MacOS Encryption Errors - Displaying Recovery Keys on Lock Screen, Displaying Users

I've just begun the process of encrypting our Mac users and have noticed several unusual behaviors, almost as if Sophos encryption is overwriting/modifying MacOS settings. 


1. Recovery keys being listed on the login window, even when the option to hide messages on the lock screen is disabled. What is even weirder is that this option keeps re-enabling itself.

2. ) Upon starting the machine, on the login window, user accounts are listed instead of the sign in with a username and password even when the name and password option is selected. 



Are any other Mac users experiencing anything like this?

  • Hi  

    Just to confirm, you are using Sophos Safeguard Encryption and not Central Device Encryption right?

  • Hi - This is not the recovery key, but rather the ID you give to the "helpdesk" and they give you the key back. It's like/is the device identifier.


    This is the correct behaviour for Central, but would not be correct for on-prem Enterprise. Can you confirm you're using Central?


  • Hi  

    For your first point, I agree with Michael here, that is the Recovery Key ID which helps IT in fetching the actual Recovery Key of the machine. The Key ID is written in the preboot and if there was something in it before, then we append the Key ID in a new line. 

    For your second point, that is happening because of FileVault2. Once FileVault is activated (by Central Device Encryption or Safeguard), it does that automatically. 

  • In reply to Yashraj:

    Thank you for the response, that makes complete sense now. 


    As far as the log in users, is there no way to disable that?