Mac 101: Creating Secure Disk Image Files


If you have files on your Mac you don’t want others to have access to, the simplest way to secure them is to create an encrypted Apple disk image. An Apple disk image is a single file that can be mounted by OS X as a drive. You can create new blank disk images, which bear the familiar .dmg file extension, on a Mac using Disk Utility.

  1. Open Disk Utility (located in Applications>Utilities) and select File>New>Blank Disk Image from the menu bar.
  2. Under “Save As,” enter the desired filename for your .dmg. Enter a name for the disk image (this is what will appear in your source menu when it’s mounted) and choose the size of the disk you want to create.
  3. Keep the format set to the default: Mac OS Extended (Journaled)
  4. Go ahead and set the encryption to 256-bit AES
  5. Set Partitions to Single partition – Apple Partition Map
  6. For Image Format, choose read/write disk image

When you click Create, you’ll be prompted to set a password for the file you’ve created. If you click on the key image next to the password field, a Password Assistant will pop up to help you create a strong password. Choose Memorable and a long length (the max length of 31 characters is most secure), and the Password Assistant’s autogenerated password will be very hard to guess using a software program (the level of security is similar to that of a Captcha, the word-generating fields used to determine whether a visitor is human or not).

Dragging data to your disk image when it’s mounted will copy it to the .dmg. Once you eject the disk image, you’ll need to enter your password to mount the image again and access your files. If the .dmg file is unmounted (ejected), people who don’t have access to your password won’t be able to get the data within. You can securely mount the resulting .dmg file from any Mac. If you decide to remember the password in your Mac’s Keychain (the password prompt will ask you if you want to do this), keep in mind that anyone else who has access to the user account that keychain is associated with will also have access to the files within.

This technique is particularly useful when preparing taxes or hiding the electronic trail of receipts and correspondences related to a special gift you want to keep secret from tech-savvy nosy kids this holiday season.

Related content from GigaOM Pro (sub req’d):


Comments have been disabled for this post