Mac OS X File Encryption
Encryption is a useful and simple way to protect the privacy of your files. Mac OS X (10.4 and above) include Disk Utility, a program that allows you to easily encrypt files.
Disk Utility is a versatile tool which can, among other things, create stand-alone archive files. These archives are called disk images and can be encrypted such that they are accessible only by password. Here are some basic instructions on how to create a disk image and encrypt it with a password. If you get stuck at any point during this process, contact firstname.lastname@example.org for help.
Note: Click here for cross-platform encryption.
See our video tutorial that demonstrates how to setup and use file encryption on a Mac.
Creating an Encrypted Archive
Open the Disk Utility program.Open Disk Utility from the "Utilities" folder in "Applications".
Create a new disk image.Now that Disk Utility is open, first verify that NONE of the disks, volumes, or images in the left-hand side-bar is selected. If one is, then click in the white space near the bottom of the side-bar to de-select all disks, images, and volumes. This is important for the creation of the new image.
Then, click the New Image button on the Disk Utility toolbar. You should see a small window slide down over top of Disk Utility.
Customize your disk image.
- In the Save As: field, type a descriptive name, e.g., lockedfiles.
- In the Where: menu, select where you want the archive to be created (you can always move the archive later -- for now, select Desktop).
- In the Size: menu, select the desired size.
- In the Encryption menu, select the desired level of encryption. AES-128 (recommended) is more than adequate for most needs.
- In the Format menu, select sparse disk image.
- When you are done entering these settings, click Create.
You will see a progress bar while Disk Utility creates your archive, and then a small window will appear, prompting you to...
Enter a Password.
Note: Choose a password that you will remember! If you lose the password, you will not be able to access your encrypted files and CIS won't be able to recover them. Here are some guidelines for creating strong passwords. Also, to make your encrypted disk image is truly secure...DO NOT ADD YOUR PASSWORD TO THE KEYCHAIN. Ensure that the check-box labeled Remember password (add to Keychain) is UNCHECKED. Otherwise, MacOS will supply your password to anyone trying to access your encrypted archive.
Add Files to Your Encrypted Disk Image.
If you saved the disk image to your desktop, you should see two new icons there.
- One of them is named something like ,
and the other one will simply be named .
The latter of these two files is the "mounted image" of your encrypted archive: this is where you can add and remove files. Double-clicking the mounted image will open a window into which you can simply drag and drop the files you want to encrypt.
When you are ready to lock up your files, eject the mounted disk image by dragging it into the Trash on the Dock. The mounted image will disappear, but the encrypted archive lockedfiles.sparseimage will remain.
Since it's possible to use software and recover an un-encrypted copy of the files, follow our instructions to securely empty the trash and erase free space to insure no un-encrypted versions are left on your computer. Now your data is safely locked behind powerful encryption secured by your password.
To retrieve your encrypted files, double-click the disk image you've created. You will be required to enter your password before your files are accessible.
Note: Mac OS X can keep a copy of your files in a "Recovered Files" folder in the trash. If you have been working on encrypted files or other sensitive data and see this folder in your trash, you should use the Secure Empty Trash option to securely erase them from your computer.