Creating an Encrypted Disk Image

When I travel with a computer, I am very careful about making sure important data is hidden away, and in some cases even encrypted. This is to protect my personal data in case the Powerbook is lost or stolen, or even if someone tried to access my computer over an unprotected public wi/fi network.

First, I’ve created a unique user on my computer, simply called “travel.” I only log in as this user while traveling. This user does not have access to the same Address Book, IMAP and POP email, documents folder or even iPhoto library as my regular log in. The user “travel” has it’s own password assigned to it.

If a thief has physical access to a Mac, it is fairly easy for them to get around the computer’s password. However, it would be almost impossible for the thief to open a password-protected, encrypted disk image, especially if you have selected a difficult password.

When I have folders I want to lock up as encrypted disk-images, I often use a program called Knox. Knox locks data into secure, password-protected disk images. It’s a great, easy to use program that I continue to recommend.

However, it’s possible to make a secure disk image without third party software – Disk Utility, which is part of OS X, can do this for you. I used OS 10.4 for this article; it should work just the same for 10.3 and even 10.2.

To make an encrypted, password-protected disk image, browse to the Disk Utility program, which by default is stored in the Utilities Folder. The Utilities Folder is typically found in the Applications Folder. Launch Disk Utility and select File> New> Disk Image From Folder. Browse to the folder you want to encrypt. A dialog box will come up, asking you to name the disk image you are about to create. At the bottom of the dialog box are two drop-down tabs. Select the “Encryption” tab and choose “AES-128 encryption.” This is a very robust and fairly flexible encryption scheme. It allows passwords up to 255 characters. It is important to note that, if you forget your password, all data stored in the disk image will be forever locked up.

Name this Disk Image and select “Save As. ”

Disk Utility will create the encrypted disk image, and typically will leave the new encrypted disk image on your desktop. When you try and open the disk image, a window will pop up, asking you for your password (unless you have saved the password to your keychain, in which case the image will just pop open.)

This method quickly creates password-protected disk images, but you can’t go back later and add new items to the disk image. Also, as far as I know, you can’t later go back and change the password on an encrypted disk image.

Similar Posts

  • De-authorize your iTunes Account Before Hardware Repair or Sale

    Pretty much everyone has downloaded media from the iTunes store, but not too many of us know just how iTunes keeps track of computer authorization. Every device on the internet has at least two unique identifiers: a MAC address and an IP address.

    MAC is an acronym for Media Access Control. Many believe that Mac, the abbreviation for Macintosh, should be written with capital letters – this is incorrect. Likewise, iPod – not iPOD or IPOD; iMac – not iMAC or IMAC; etc. Network interfaces have MAC addresses; Macintoshes can be called Macs.

    Since your MAC address is completely unique, it’s the ideal way for iTunes to know that you’re authorized to play purchased content on any given machines. Trouble is, your ethernet port is part of the main logic board, which requires replacement in some repairs. With a new main logic board comes a new MAC address, which confuses iTunes and some other, generally high-end, software.

    You’re allowed to authorize up to five computers at any one time to play your purchased content, but replacing your logic board changes the MAC address. If you didn’t de-authorize before repair, you’ve lost 20% of your available authorizations. I made this mistake a few years ago when I had to replace the logic board in a Mac Mini hooked up to my television, and when I sold my iBook. I also lost an authorization when my two-week-old PowerBook G4 flew off the roof of my car at highway speed. Thankfully, iTunes allows you to de-authorize all computers on your account once annually.

    I only have one Machine these days, a 17-inch MacBook Pro, so this hasn’t been a problem of late for me. It’s a common question asked our technical support team, and a good fix to file in your troubleshooting arsenal.

    The full details from Apple can be found here: http://support.apple.com/kb/HT1420

  • Pairing Your Apple Remote

    If you have 2-3 Macs with Apple Remotes in your house, then this is a great tip for you. When you go to…

  • Leopard Screen Sharing Is Great!

    This past weekend my buddy purchased some software (Connect360) to let his Mac share music, movies and photos to his Xbox 360. Unfortunately…

  • Two iPhoto Tips

    I use rolls in my iPhoto Library so when I come back from taking pictures I can easily see all photos from that…

  • Solving Random AIM Disconnections

    By Seth@Smalldog.com Recently I was having problems connecting to iChat, was getting random disconnections from AIM, and I couldn’t video chat. I did…