FileVault and Login Weirdness

October 23, 2015

I’ve been having strange login issues with my new Macbook Pro, and finally figured them out. It turns out that I didn’t fully understand how FileVault encryption works.

I was seeing the following issues:

• On restart, I would see a photo-based login screen, which wanted my iCloud password, then I would see another username/password login screen, which wanted my local password. Also, it was strangely focusing the password field instead of the username field.

• The first login screen wasn’t using my login preferences of username/password instead of photos.

• Running in clamshell mode, I was never able to get the login screen to appear on my external monitor after a restart.

For the first issue, I tried all sorts of things, then decided to disable, then re-enable iCloud. After doing that, I only saw the initial photo-based login screen.

The second issue is where I realized everything was due to FileVault. No matter what I did with the login preferences, the login screen always showed the user photos and the shutdown/restart options, which I had disabled in preferences.

Eventually I figured out that with FileVault, the login screen is provided prior to OS X booting, which is necessary for it to decrypt and boot OS X. That login screen has no preference options, and always shows user photos. Disabling FileVault will cause only the actual OS X login screen to appear.

The third issue was also related to FileVault. When showing the FileVault login screen, it hasn’t yet booted OS X, so it doesn’t know about my external monitor.

I’d really prefer some control of the pre-OS X login screen, as I don’t really want my actual name showing up on the login screen. I prefer just an empty username field. And of course it would be nice if it knew about my external monitor, but doing that without an OS might be pretty tricky.

So now I have to decide between wonky booting and logging in, or having strong encryption.