Can I just encrypt certain folders instead of the whole drive using FileVault?
Seems better for older Macs without SSD.
Seems better for older Macs without SSD.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Encrypting folders instead of FileVault?
- Thread starter Rockadile
- Start date
- Sort by reaction score
mfram
Contributor
Not directly. But you can create encrypted disk images in Disk Utility. Double-click the image to type in your password and mount the image. Copy stuff to the Volume as normal. Then use "Eject" to un-mount the image.
Is disk image like creating a partition or like making a folder?
If I eject, how will I see it again?
Neither really. What you are doing is making an encrypted "container" then putting files inside. To open the disk image (container) again you just double click and you will be asked for the password. Once that is entered the container is opened again and you can freely move files in and out.
When you download apps for your Mac, they usually come down as disk images (.DMG), so you probably already have some experience with them. They show up on your Mac as files, but like Weaselboy described, when you double-click on them, they "mount" and then show up in Finder. When you eject them, they disappear from Finder, but the DMG file is still on your drive, wherever you stored it.
Okay this helped.
I was reading around and it seemed Filevault 1 was similar to this? Just encrypting a certain portion and not the whole drive but it leaked content on the RAM or something (way over my head).
Is an encrypted disk image still a solid option versus FV2?
Yeah... FV1 was very similar. It encrypted only the user folder using this method.
What you read about accessing the PW from RAM involved Direct Memory Access (DMA) to access data stored in RAM. That was patched/blocked in Lion 10.7.2 and is no longer an issue.
An encrypted disk image is a safe option and just as safe as FV2. That said, if you are on a newer machine (like i5 chip and up), the speed hit for using FV2 is very small, and there really is no reason not to just turn on FV2 and encrypt the entire drive.
Is there some reason you only want to encrypt one folder rather than FV2 to whole drive?
I have i7 but model year 2011.
Also have traditional spinning HD, I feel it would take a long time to encrypt and slow things down if I use FV.
It will take some time to encrypt, but you can even sleep the machine while it is underway if you don't have time to wait.
I would be very surprised if you could even tell the speed difference on that machine with encryption on.
Look at the tests here, particularly the one at the bottom on a hard drive.
I would be very surprised if you could even tell the speed difference on that machine with encryption on.
Look at the tests here, particularly the one at the bottom on a hard drive.