How do I secure my data in Mac OS X?

I'm a new MacBook user, I just bought a MacBook Pro. I love Mac OS X but I couldn't find any decent solution so far to encrypt the whole home folder and secure my data.

I've checked a few solutions so far (FileVault, Knox, Trucrypt) but they either can't encrypt the home folder, have a huge impact on performance and/or introduce the risk of losing data or corrupting the system.

On Windows I just use Truecrypt and it works like a charm for full HDD encryption (which isn't present in the Mac version). Isn't there a decent alternative on Mac?

Your help is much appreciated.

KeyStroke

Posted 2010-07-23T03:31:15.000

Reputation: 353

1What, exactly, is wrong with FileVault? – squircle – 2010-07-23T03:51:51.130

Maybe he didn't know about FileVault? – Mike McQuaid – 2010-07-23T09:24:43.793

Answers

FileVault will encrypt just your home directory. There's no noticeable difference to performance.

To turn it on go to:  > System Preferences... > Security > FileVault > Turn On FileVault...

It will take a wee while to compress your home folder but then you are done.

It behaves slightly strangely with Time Machine. You can no longer use the GUI features in e.g. iPhoto/Finder to navigate your backups but now need to do it manually. Things are still backed up, though, they are just stored encrypted on the Time Machine disk and you can manually view them or restore your home directory.

Mike McQuaid

Posted 2010-07-23T03:31:15.000

Reputation: 3 639

I use a mac. I use FileVault. Hasn't failed me yet (3 years), works perfectly with backups, and performance-wise it really isn't causing me any headaches.

Dissy

Posted 2010-07-23T03:31:15.000

Reputation: 31

FileVault unfortunately doesn't work as well with Time Machine backups. – jtbandes – 2010-07-23T04:33:59.797

1@jtbandes : That's a bit short : "...doesn't work as well...". What do you mean ? Did you have any issue ? – Pierre Watelet – 2010-07-23T07:09:16.740

I haven't tried it personally, but I've heard that it doesn't really work because Time Machine can't get at individual files unless you're logged in, or something like that. I seem to remember maybe it works a little better in Snow Leopard. – jtbandes – 2010-07-23T14:14:10.147

I use Espionage, which is a nice tool that encrypts arbitrary folders. The thing is, since it is using the built-in tools in OSX, it is easily repairable and recoverable in the event of a data catastrophe and works reasonably well with Dropbox or TimeMachine [1].

Also, I only encrypt folders that do actually contain sensitive data. This way, I can leave performance-critical but security-nonessential data unencrypted. Or you could at least choose to use weaker encryption in border cases. Encrypted folders are stored as encrypted images that automatically mount or unmount to the according folder. The images can also be accessed and manipulated using the built in OSX system tools.

[1] Obviously, backup software can only back up the encrypted images, which makes their content unavailable from within the backup software. Espionage has some help files on how to best work with TimeMachine and Dropbox. Personally, I symlink the mountpoints to my Dropbox, so Dropbox backs up the unencrypted data without ever exposing it unencrypted to my harddrive.

bastibe

Posted 2010-07-23T03:31:15.000

Reputation: 3 544