openwall-com-au / BootUnlock

A helper script that unlocks macOS'es encrypted APFS volumes before login
GNU General Public License v3.0
49 stars 7 forks source link

Recognise FileVault's rate-limiting #21

Open galaxy4public opened 1 year ago

galaxy4public commented 1 year ago

If the user entered incorrect password multiple times during the installation, FileVault will lock the volume for 15 minutes. Currently, BootUnlock is unaware of this and will continue to attempt to unlock the volume. The worst is that even if you try to rollback by rebooting into a different volume where everything was working, the rate-limited volume won't be mounted. We need to recognise the rate-limit, possibly extracting the info for how long we need to wait, and provide some meaningful feedback to the user.