Lion’s Recovery HD is also a critical component of Apple’s new CoreStorage technology, which requires that this hidden volume be the first partition of the boot disk in order to run FileVault 2. FileVault 2 is Lions’ new whole disk encryption feature, and is disabled by default. FileVault 2 can be enabled in the Security & Privacy system preference pane.

When Lion boots with FileVault 2 enabled, it accesses the Recovery HD to load the login screen and the stored encryption keys. If you login with a valid user account, it unlocks the boot drive and continues to load the OS. The login window typically opens much quicker on systems with FileVault 2 enabled, however running with FileVault 2 will cause about a 10-15% overall performance decrease. FileVault 2 supports both local and network user accounts, as long as they have FileVault enabled for the account in the Security & Privacy system preference pane.

Also of note, if you had previously been using FileVault with Snow Leopard, you won’t be able to activate FileVault 2 in Lion until you turn off “Legacy FileVault” when prompted after opening the Security & Privacy system preference pane.