Mac OS X File Encryption
Encryption is a useful and simple way to protect the privacy of your files. UT Austin information security policies requires Category I data be stored encrypted on your computer. By default, data on your computer is not encrypted. If you use MacOS version 10.3 (Panther) or 10.4 (Tiger), we recommend you use Disk Utility, which comes standard on these versions of MacOSX. If you are running MacOS 10.2 (Jaguar), we recommend that you upgrade to OS 10.4 and use Disk Utility.
Disk Utility is a versatile tool which can, among other things, create stand-alone archive files. These archives are called disk images ("filename.dmg"), and they can be encrypted such that they are accessible only by password. Here are some basic instructions on how to create a disk image and encrypt it with a password. If you get stuck at any point during this process, contact help@edb.utexas.edu for help.
Creating an Encrypted Archive
1. Open the Disk Utility program.
In Finder, open the Go menu and select Applications.
Scroll until you see the Utilities folder, and open it by double-clicking it.
Scroll until you see Disk Utility, and open it also by double-clicking.
2. Create a new disk image.
Now that Disk Utility is open, first verify that NONE of the disks, volumes, or images in the left-hand sidebar is selected. If one is, then click in the white space near the bottom of the sidebar to deselect all disks, images, and volumes. This is important for the creation of the new image.
Then, click the New Image button on the Disk Utility toolbar. You should see a small window slide down over top of Disk Utility.
3.Customize your disk image.
- In the Save As: field, type a descriptive name, e.g., lockedfiles.
- In the Where: menu, select where you want the archive to be created
(you can always move the archive later -- for now, select Desktop). - In the Size:
menu, select the desired size. Choose a size for the disk image that is
larger than the cumulative size of the files you want to store inside
it.
- Note that the disk image will take up as much space on your hard drive as you specify in the Size: field -- regardless of how many or few files you store inside it at any given moment.
- In the Encryption menu, select the desired level of encryption. In most cases, your only option will be AES-128 (recommended), which is fine.
- In the Format menu, select read/write disk image.
When you are done entering these settings, click Create.
After clicking Create, you will see a progress bar while Disk Utility creates your archive, and then a small window will appear, prompting you to...
4. Enter a Password.
Select any password you like. Here are some guidelines for creating better passwords. Also, to make your encrypted disk image truly secure...- DO NOT ADD YOUR PASSWORD TO KEYCHAIN.
- Ensure that the check-box labeled "Remember password (add to Keychain)" is UNCHECKED:
Otherwise, MacOS will supply your password to anyone trying to access your encrypted archive.
Click OK aftering entering a password.
5. Add Files to Your Encrypted Disk Image.
If you saved the disk image to your desktop, you should see two new icons there.
One of them is named something like "lockedfiles.dmg",
and the other one will simply be named "lockedfiles".
The latter of these two files is the "mounted image" of your encrypted archive: this is where you can add and remove files. Double-clicking the mounted image will open a window into which you can simply drag and drop the files you want to encrypt.
6. Encrypt!
When you are ready to lock up your files, eject the mounted disk image by dragging it into the Trash on the Dock. The mounted image will disappear, but the encrypted archive lockedfiles.dmg will remain.
Then simply make sure that no un-encrypted versions of your files are left on your computer, and your data is now safely locked behind powerful encryption secured by your password.
7. Decrypt!
To retrieve your encrypted files, double-click the disk image you've created. You will be required to enter your password before your files are accessible.