Obtain FileVault 2 recovery key with administrator account

I enabled full disk encryption on my new MacBook Pro. (I am new to the Mac world but an accomplished Linux/UNIX and Windows type)

However, I made a mistake and skipped the step of taking note of the recovery key.

Is is possible to get the recovery key at this point?


Solution 1:

It seems strange OS X didn't present you the recovery key. Try:

sudo fdesetup changerecovery -personal

This awesome blog has probably all the info you desire. Look for the section "Managing individual and institutional recovery keys". You can use your Filevault2 password to change the recovery key. And you will have to use an Administrator account.

Solution 2:

I believe the correct answer to this question is that you cannot find a FileVault Recovery Key for an already encrypted disk. You can only learn it when you enable FileVault. If you want to know it you need to decrypt and start over.

If you don't know the recovery key, you don't know the FileVault 2 encryption password, and you cannot boot into a user account with unlock privileges you cannot recover the drive.

Apple wants you to store the recovery key in iCloud. That is something I will personally do in the future. Be sure your iCloud password is recoverable in the case of drive failure (I like to keep a printed copy in addition to my 1Password).

If you want to manage recovery keys for a set of drives and computers you can study these recommendations:

https://support.apple.com/en-us/HT202385