If you forget your personal password for FileVault, you can use a Recovery Key to regain access.

To create a FileVault Personal Recovery Key:

  1. Start into recovery-mode ( CMD+R at start), a different partition or connect the disk to another macOS.
  2. Access the terminal and run the following command. The command fetches a list of the Logical CoreStorage Volumes.
    diskutil cs list
  3. Find the Logical Volume (last on the list) and copy the UUID – it is in the format of XXXXXXXX-XXXX-XXXX-XXXXXXXXXXXX. Logical Volume is used to specify which volume must be unlocked and decrypted.

    recover_encryp_disk01
  4. Ensure that you have the Personal Recovery Key available and run the command below. Replace "UUID" with the UUID retrieved in step 3. You are prompted to enter the Passphrase and the Personal Recovery Key.
    diskutil cs unlockVolume UUID

    You can now see a response showing that the volume is unlocked and mounted. Now, you can recover any necessary files.

  1. Now that the volume is unlocked, you can begin the decryption process by using the following command and replacing "UUID" with the UUID retrieved in step 3. You are prompted to enter the Passphrase and the Personal Recovery Key.
    diskutil cs revert UUID

    To monitor the decryption status, use the following command. The status is located in the Logical Volume Family information.

    diskutil cs list

    recover_encryp_disk03