Error when trying to enable FileVault on MacAir running Ventura

What is the exact model of your Mac? You can get this information by clicking the Apple menu and selecting "About This Mac".

The important part of that error message is:

Error:  User is not Secure Token enabled

Here is an Apple article about Secure Tokens:

Use secure token, bootstrap token, and volume ownership in deployments - Apple Support

@Barney-15E suggested in this other thread the following two articles:

https://derflounder.wordpress.com/2018/01/20/secure-token-and-filevault-on-apple-file-system/

https://apple.stackexchange.com/questions/313366/what-is-a-secure-token-and-how-do-i-get-an-admin-users-that-has-one

NVRAM (Non-Volatile Random Access Memory) and PRAM (Parameter RAM) are types of memory used in computers, particularly in Apple devices, to store system settings and configuration data. Here's a breakdown of each:

NVRAM (Non-Volatile Random Access Memory)

• Definition: NVRAM is a small amount of memory that retains data even when the computer is powered off. It is used to store system settings that need to persist across reboots.
• Purpose: On macOS devices, NVRAM stores settings such as:
  • Speaker volume
  • Screen resolution
  • Startup disk selection
  • Time zone
  • Kernel panic logs
• Non-Volatile: The "non-volatile" part means that the data stored in NVRAM is retained even when the computer is turned off, thanks to a small battery or capacitor.

PRAM (Parameter RAM)

• Definition: PRAM is a specific type of memory used in older Apple computers to store similar system settings. It is essentially an older implementation of what NVRAM does today.
• Purpose: PRAM stored settings like:
  • Display resolution
  • Time zone
  • Volume settings
  • Startup disk information
• Legacy: PRAM was used in older Macs, but modern Macs have replaced PRAM with NVRAM, which serves the same purpose but is more efficient and reliable.

Resetting NVRAM/PRAM

If your Mac is behaving strangely (e.g., incorrect screen resolution, sound issues, or boot problems), resetting the NVRAM/PRAM can often resolve the issue. Here's how to reset it:

1. For Intel-based Macs:

• • Shut down your Mac.
  • Turn it back on and immediately press and hold Option (⌥) + Command (⌘) + P + R.
  • Keep holding the keys for about 20 seconds. The Mac may restart during this process.
  • Release the keys, and the NVRAM/PRAM will be reset.

1. For Apple Silicon Macs (M1/M2 chips):

• • NVRAM is automatically managed by the system, and there is no manual reset process. Restarting the Mac should resolve most issues.

Hi, It sounds like you're encountering a frustrating issue with enabling FileVault on your MacBook Air running macOS Ventura. Here are some troubleshooting steps and suggestions to help resolve the problem:

1. Verify Admin Account Permissions

Ensure the admin account you're using has full administrative privileges. Sometimes, admin accounts can become corrupted or lose certain permissions.

To check:

Go to System Preferences > Users & Groups.

Verify that the account you're using is listed as "Admin."

2. Check for FileVault Pre-Requisites

FileVault requires certain conditions to be met before it can be enabled:

The startup disk must be formatted as APFS.

There must be no pending disk errors or issues.

The system must have a valid recovery key or iCloud account linked for recovery.

To check the disk format:

Open Disk Utility.

Select your startup disk and confirm it is formatted as APFS.

3. Reset NVRAM/PRAM

Resetting the NVRAM/PRAM can sometimes resolve issues with FileVault.

Shut down your Mac.

Turn it back on and immediately press and hold Option + Command + P + R.

Keep holding the keys for about 20 seconds, then release them.

4. Enable FileVault via Terminal

Since the GUI method isn't working, you can try enabling FileVault using the Terminal. Here's how:

Open Terminal.

Run the following command to check the FileVault status:

fdesetup status

If FileVault is off, proceed to enable it.

Use the following command to enable FileVault:

sudo fdesetup enable

You will be prompted to enter the admin password and create a recovery key. Save the recovery key in a safe place.

If this command fails, note the exact error message and proceed to the next step.

5. Check for Disk Issues

Even though you've already run Disk First Aid, it's worth double-checking for any underlying disk issues that might prevent FileVault from being enabled.

Boot into macOS Recovery:

Restart your Mac and hold Command + R until the Apple logo or spinning globe appears.

Open Disk Utility and run First Aid on your startup disk again.

If any errors are found, attempt to repair them.

6. Check for Configuration Profiles or MDM Restrictions

If this Mac is managed by an organization (e.g., through an MDM solution), there might be a configuration profile preventing FileVault from being enabled.

Check for profiles in System Preferences > Profiles.

If you find any profiles, review their settings or contact your IT administrator.

7. Reinstall macOS (Without Data Loss)

If none of the above steps work, you can try reinstalling macOS Ventura without erasing your data. This can fix any system-level issues that might be causing the problem.

Boot into macOS Recovery.

Select Reinstall macOS and follow the on-screen instructions.

Additional Notes:

If you encounter specific error messages (e.g., during the fdesetup command), please share them so I can provide more targeted advice.

Make sure you have a backup of your data (e.g., via Time Machine) before attempting any major changes like reinstalling macOS.

Let me know how it goes!

Because of that I don't prefer resetting NVRAM/PRAM