Encryption is used to secure data that others shouldn't be able to read; for example, social security numbers (SSN) or financial data. These are suggested methods for using encryption on a Macintosh, but they should always be used with discretion and caution. (You don't want to lock yourself out from the information either.) It is also highly adviseable to make a backup of your information before implementing.

A. Secure disk images

You can create an encrypted disk image and save all your sensitive (financial, SSN) information on this image.  This way, if your Macintosh should be stolen, the files on the image will be inaccessible without your login password.

Mac OS 10.3/10.4

1. Open the Applications folder. Open the Utilities folder. Double click on Disk Utility.
   
   
2. Click on New Image.
   
   
3. Specify a name and size for your disk image. Under "Encryption" select AES-128. The Format should remain at "read/write disk image". Click Create.
   
   
4. When prompted, enter a password.   Important: uncheck "Remember password". Click OK.

Mac OS 10.2

1. Open the Applications folder. Open the Utilities folder. Double click on Disk Copy.
   
   
2. Go to the File menu, select New, then select Blank Image.
   
   
3. Type the same name for your disk image in the "Save As" and "Volume Name" boxes. The format should remain at "Mac OS Extended". Under "Encryption" select AES-128.
   
   
4. When prompted, enter a password.   Important: uncheck "Remember password". Click OK.

---

You can add this image to your login items to have it open whenever you login to your account:

Mac OS 10.3/10.4

1. Go to the Apple menu and select System Preferences.
   
   
2. Click on the Accounts icon.
   
   
3. On the left side, select your account.  On the right side, click on Login Items (it may also be called Startup Items).
   
   
4. Drag the icon of your disk image into the "These items will open automatically when you log in:" box.
   
   
5. Close the window by clicking on the red dot in the upper left corner of the window.

Mac OS 10.2

1. Go to the Apple menu and select System Preferences.
   
   
2. Click on the Login Items icon.
   
   
3. Drag the icon of your disk image into the "These items will open automatically when you log in:" box.
   
   
4. Close the window by clicking on the red dot in the upper left corner of the window.

Now, each time you login to your Macintosh, you will automatically be prompted for the password to your encrypted disk image, and it will then mount on the desktop.

---

B. FileVault

FileVault is only available in Mac OS 10.3 and higher.

FileVault is mainly recommended for laptops.  Use this option only if you have a lot of highly sensitive data (financial, SSN) on your hard drive, and it's too cumbersome to use an encrypted disk image.

FileVault works by creating an encrypted image of your Home folder.  [Your Home folder includes anything on the desktop, but not files or folders on the top level of your hard drive.]  When you enable FileVault, an encrypted image is created, then all the files within your Home folder are copied to this encrypted image. Your unencrypted Home folder is then erased from your hard drive. If you choose the secure erase option, your unencrypted Home folder will be erased such that the files cannot be recovered from the hard drive.

Once FileVault is enabled, the files in your Home folder can only be accessed via your login password.  If you forget this password, you will not be able to access any of your files.

Since FileVault will first copy your Home directory before deleting it, you will need as much free hard drive space as the size of your Home folder to enable File Vault.

IMPORTANT: Before turning on FileVault, be sure you have a current backup of your Home folder.  Once you have enabled File Vault, be sure to make regular backups of your Home folder.

Checking the size of your Home folder

1. Open your hard drive.  Open the Users folder.
   
   
2. You should see a folder with an icon of a house.  This is your Home folder.  Click once on this folder to select it.
   
   
3. Go to the File menu and select Get Info.  A window will appear; the size of your Home folder will appear next to "Size:".

Checking the amount of available space on your hard drive

1. Click once on your hard drive icon to select it.
   
   
2. Go to the File menu and select Get Info.  A window will appear.  The amount of free hard drive space you have will appear next to "Available:".  This number must be higher than the size of your Home folder if you wish to turn on FileVault.

Turning on FileVault

1. Go to the Apple menu and select System Preferences.  Click on the Security icon.
   
   
2. Click on Set Master Password… Type a password and a hint, then click OK.
   IMPORTANT: do not forget this password!  If for some reason you forget your login password, the master password will allow you to recover your files.
   
   
3. Click on Turn on FileVault. You will be asked if you want to use secure erase. If you do, check the box for "Use secure erase". Click on Turn On FileVault.
   
   
4. FileVault will now be turned on. It may take a while. It is finished when you are back at the login screen. Do not interrupt this process, even if it seems that nothing is happening.

Once you've enabled FileVault, you may notice something new when you shut down or restart your Macintosh.  If you've increased or decreased the size of your Home folder (copied or deleted files), you may receive a warning message when you shut down/log off/restart asking you if you want FileVault to reclaim lost disk space. Click Continue to have FileVault reclaim the disk space.  Do not interrupt this process even if it takes a while.

• Contact ITS