Filevault2 system password different from user password

Using filevault2 system encryption I noticed that my login password is also used to decrypt the disk at boot time.
This does not fit my needs. My requirements for the system encryption passphrase and the login password differ significantly.
To protect my disk, I want to use a long and complicated pass phrase. One that can not be broken by brute force in the universe's lifetime.
For my login account, I want a shorter, easy to type password. The main use of this password is to authorize actions that need administrative privileges. And it is needed quite often. Using the disk pass phrase for this purpose is just impractical.
Is it possible to set up the system this way? Of course, if the shorter login password can also unlock the disk, then no security is gained by having an additional longer pass phrase.
I tried to change the pass phrase of the system partition in disk utility. I selected the OSX partition and executed File->Change Password.
There was no error message of any kind, but on the next boot, I was still able to unlock the disk using my shorter login password. (Which managed to cause some distrust in filevault2 on my side. What is going on? There was no error message when changing the password in disk utility.)

After the next reboot, it showed again decrypting progress.
Decrypting is not very stable, I had two freezes during decryption, where a Window of Death advises you to hold the power button until the computer turns off.
Several more times, the progress indication of the decryption process displayed nonsense.
Reencryption had to be done as the new disk unlocker user, as it is not possible to exclude the user from disk unlocking that starts the filevault2 encryption.
What about the other question, why is it possible to set a password for the system partition in disk utility without any error message, and, as it seems, without any effect?

Similar Messages

  • Are Sql functions different from user defined functions ?

    Hello,
    SQL functions are built into Oracle Database and are available for use in various appropriate SQL statements. Do not >confuse SQL functions with user-defined functions written in PL/SQL.according to first paragraph of this document Sql functions are different from user defined functions . How is that ?
    Is they really differ from each other ?

    bootstrap wrote:
    If you don't know what compilation is, please use Wikipedia or other online resources.I know what is compilation . But i was confused whether those sql functions are compiled in my machine when i install Oracle Database in my machine or they are pre-compiled .
    As you said these Sql functions are pre-compiled , it is clear now that they are pre-compiled platform dependent code .
    Can you provide actual source code of any SQL function , say SUM function .
    I want to see it, how they have defined . Eagerly waiting for any reply. please help .
    Edited by: bootstrap on Aug 19, 2011 11:50 AMYou can ask oracle if they give you their code. I doubt they will. However if you want to write you own user-defined aggregation function, there are examples in the documentation how to do that.
    http://download.oracle.com/docs/cd/E11882_01/appdev.112/e17125/adfns_packages.htm#i1008575
    Edited by: Sven W. on Aug 19, 2011 9:24 AM

  • How to set Portal Theme for WDA iView different from user's Theme

    Hi Experts!
    I have dual-stack system: ABAP server + Java. I have WDA application in ABAP server and I deployed it to NW Portal via iView (using template).
    There are two themes customized:
    1:  Standard - to be used for all iviews except WDA iviews. This theme is set as default for user.
    2.: WDA theme - to be used for some WDA iviews IRRESPECTIVELY what them is set in personalization settings of the user.
    So my question is:
    Can I somehow set the Portal Theme to be used for specific iView no matter what Theme user has selected in his personalization?
    Or if its not possible, can I set some specific Theme for WDA application?
    So taks is to overcome settings for default portal theme for user and replace it with different theme. Is this possible?
    Thanks in advance.

    Are you using an LDAP as your UME, or are the user records from from R/3 ?
    Apparently  (Ive never done it) you used to be able to force a default language by editing this file (back in the EP5 days):
    <J2EE root>\WEB-INF\portal\system\properties\prtDefault.properties
    Look at the following lines :
    This is the default language to be used when none is specified
    request.defaultlanguage=en
    request.defaultcountry=us
    If you prefer to have the same language for all users no matter their user locale, change the lines to this :
    This is the default language to be used when none is specified
    request.mandatorylanguage=en
    request.mandatorycountry=us
    I hope this works out for you

  • Different from Oracle file

    Hi,
    I am getting the below  error in my system in db check .
    Detail log:                    cefatfts.chk
    command_line                   brconnect -u / -jid CHECK20101006090000 -c -f check
    alert_log                      G:\ORACLE\SID\SAPTRACE\BACKGROUND\alert_SID.log
    BR0286W Size 1972764672 of file H:\ORACLE\ SID \SAPDATA4\PRDUSR_2\PRDUSR.DATA2 is different from Oracle file size 482353152
    BR0280I BRCONNECT time stamp: 2011-01-19 09.00.30
    Googleit and found the below link
    Backup Error "Return Code 0001 Success with warnings"
    in this they Just Extend the datafile to update the control file
    So i use ALTER DATABASE DATAFILE 'DATAFILE' RESIZE 'NEW SIZE'
    Can this solve my error Please suggest and what command and precaution do I have to take.
    Regards,

