Comment by winstonwinston

It works for macOS. Filevault key is encrypted by user password. User login screen is shown early in boot process, so that Filevault is able to decrypt data and continue boot process. It sure works fine for a about a decade. No TPM nonsense required. Imo, the TPM based key only makes sense for unattended systems such as servers.