Privacy Blog

"Friends don’t let friends get spied on.' – Richard Stallman, President of the Free Software Foundation and longtime advocate of privacy in technology.

A Simple and Free Method of Encrypting Files and Folders on a Macintosh

Apple provides free encryption software with every Macintosh. The functionality is built into Disk Utility, a multi-purpose program that can be found on every Mac. Disk Utility has many uses but for the moment I will only describe the encryption of files or folders.

Disk Utility will encrypt any kind of file: text, images, videos, databases, anything at all.

To encrypt a file or folder, first create the item(s) to be encrypted. For this exercise, I decided to encrypt a file called “report.txt” that is in my Downloads folder. Disk Utility will encrypt all the files in the folder. If you want to encrypt only one file, place the file into an otherwise empty folder.

Next, launch Disk Utility by clicking on Finder, then click on Applications, then click on Utilities. Finally, click on Disk Disk Utility will then appear on your screen.

Next, go into the File menu and choose “New Disk Image from Folder” (or type shift-command-N). Yes, even if you only wish to encrypt one file, you have to select “New Disk Image from Folder”. That’s non-logical but that is the way it is.

Select the encryption you wish to use. 128-bit AES encryption is faster but 256-bit AES encryption is more secure. Your choice. Create a new file name in the entry labeled as “Save As:” and specify where to save it. (I specified Google Drive in the example shown here.) Then click on SAVE.

You will then be asked to enter a new password. In fact, you have to enter it twice. Finally, click on OK.

That’s it! You have just created and saved an encrypted file.

The process is simple but there are several things to keep in mind:

1. If you ever forget the password you just used, you will never be able to open the encrypted file. Forgotten passwords cannot be retrieved and there is no “back door” to decode the file or folder without the password.

2. Nobody else will ever be able to decode the encrypted file without knowing the password.

3. While Disk Utility creates a new encrypted file, it does not delete the original file. That’s fine if you plan to send the encrypted file to someone else or to save it in the cloud (Dropbox, Google Drive, iCloud, or a similar off-site location) but if others have access to your computer you might not want to keep the original, unencrypted file on the same computer. If not, delete the original file.

4. This is a Macintosh-only process. The file can never be decrypted on a Windows, Linux, iPad, Android or other operating systems.

5. There are two ways to later decrypt the file and convert it back to its original plain text version:

a. Use Finder to navigate to the encrypted file and then double-click on the file name. That launches Disk Utility and you will be prompted for the password.

b. Launch Disk Utility first and then select FILE and then OPEN DISK IMAGE to navigate to the encrypted file. Then click on OPEN.

You can now keep your private information private.

Categories: Encryption

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.