top | item 33980628

(no title)

riolu | 3 years ago

For someone with luks2 in the username you sure have a lack of understanding about encryption.

Why would it be so hard to believe that your recovery key is hashed and salted like every other password? You can't view your key after creation, you have to regenerate it. Do I really need to pull out Wireshark to verify this for you?

Advanced data protection is explicitly removing Apple as a holder of your keys, it's not re encrypting anything, it's not new encryption. The entire process is just deleting the key that was already stored on their servers anyway. How would it be in Apple's interest to keep your recovery key after press releases and multiple warnings saying you're on your own for recovery.

discuss

encryptluks2|3 years ago

Microsoft Windows has the option to upload your BitLocker recovery key to your Microsoft account. I was trying to understand why Apple needed to ping a server for a recovery key. Oh, look... they do have that feature afterall:

https://support.apple.com/guide/profile-manager/use-a-person...