    Hi,
    Sorry for that I will  have closed the one post. As suggest i have cheeked the sap note and find only one note 1137346
    in that
    BR0286W Size of file %s is different from Oracle file size.
    BR0286W Größe der Datei %s ist verschieden von Oracle-Dateigröße.
    Explanation:  The file size in the file system is different from the file size saved in the ORACLE dictionary (in the control file). The file may be corrupted.
    Program reaction:  The program tries to save the file.
    User action:  Check your disks, the file system (file system check), and the ORACLE ALERT file. If you discover errors, you may be able to correct the situation by performing a recovery. Contact an ORACLE specialist before you start a recovery.
    Need to know the steps as suggest
    in this they Just Extend the datafile to update the control file Can this solve my error
    Regards,

  • How to get a value from User's AD attribute and Display it on a SharePoint page ?

    Forum,
    We have a specific attribute in Active Directory for every single user. Meaning: In our Active Directory we have an attribute e.g. "UserType" and the value of this attribute is different from user to another.
    Requirement: I need to display the value of this attribute on the SharePoint page - How to do so?
    I don't think using the User Profile properties is the way to go. So, Could you please guide me on how to use C# or JavaScript to retrieve the value from AD attribute of each user and show it on the SharePoint site?
    Thanks for your inputs !

    Using C# or javascript to authenticate the user to AD to read the property directly will be very difficult. Creating a custom user profile property and adding a sync from AD to that property is definitely the easiest way to do what you are describing.
     Once its in User Profiles there are lots of samples on how to add it to the page.  
    Paul Stork SharePoint Server MVP
    Principal Architect: Blue Chip Consulting Group
    Blog: http://dontpapanic.com/blog
    Twitter: Follow @pstork
    Please remember to mark your question as "answered" if this solves your problem.

  • Why does an Inbound IDoc no change and differs from an Outbound IDoc no?

    Hi Experts,
    This seems to be a basic question..! But can someone kindly clarify why an IDoc number gets changed when sent from one R/3 system to another R/3 system and how does this happen???
    i.e., whenever an IDoc was triggered from R/3 system A to R/3 system B through XI/PI, the Inbound IDoc number (in system B) differs from the Outbound IDoc number (in system A)... Why does this happen and how???
    Thanks in advance!
    Br,
    G@nesh

    Hi Ganesh,
    The IDOC numbers are always Unique,
    IDOC can be generated in SAP system as a result of internal testing (WE19), or
    can be posted from a non sap system (say PI).
    So every time a new IDOC comes, it is assigned a new number to avoid confusion and also this plays a
    critical role in the  end to end testing and validation.
    If you look at the control record of the IDOC you can see a element called DOCNUM. this stores to actual IDOC number.
    from PI side you can  use IDX5 and in ECC  We02/05 to notice the idoc numbers.
    Regards,
    Srinivas

  • AE 3D axis orientation is different from 3D programs?

    Here is something that has been bothering me forever:
    Is the AE x y z coordinate system aligned differently from 3D programs such as Blender or am I just stupid?
    In blender, the blue Z-arrow points up (vertically) in the front view. But in AE it's the green Y arrow that is pointing up.
    I really thought these were agreed upon standards (after all coordinate systems have existed way before any computer programs),  so it might be that I'm missing something here. Are the coordinate systems really different between AE and other 3D applications (like Blender)?
    Thank you!

    Actually Blender is the odd one out here. Most other 3D animation programs use the Y is the world up axis. On the other hand, Z up is traditional in CAD since it is assumed that plans are drawn in the XY plane in the top down elevation. So in fact neither is wrong in the specific context. And image processing programs traditionally use XY with the origin in the top left corner because that is how CRT tubes work and how any image needed to be drawn in the dark ages of computer graphics, hence most image and video formats still use that today. And you are mistaken - there is no "standard" here, it's all tradition/ habitual use of these things....
    Mylenium

  • Requirement type from User parameters ?

    Hi Gurus,
    today while doing a scenario in test system about strategy 50. after runnig MRP I found the Convrtable Planned orders are created in place of Un converatble Planned Orders.
    i found the Error That System Showing req Tpe As vsf instead vse.. which is maintained in User parameters  of MD61.
    1. my Doubt is how Can system Accept a requirement which is not Available in its material master ?
    regards,
    Venkat.

