Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Encrypting folders instead of FileVault?

R

Rockadile

macrumors 6502a
Original poster
Jun 11, 2012
501
210
Can I just encrypt certain folders instead of the whole drive using FileVault?

Seems better for older Macs without SSD.
 
Not directly. But you can create encrypted disk images in Disk Utility. Double-click the image to type in your password and mount the image. Copy stuff to the Volume as normal. Then use "Eject" to un-mount the image.
 
  • Like
Reactions: Rockadile and aristobrat
mfram said:
Not directly. But you can create encrypted disk images in Disk Utility. Double-click the image to type in your password and mount the image. Copy stuff to the Volume as normal. Then use "Eject" to un-mount the image.
Click to expand...

Is disk image like creating a partition or like making a folder?
If I eject, how will I see it again?
 
Rockadile said:
Is disk image like creating a partition or like making a folder?
If I eject, how will I see it again?
Click to expand...
Neither really. What you are doing is making an encrypted "container" then putting files inside. To open the disk image (container) again you just double click and you will be asked for the password. Once that is entered the container is opened again and you can freely move files in and out.
 
  • Like
Reactions: JamesMike and Rockadile
Rockadile said:
Is disk image like creating a partition or like making a folder?
If I eject, how will I see it again?
Click to expand...
When you download apps for your Mac, they usually come down as disk images (.DMG), so you probably already have some experience with them. They show up on your Mac as files, but like Weaselboy described, when you double-click on them, they "mount" and then show up in Finder. When you eject them, they disappear from Finder, but the DMG file is still on your drive, wherever you stored it.
 
  • Like
Reactions: Rockadile
aristobrat said:
When you download apps for your Mac, they usually come down as disk images (.DMG), so you probably already have some experience with them. They show up on your Mac as files, but like Weaselboy described, when you double-click on them, they "mount" and then show up in Finder. When you eject them, they disappear from Finder, but the DMG file is still on your drive, wherever you stored it.
Click to expand...

Okay this helped.

I was reading around and it seemed Filevault 1 was similar to this? Just encrypting a certain portion and not the whole drive but it leaked content on the RAM or something (way over my head).
Is an encrypted disk image still a solid option versus FV2?
 
Rockadile said:
Okay this helped.

I was reading around and it seemed Filevault 1 was similar to this? Just encrypting a certain portion and not the whole drive but it leaked content on the RAM or something (way over my head).
Is an encrypted disk image still a solid option versus FV2?
Click to expand...
Yeah... FV1 was very similar. It encrypted only the user folder using this method.

What you read about accessing the PW from RAM involved Direct Memory Access (DMA) to access data stored in RAM. That was patched/blocked in Lion 10.7.2 and is no longer an issue.

An encrypted disk image is a safe option and just as safe as FV2. That said, if you are on a newer machine (like i5 chip and up), the speed hit for using FV2 is very small, and there really is no reason not to just turn on FV2 and encrypt the entire drive.

Is there some reason you only want to encrypt one folder rather than FV2 to whole drive?
 
Weaselboy said:
Yeah... FV1 was very similar. It encrypted only the user folder using this method.

What you read about accessing the PW from RAM involved Direct Memory Access (DMA) to access data stored in RAM. That was patched/blocked in Lion 10.7.2 and is no longer an issue.

An encrypted disk image is a safe option and just as safe as FV2. That said, if you are on a newer machine (like i5 chip and up), the speed hit for using FV2 is very small, and there really is no reason not to just turn on FV2 and encrypt the entire drive.

Is there some reason you only want to encrypt one folder rather than FV2 to whole drive?
Click to expand...

I have i7 but model year 2011.

Also have traditional spinning HD, I feel it would take a long time to encrypt and slow things down if I use FV.
 
It will take some time to encrypt, but you can even sleep the machine while it is underway if you don't have time to wait.

I would be very surprised if you could even tell the speed difference on that machine with encryption on.

Look at the tests here, particularly the one at the bottom on a hard drive.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back