Suggestion for SmartCard Supplemental #225
Unanswered
reuven-cohen
asked this question in
Ideas
Replies: 2 comments 3 replies
-
That's a good suggestion. We should maybe add something about option shift return in there. |
Beta Was this translation helpful? Give feedback.
0 replies
-
Does this only work if you don't use the "allow my iCloud account to unlock my disk" option? Or is there a way to access your recovery key through iCloud to make this work? AFAIK, when using that option, you don't every "see" the key, so you wouldn't have anything to type in? |
Beta Was this translation helpful? Give feedback.
3 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
https://github.com/usnistgov/macos_security/blob/main/rules/supplemental/supplemental_smartcard.yaml
With SmartCard Enforcement enabled on Silicon MacBooks, there is another way to bypass the FV2 screen.
This is useful if you have an admin account that is set as an exception to SmartCard Enforcment, or if you want to be able to have the macBook connect to internet so that you can push policies via MDM.
After booting the system up, press Option Shift Return and you can enter the Personal Recovery Key.
This will authenticate the FV2 screen and drop the system into the normal login prompt with network enabled.
Beta Was this translation helpful? Give feedback.
All reactions