FileVault is one of OS X’s most powerful security features. Understanding what it does, however, may take a little slogging.

As you know, the accounts system is designed to keep people out of one another’s stuff. Ordinarily, for example, Chris isn’t allowed to go rooting through Robin’s email and files.

Until FileVault came along, though, there were ways to circumvent this protection system. A sneak or a showoff could start up the Mac in FireWire disk mode, for example, or even remove the hard drive and hook it up to a Linux machine or another Mac.

In each case, he’d then be able to run rampant through everybody’s files, changing or trashing them with abandon. For people with sensitive or private files, the result was a security hole bigger than Kim Kardashian’s bank account.

FileVault is an extra line of defense. When you turn on this feature, your Mac automatically encrypts (scrambles) everything on your startup hard drive—not just what’s in your Home folder. Every time you create or save a new file, it, too, is insta-encrypted.

This means that unless someone knows (or can figure out) your password, FileVault renders your files unreadable for anyone but you and your computer’s administrator—no matter what sneaky tricks they try to pull. (You can, ...