How to Encrypt a Drive: Mac Security Tutorials

How to Encrypt a Drive: Mac Security Tutorials
Page content

The Importance of Encryption

More and more people are becoming aware of the importance of data encryption, the technology used to protect information from prying eyes.

However, for many it seems as though this type of technology is beyond reach, restricted to corporate computing environments with big budgets and a strong IT department. This isn’t the case, and data encryption is available for domestic users too, from sending emails securely to storing your most precious and vital data on a local hard disk drive. While in the past third-party software was required to make this type of security a reality, the developers of operating systems now provide encryption tools in their products.

Apple has provided a way in which you can encrypt your drive in Mac OS X, and this method can largely be used in preference to any other. Bear in mind, however, that encrypting your drive can lead to a loss of data should you lose your password, as encrypted data cannot be recovered.

Using Disk Utility to Encrypt Your Data

Mac OS X provides an excellent, secure encryption tool that can be used to store your data either locally or on an external device. If security is your primary concern then creating a secure disk image on an external device with Disk Utility should be your course of action, with the external device locked away when not in use.

Disk Utility is made very easy to use, and within a few moments you can have a secure disk image ready for data to be saved to.

In the finder, open Go > Utilities > Disk Utility and select the intended destination for the disk image from the list on the left. Next, select the New Image button and assign the disk image a name. You should then select Where you want the image to be created and set the Image Format to read/write. Finally, select your Encryption type; you will notice that 256-bit is slower, and you may choose to avoid this if you plan on creating a larger disk image.

With your choices made, click Save, and you will be asked to input a password. Do so, and decide whether or not you want to save this to your Keychain based on the notes below.

Managing Your Keychain

The Mac Keychain offers a simple way to remember passwords for different software and websites, all managed by a single, master password. Using the keychain you can quickly and easily login to websites although using it can cause you problems when it comes to encryption.

Basically, if you have an easy-to-guess master password, then adding your encryption password to the Keychain is pretty pointless, as the encryption will be overcome by entering your partner’s name or the title of your favorite song.

In this situation, you should consider ignoring the request to add the encryption password to the Keychain, or else set a more secure Keychain pass phrase.

However, there are other reasons why you might not want to add your encryption password to the Keychain. For instance, if your Mac and your Keychain are left unlocked (you might have left your desk in a hurry) then the data will be accessible. In addition, should you find that the Keychain has corrupted (which can happen) or you use an encrypted disk image on an external drive on multiple computers, any password stored in the Keychain is pretty useless.

Third Party, Cross-Platform Solutions

You don’t have to rely on the native Mac drive encryption tool, however. You might encrypt a drive using the Mac version of TrueCrypt. This open source tool is available from and can be used to create virtual disks, encrypt entire partitions and devices and read and write speeds are as fast as for unencrypted data.

The real benefit of TrueCrypt over encryption in Mac OS X offered via Disk Utility, however, is that the software is cross-platform, meaning that if you encrypt data on an external hard disk drive or USB thumb drive on a Mac, you can use the same software to access the data on a Windows PC or a Linux box.

Understanding Mac Drive Encryption

As you can see, creating an encrypted disk image in Mac OS X is a pretty straightforward task, one that can be completed in a matter of minutes. The real challenges exist in deciding how secure you want the disk image to be, and whether to utilize the keychain and possibly weaken the chances of you being able to retrieve the data at a later date. Clearly, the secret here is to choose a secure, memorable password.

Third party solutions are available, however, and the open-source TrueCrypt utility allows you to either encrypt your data locally or save to an external device and access it from another computer or operating system.


Author’s own experience.

Screenshot provided by author.