Looking for a way to encrypt your sensitive data folder on your Mac? You can encrypt your entire hard drive with File Vault, but for most people this might be overkill. Luckily, OS X has a built-in feature that lets you create an encrypted disk image containing whatever data you want to use inside the image.
The only way to open the disk image is to enter a password. You can copy the disk image just like a regular file and it will be unreadable if not unlocked on Mac. In general it is like creating your own encrypted file container.
Also be sure to check out my article on how to securely encrypt your USB drive, which is another good way to store sensitive data.
Create an encrypted disk image
To create a disk image (DMG) on your Mac, first create a folder containing all the data you want to encrypt. Please note that after creating the disk image, the original unencrypted folder will still remain on your system and you should delete it immediately.
To get started, open Disk Utility by selecting Applications or by clicking the Spotlight (magnifying glass) icon in the upper right corner and entering Disk Utility.
After opening Disk Utility, click “File” – “New Image” – “Image from Folder”.
Now you need to select the folder that you want to encrypt as a disk image.
Click “Open” and the “Save As” dialog box will open in which you need to name the new image and select one of several options.
By default, the new disk image is saved in the same folder that you encrypt. In the Encryption section, you can choose between 128-bit or 256-bit AES encryption. The latter will be slower due to stronger encryption, but your data will be better protected. If you choose any of the encryption options, you will be prompted for a password.
Make sure you enter a very long and strong password because this is the only security system that protects your data. If a hacker gets hold of your file, he can try to use a brute-force attack to determine the password. Anything more than 12 characters with letters, numbers and symbols will take a very long time to crack even on a very fast computer or cluster of computers.
You can select one of the following formats as the image format: read-only, compressed, read-write, DVD / CD master, or hybrid image. For our purposes, you should choose either read or read / write. If you choose the latter option, you can add more files / folders to the encrypted image later.
Click “Save” and your new image will be created. Please note that if you opted for AES 256-bit encryption, it can take a long time to create a disk image.
Now, when you open the image file, you will be prompted for a password. Make sure you are NOT checking the “Remember password in my keychain” box.
If you enter the password correctly, the image will be mounted as a disk, and if you have selected read / write for the image format, then you can add or remove items from the encrypted image like a regular disk. When you add anything to a drive, it is automatically encrypted and protected.
Create a blank encrypted image
It’s also worth noting that it is not necessary to create an encrypted image from a folder. You can also open Disk Utility and then click File – New Image – Blank Image.
You will see a couple more options here. First, you can specify the size of the disk image and the format of the file system. It is recommended to use OS X Extended (Journaled) to maintain all security features.
For partitions, you can choose one partition – GUID Partition Map or One partition – Apple Partition Map. All other settings are the same as previously mentioned.
Overall, it’s a great way to keep prying eyes safe on your Mac without having to install any third-party software or turn on File Vault on your entire system. If you have any questions, do not hesitate to comment. Enjoy!