What is FDERecoveryAgent?

FDERecoveryAgent (sometimes shown as security.FDERecoveryAgent) is a process tied to FileVault disk encryption.

What is FDERecoveryAgent?

FDERecoveryAgent stands for Full Disk Encryption Recovery Agent. It manages the recovery key for FileVault, the disk encryption built into macOS. If you ever forget your login password, the recovery key is what lets you unlock your encrypted disk.

What does it do?

The agent handles:

• Storing your FileVault recovery key with Apple when you choose that option during setup
• Managing recovery key rotation in workplace settings
• Sending keys to device management servers for company Macs
• Making sure a valid recovery key exists for your encrypted disk

When is it active?

FDERecoveryAgent is active when:

• FileVault is being turned on and you choose to store the recovery key with Apple
• A device management server asks for the recovery key to be stored
• The recovery key needs to be changed

If FileVault is already set up and no key work is happening, it is mostly idle.

Do I have FileVault turned on?

You can check in System Settings, then Privacy and Security, then FileVault. On modern Macs with Apple Silicon, encryption is always on at the hardware level. FileVault controls whether a password is needed to unlock the disk at boot.

Should you worry?

No. It is a normal macOS security process. It helps you recover your data if you forget your password, either through Apple's recovery service or your organisation's IT department.

Enjoyed this post?

Well, you could share the post with others, follow me with RSS Feeds and/or send me a comment via email.

Tags