password protect a hard drive or folder?

Yes.

You have a couple of options. First, you can create a disk image on the drive that is encrypted and use that. By using a sparse image, the image can grow as you use it. On the drive, this will be a file, and when you double-click it you'll be prompted for a password. If you supply a valid password, the file will appear as a new disk drive (which you can use in pretty much any way you'd use a disk).

You can also use a third-party utility like [TrueCrypt|http://www.truecrypt.org], which gives a mind-numbing number of options for encryption; including some that go well beyond military-grade data encryption.

benjamingordon wrote:
hi.

so if i create a sparse disk image i can put stuff into the disk image when its mounted and it will copy into the disk image file on the external drive?

Yes. The only drawback is that you won't be able to access the contents from a Windows machine. But if you're a Mac-only guy there's no problem.

Yes and yes.

I should point out that the disk image solution will only be readable on Macs.

The TrueCrypt solution, however, will work with any platform that TrueCrypt supports (Mac/Windows/Linux), but does require the free TrueCrypt software to be installed in order to access the encrypted data.

JD, don't mean to hijack this thread, and I'll start a new topic if you think that's better, but what you are suggesting seems to be the equivalent of setting up File Vault, but just for the External. File Vault, everything residing in one single file, scares the crap out of me.


Something I've been wondering about for a while for theft scenario: If the External were a clone--my situation--do you think Automatic log in disabled, maybe along with Virtual Secure Memory, and a really good random password be adequate? I'm interested in your take on this. But wouldn't stop good data recovery, would it?

Message was edited by: WZZZ

Essentially, the disk image solution is what FileVault is. You can, of course, have many disk images...

File-system or directory encryption is a relatively risky proposition. It can make it very difficult to recover if something goes awry.

If you'd like to encrypt files one-by-one, there's several programs like PGP and GPG that will encrypt individual files. It's not as convenient, since it's not transparent -- you have to manually encrypt/decrypt the files.

For a sparse disk image, the size sets the upper-bound for how big the disk image can get. If you said 40 MB, the OS will not permit the disk to grow to >40 MB in size.

Try not to make a sparse disk image with a size that exceeds the actual size of the volume that you're putting the disk image on.

WZZZ wrote:
do you think Automatic log in disabled, maybe along with Virtual Secure Memory, and a really good random password be adequate?

Not for an intruder who has physical access. Encryption is the only thing that can protect against that.

Kiraly, how does someone with physical access get past the password (a strong, random password that would make a dictionary attack impossible)? I'm thinking I'm logged out when they steal it or break in.

Easy. They reset your admin password, in single user mode, or with an OS X install disc.

Easier yet, they just plug your hard drive to their computer. Then they "own" it on their system and have full read and write access to it.

If your data is not encrypted, it isn't safe from an intruder who has physical access.

Thanks, yeah those things are obvious, aren't they. Don't want to use FV, so guess I will have to continue to live on the edge.

A simple guide to encrypt external hard drive
http://www.disk-utilities.com/articles/how-to-encrypt-external-hard-drives.html