mac OS encryption

Encrypting my files on my mac

mac OS comes with a very strong encryption tool out-of-the-box: FileVault.
FileVault can be activated rather easily on your mac:

  1. Click Apple menu on the top left corner in on your mac OS.
  2. Choose System preferences
  3. Click the Security & Privacy
  4. Choose FileVault tab
  5. Click the lock icon and enter the administrator user and password.
  6. Click Turn on FileVault

    It might be required that you need to restart your computer.
    If such message appears, click Restart to restart your computer.

  7. Choose how to unlock your disk and reset your login password if you forgot it

    Hint Choose "Allow my iCloud account to unlock my disk".
    This enables your iCloud account to unlock your disk and is a safe and convenient way to protect your local files on your mac.

  8. Click Continue
  9. If your mac has multiple users:

    Click Enable Users, click Enable User and enter the login password of the user (or let her enter her password) for each user you want to want to allow to login
    Then click Ok

  10. Click Continue
  11. Click Restart

Background information

FileVault is a disk encryption application shipped with Mac OS since version 10.3 (Mac OS X Panther). This first version of FileVault allowed users just to encrypt their home directories, not the startup volume which was a significant limitation in terms of operating system security.

With the introduction of FileVault 2 in Mac OS X Lion the completely redesigned application was able to encrypt the entire startup volume and the home directory.

FileVault 2 uses XTS-AES-128 encryption with a 256 bit key. Whereas some people claim that 128 bit encryption is rather outdated from a technical point of view it is safe to be used to protect personal information.

If you want to be on a safer side stronger encryption like AES 256 bit symmetric key encryption can be applied.

And to put data security to the max, you can of course split the encrypted content over different cloud services with SecureBeam ;)