Posted by: rolande | October 21, 2011

Creating an Encrypted Disk Image on OSX

ComboLockFor file encryption on a Mac, the FileVault option on OSX is a pretty decent feature built into the System Preferences. The one downside is that it automatically encrypts your entire Home directory which can be very cumbersome if you have a large amount of data stored there.

So, I had been looking for an alternative solution that would provide me the flexibility of only encrypting a targeted folder of data. As I searched around, I found there are a number of utilities out there that do just this. However, the one option that I happened upon, that I was not previously aware of, is a feature provided right in the Disk Utility that allows you to create an encrypted disk image. This is actually a simple solution using a built-in utility.

How To Create an Encrypted Disk Image with Password Protection

  1. Open the Disk Utility app which is in the Application > Utilities folder.
  2. Click the New Image button.
  3. Enter a name for the Encrypted Disk Image you want to create and choose where you want to store it.
  4. Select a Volume Size to meet your needs. I chose 4.7GB so it is large enough and can be burned to DVD for backup.
  5. The default filesystem format is the Mac OS Extended (Journaled) which should be sufficient.
  6. In the Encryption field you have 2 choices. I would recommend 128-bit AES for better performance. If you are ultra paranoid choose the 256-bit option.
  7. In the Partitions field, I selected CD/DVD as I plan to backup this disk image to DVD at some point. If you don’t ever plan to burn to disc, then Intel-based Mac users should select GUID Partition Map and PowerPC-based Mac users select Apple Partition Map.
  8. In the Image Format field, I recommend you select the sparse bundle disk image. This provides an image file that dynamically grows as you add content and supports more efficiency for performing Time Machine backups. Macs running OSX earlier than 10.5 should use sparse disk image for compatibility.
  9. Click the Createbutton.Disk Image Menu
  10. Enter a strong password that is different from your Mac login.
  11. IMPORTANT: Unselect the checkbox to Remember password in my keychain. If you store the disk image’s password in the keychain, then anyone that gains access to your desktop would be able to open this image and view the files.

The disk image will now be created in the location you configured. All you need to do is double-click on the image file and open it up. Then drag and drop the files you want onto the disk image window. When you close the disk image window and eject the drive, the data remains in the encrypted volume and only accessible when the correct password is provided. OSX will ask you to remember the password in the keychain every time you open the volume. Do not select that option. Now as long as you have your Time Machine backup setup, you should be good to go. Otherwise, once you have your important files moved into the encrypted disk image, it would be wise to burn a backup copy to CD or DVD.

Advertisements

Responses

  1. encrypted dmg files will not burn to DVD, they always ask for password and then are not encrypted after burn. How to keep the encryption?

    Like

    • To be honest, I have not even tried to burn a copy of mine yet. I back mine up using Time Machine to an external portable drive. I definitely need to burn a copy to put in the safe. I would think you should be able to burn the .dmg file as just a file and not an image and that way you do not have to unlock the file before burning a copy. I will have to test it out and see what I can do.

      Like

  2. I found that I can burn a small encrypted file, but the 4.7Gb one kept asking for a password before it would burn to disk. I will have another go tonight see if I can get it to work. Main prob it takes forever to do anything with DVD media.

    Like

    • I bet it is the 2Gig file size limitation causing issues. I’ll have to test that theory out.

      Like

      • I had a minor success but not there yet. I managed to get a sparse bundle encrypted and written onto a DVD+RW but it would not verify and suggested to try a different disk which I did with a DVD-R. Did the same thing. The DVD+RW later mounted & could be read, but very slow and lots of busy head hunting from the drive. The DVD-R is now dead and can not even be seen as a volume, only a blank disk.
        Holiday weekend so will get back to this in a few days time.

        Like

      • I used Toast Titanium 10 and it worked like a charm. I dragged my encrypted .sparsebundle file from Finder into the Toast window. My volume is only ~500Meg. So, I just burned it to a CD. After burning the disc, I mounted it and was able to authenticate and decrypt the volume and display the contents.

        You mentioned encrypted .dmg files. I would use .sparsebundles instead. You might also try to use a different disc burning application like Toast.

        Like

      • All seems to have sorted itself out now. I created a sparse bundle and a dmg file, both encrypted, and to save time for next time I need one, I just copy and rename it to what I want. Then open the file, authenticate & rename the mounted filesystem and fill it up to the max of about 4.6Gb, then unmount it.
        The resulting .dmg or .spartsebundle can then be burned to a DVD. All works well. I have done about 100 so far.
        Not sure why I kept getting problems originally as it all makes sense now – then again, that’s what a learning curve does to you!

        Cheers and thanks for the input.

        Alan

        PS, I had less CD & DVD verification failures by using the Sony external double layer writer for DVD’s and the iMac’s SuperDrive to write CD’s – not sure what that’s about. 🙂

        Like

      • Good to hear. OSX support for burning DVD+R DL discs on the internal superdrive has been far less than consistent. It was weird because initially it seemed to work fine for me under Leopard with Toast. After I jumped to Snow Leopard on my MacBook Pro 2009 I was regularly making coasters. I have a Sony video camera that records in HD using h.245. I was originally able to burn home video on Memorex Dual layer +R DVDs in BluRay format. That gave me about 2 to 2.5 hours of video per disc. I think I have 5 or 6 of those that I put together and it worked like a charm every time. After going to Snow Leopard, Nada. Every article I’ve found on the topic blames the media as the root cause. I don’t buy it at all because the Memorex media worked perfectly, until I upgraded to SL. I probably burned 30+ DL discs without a single coaster prior to SL. I found other people had the same experience. I went to Mountain Lion a few months ago but haven’t tried making a DL coaster yet. Thanks for your point of reference with the external Sony Drive. It’s too bad Apple has crippled this functionality. If the drive says it supports a format, you would think they would test it and possibly provide recommendations to ensure consistent performance.

        Like


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Categories

%d bloggers like this: