Easily Hiding & Password Protecting Mail Client Apps?

[benlach]

Hi all,

I have looked into this, and now I really need some help if you can:

I plan to travel for a while this year, and I need my Macbook Air to be able to do some work while gone. Problem is that I am paranoid about it getting stolen, which has happened before when travelling.

I use both Microsoft Entourage and Apple Mail for various email addresses for personal and business/banking matters.

First thing I thought was just ensure the Machine was powered-down and logged out when I have to leave it anywhere, but then thanks to 2 seconds of Google, I learned how to reset user logins etc. - so that would be futile.

If it gets stolen, my identity could easily be stolen not to mention all my business and personal matters discussed over the last 6 years or so in emails.

1. Does anyone know of a way that I can hide, and or password protect the mail clients?

2. I downloaded a Paid app called "Secret Folder" to hide some other personal files. Does anyone know if it is possible to move the actual email files to be hidden in a different location, such as that of Secret Folder, and still maintain normal functionality of the email client?

I am currently running 10.7.2 on the machine in question.

Thanks in advance!

Ben

 

[Weaselboy]

You could place the mail apps inside an encrypted sparse bundle image in Disk Utiity. You would have to open the encrypted image each time you wanted to use the apps. This can get tricky as some apps want to run from a specific folder.

A better option would be to encrypt the entire disk. First update your system to 10.7.4.

I would:

1. Setup an EFI password to prevent the admin password reset you mentioned. This also prevents intruders from booting to a USB key etc. To do this do a command-r boot to Lion Recovery then in the Utilities menu look for the Open Firmware Password utility.

2. Do full disk encryption with Filevault2 built into Lion.

3. Change your Keychain password to something other than your login password.

5. As you mentioned, shutdown the machine when not in use.

 

[deadshift]

filevault and forget

Setting full disk encryption should prevent login even after a password reset. I'd like someone to verify, but that's really the whole point of full disk encryption.

If you reset your password, it does not reset the keychain password, so that level of protection is already built in. If you force reset your password, you don't get magical keychain access.

Does entourage use the keychain? Or does it do its own thing?

I think EFI passwords no longer apply. Besides, physical access has always trumped EFI password security. Having your data encrypted is really the solution that matters. It virtually guarantees that your machine will be wiped and re-sold blank or for parts rather than scavenged for data.

Also, scratch your name onto the top in a way that makes trying to sell it look suspicious. Nobody will want it. Or apply a dell sticker, similar effect.