically encrypted as part of the network onboarding process.

Once encryption is enabled, you will be prompted to restart your computer and enter your Mac administrator password.

The Mac administrator password is not the same as your Trinity network login password.

If you do not know your Mac administrator password, please refer to the following pages:

IT Services cannot assist in recovering Mac administrator passwords if they are lost.

Once FileVault is enabled on your macOS device, your login experience will not change. You will continue to log in as normal before the encrypted was enabled.

Accessing encryption recovery keys

In certain scenarios you may need to access the encryption recovery key for the device.

Your recovery key will be available by contacting the IT Service Desk or via your online Microsoft 365 account.

To access the recovery key via your Microsoft 365 account:

  1. Sign into portal.manage.microsoft.com using your Trinity email address and password
  2. Go to Devices and select the macOS device that is encrypted with FileVault
  3. Select Get recovery key
  4. You can then copy your recovery key from the screen

We recommend any enrolled and encrypted computers be logged into at least once a month to ensure they are kept up to date with security updates as well as check in with our endpoint management systems for other security and configuration settings.

Checking in with our endpoint management systems also ensures the availability of the encryption recovery key should this be required at any point.

Leaving Trinity and uninstalling FileVault

If the encrypted device is your own personal computer and you are planning to take that computer with you when you leave Trinity, then you should contact the IT Service Desk so that the encryption can be removed.

If the encrypted device is a Trinity owned computer and will be handed back to your department once you leave, then the encryption does not need to be removed.

Backing up your data

Please note that encrypting a device does not backup your data. All users are still responsible for backing up the data on the computers they use.

OneDrive can be used for personal backup and SharePoint for any departmental files.

Further help

If you have further queries regarding this service, please see the FAQ page. If you still require assistance, please contact the IT Service Desk.