[baby_souffle]

I think it’s plain text? Unless recovery environment has a symmetrical encryption scheme and it can decrypt the cypher text stored in nvram?

[adamomada]

I just checked nvram -p

It has the SSID in plaintext in current-network and preferred-network, not the passphrase. I’m not sure how it’s obfuscated or encrypted but it is not plaintext