    Hello Venkat,
    System take data from User parameter maintained in MD61, You should Blank User parameter in MD61, if we maintained the values blank it always take data from config like req type & class.
    You just maintained User parameter default blank and save.
    In MD61 User paramter have priority over Configuration setting.
    Using the SHDO to restrict user to change theses values.
    Check and confirm
    Regards
    Umesh Mali

  • Choose a password that is different from your last 5 passwords

    Hi Experts
    "Choose a password that is different from your last 5 passwords."
    I want to take this setting off. So that you can use the same password every time.
    What I have done is:       -Transaction - rz10
                                           -Change the following parameter "login/password_history_size =  0"
                                           -stop and start the SAP system.
    Are there any other settings that I must change?
    Thanks

    This is not possible.
    The password may not be changed to any of a useru2019s last five passwords, if the user changes the password himself or herself.
    The administrator can reset a useru2019s password to any password, even to one of the last five passwords of this user. This is necessary, since the administrator should not know the passwords of the users. The user is prompted to change the password at the first interactive logon.
    Regards,
    Pavan

  • Problem in RFC as JCO changed from user/password to  SSO

    Hi all
    Initially i was using CO with user/password properties but now it has been changed to SO.
    In my webdynpro project there are 3 RFC Models being used.
    Out of which 2 are working fine and giving the desired results but 1 RFC works fine on the R/3 side but from the webdynpro side it does not work just displays bapireturn - "Not successful".
    As the properties of the JCO changes to USer/password , the RFC works fine giving the desired results
    Plz let me know wht cld be the problem
    Thanks and Regards

    Vindhya,
    With SSO, the details of the user who's logged in goto R/3 and thus determines if the user has authorizations to run this RFC. This user could be different from the user you were using previously without SSO.
    Meaning, this time, with SSO, the user is you whereas the user for user/pwd is someone else and you dont have authorizations to run the RFC??
    And another thing, even if you can successfully run that RFC logging into R/3, your userid may not have RFC authorizations (which is required to do a RFC call). IF thats the case, you need to talk to your security/basis guys.
    Lemme know if that could be the case in your situation.
    Rajit
    Message was edited by:
            Rajit Srinivas

  • Keychain password different from login password

    I've gotten mixed feedback on this: What additional security, if any, is obtained by making your keychain password different from your login password?

    I concede that if:
    - any shoulder-lookers/keyloggers have equal access to the login and keychain passwords
    - the login password isn't being used for anything else
    - the login password isn't being stored in some other insecure location (maybe in a script for use in a sudo command)
    - you're not using ftp/some other protocol w/insecure logins to connect to that computer and get data
    then there is no reason to have separate login and keychain passwords.
    But what I'm saying is that there are lots of little things (like those I mentioned above) that can be security holes that one simply doesn't think about. A user who is truly concerned about security may wish to simply have two separate passwords, thereby avoiding many (not all) potential insecurities.
    ddr

  • HT5622 The Apple id that appears in my iCloud account is different from my Apple ID . I don't remember the password of the id that appears in iCloud, I want both to be the same, that is to say only one Apple ID , the one that I use for all the other appli

    The Apple ID that appears in my iCloud account is different from the one I use every time I' m requested by Apple. I forgot the password for the iCloud id. I need to know how to change the iCloud id and make them both the same.

    Is this a second hand iPhone?

  • I have an iCloud account that is different from my apple account.. How can I recover the password for that account??

    I have an iCloud account that is different from my apple account. How can I recover the forgotten password

    Hello Bgenie
    If you have forgotten the password to that Apple ID, then go to My Apple ID and you will see and option to reset your password. You will need to answer the security questions or if you have a rescue email address set up you can get it sent to that email to reset the password. Check out the article for more information.
    Apple ID: If you forget your password
    http://support.apple.com/kb/ht5787
    Regards,
    -Norm G.  

  • How do I transfer all my Firefox saved passwords to my new hard drive and operating system? Going from xp to windows 7.

    How do I transfer all my Firefox saved passwords to my new hard drive and operating system? Going from xp to windows 7. I have the old hard drive hooked up as drive f. Can I copy and paste from old drive directory to new drive directory?

    You need to copy 2 files, key3.db and signons.sqlite, from the old [[profiles|profile folder]] to the profile folder on the new computer.

  • AUDIT action (create, delete, privilege escalation, set and change password from users account and group) users and admins in Solaris 10

    Hello.
    in Solaris 10 i need auditing process create, delete, privilege escalation, set and change password and etc... from users account and group.
    I set settings:
    in file syslog.conf:
    *.info;mail.none;cron.none;audit.notice            @IP-Remote-syslog-server-SIEM
    in file   /etc/security/audit_control:
    dir:/var/audit
    flags:lo,ad,ex,cc,am,no,fc,fd
    minfree:20
    naflags:lo
    plugin:name=audit_syslog.so;p_flags=lo,ad,ex,cc,am,no
    in file   /etc/security/audit_user:
    root:lo,ad:no
    Now I see in the logs only the fact of a connection via SSH and run processes on behalf of users. Creation. delete users, change passwords for some reason do not is logged.
    Many users. For each individual write permissions in the file /etc/security/audit_user not possible, it is likely to forget any new user (or there is a possibility in this file one line to describe the audits for all accounts?)
    Where is the mistake?

    You are most likely hitting Bug 15779000 user/role/groupadd/mod/del don't audit their use.
    And the fix is only available in S11.2.
    -- Renaud

Maybe you are looking for