Knowledge Base

Encrypt files on a Mac

Introduction

FileVault  2 lets you encrypt your entire home directory so that thieves and other malicious members of society cannot access your data provided that they do not know your password.

Instructions

Instructions: 

If you're ready to start using FileVault, go to the official Apple FileVault 2 documentation. The initial encryption process will take some time. Make very sure that your battery is charged and your computer is plugged into the wall to prevent data loss due to power shortage.

Remember that it is important for you to remember your password and to keep backups of files on network shares. We cannot recover any of your data for you if you lose your password.

Additional Information

Additional Information: 

Even though FileVault 2 comes free with your system it should not be underestimated---the encryption algorithms that it employs are of military strength and, when used properly, can secure your data almost perfectly.

Here are some key facts about FileVault 2 that you must remember when using it:

  • FileVault cannot protect your data when you are logged in. FileVault makes your files inaccessible when you are not logged in. However, it cannot do that when you are logged in, since you will need to access your files! So if you leave your computer logged in, if it is unattended anyone who happens upon the computer can access all your files without effort.
  • Always keep a backup of important College files on your personal or departmental network drive. If you ever forget your password or if your computer is damaged we will not be able to recover data from it. All important College documents should be backed up on College network drives for this purpose.
  • You must disable the automatic login function or FileVault is useless. If the computer automatically logs on for you without a password it will also do the same for anyone else. Once they are logged in they will have unrestricted access to all your encrypted data. To disable automatic login go to System Preferences > Security.
  • You must enable the setting "require password to wake this computer from sleep or screen saver". With this feature on even if you forget to log off your computer it will automatically lock itself in a few minutes. Also, it will lock itself when you close its lid so you do not have to log out every time you want to transport your laptop. To turn this feature on go to System Preferences > Security.
  • FileVault only protects files in your home directory. Any file saved outside your home directory will not be protected. Your Desktop and Documents folders are both inside your home directory.
  • Choose a complex password that you can remember. Your data is as secure as your password. A password with at least 8 characters and a mixture of lowercase and uppercase letters, as well as numerals, is recommended. Do not use obvious words or number such as your name, names of your relatives or your pets, your phone number and your social security number as or in your password. But make sure you can remember the password you use. If you do not remember your password your data will not be recoverable.
  • If you regularly work with large images or videos, using FileVault will decrease the performance of your computer. A protected home directory is slower than an unencrypted home directory. If you are working with large size files especially videos then saving and loading files will take longer.

Service Categories

Service Categories: 
Security

Audience

Audience: 
Students
Faculty
Staff

Tags

Tell the CIO

Have a great idea?

Vexed by technology?

Tell the CIO