Reply To: Different Recovery Keys used for Mac encryption

#4783
AvatarGrace Baker
Moderator
2 pts

Hey, Thanks for reaching out to us.

On encrypting the Mac using the Institutional Recovery Key, the organization uses a common key to decrypt the devices. The advantage of this is that a new key can be downloaded from the portal itself if the key is lost.
On using the Personal recovery key, each key is unique to the machine that is being encrypted. The user must note down this key as it won’t be saved anywhere in the portal. If this key is lost, the device will have to be a factory reset.
Whereas on using the Institutional and Personal Recovery key, both institutional and personal recovery key will be generated. So, if the personal recovery key is lost, the institutional recovery key can be used to decrypt the device.

Kindly use the help link to know more about the same.

Cheers!
Grace Baker
Hexnode MDM