Skip navigation

Double encryption in Time Machine?

905 Views 2 Replies Latest reply: Apr 3, 2013 11:56 AM by Crypto Smith RSS
Michel Colman Level 1 Level 1 (15 points)
Currently Being Moderated
May 22, 2012 1:12 AM

I used Disk Utility to wipe a disk and initialize it as an encrypted volume to be used for Time Machine backup. But in the Time Machine preferences, there's also an option to encrypt the destination. I'm a bit confused now:

 

If I use the encrypted disk AND choose the Time Machine encryption option, will everything be encrypted twice? Or will Time Machine simply use the encrypted volume without further ado? And what if I don't check the encryption option in Time Machine? Will it convert the disk to an unencrypted format?

 

Which is the best way? Using encrypted Time Machine backup on a regular disk, using "normal" Time Machine on an encrypted disk, or using encrypted TM on an encrypted disk? Or is it all just the same? I would assume the latter, but I want to be sure.

 

I just want to avoid a possible double encryption (which would be slow and pointless), but I do want to make sure everything is really encrypted.

 

Thanks for the info,

 

Michel Colman

MacBook Pro, Mac OS X (10.7.2)
  • Pondini Level 8 Level 8 (38,710 points)
    Currently Being Moderated
    May 22, 2012 5:33 PM (in response to Michel Colman)

    Michel Colman wrote:

     

    I used Disk Utility to wipe a disk and initialize it as an encrypted volume to be used for Time Machine backup. But in the Time Machine preferences, there's also an option to encrypt the destination. I'm a bit confused now:

    If the disk is encrypted, when you select it as the destination, the Encrypt backup disk box should be checked automatically.

     

     

    If I use the encrypted disk AND choose the Time Machine encryption option, will everything be encrypted twice?

    No.

     

    Or will Time Machine simply use the encrypted volume without further ado?

    Yes.

     

    And what if I don't check the encryption option in Time Machine? Will it convert the disk to an unencrypted format?

    I believe so, but don't recall if I tested that.

     

    Which is the best way? Using encrypted Time Machine backup on a regular disk, using "normal" Time Machine on an encrypted disk, or using encrypted TM on an encrypted disk? Or is it all just the same? I would assume the latter, but I want to be sure.

    Yes, encryption is encryption.

     

    See Time Machine - Frequently Asked Question #31 for the gory details.

  • Crypto Smith Calculating status...
    Currently Being Moderated
    Apr 3, 2013 11:56 AM (in response to Michel Colman)

    Let me describe my own experiment with "double encryption" on Time Machine.

     

    At first I enabled encryption just for the Time Machine backup. Then I realized that I wanted the whole drive encrypted and not "just" the backup (a long story, don't ask).

     

    I restarted Disk Util and reformatted the drive, enabling encryption at the same time. When I went to select the drive for Time Machine, the "encrypt" box was already checked.

     

    Given Pondini's response, I think the box simply echoes the encryption setting of the underlying drive.

     

    At the time, though, I thought the checked "encrypt" box was left over from my earlier decision to encrypt just the backup. I tried several times to un-check the box, not wanting the dreaded double encryption.

     

    I couldn't uncheck the box. Each time I tried, I was led through a series of dialogs that tried to turn off encryption, but failed, ending with an obscure "conversion" error message.

     

    On reflection, this may have been because I used a different encryption password/key each time: one for "just" encrypting Time Machine, and a different one when I chose to encrypt the whole volume from Disk Util.

     

    Perhaps if I had used the same password/key both times I would have simply disabled disk encryption. Or perhaps OS X wouldn't let me un-encrypt a drive from Time Machine.

Actions

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • This solved my question - 10 points
  • This helped me - 5 points
This site contains user submitted content, comments and opinions and is for informational purposes only. Apple disclaims any and all liability for the acts, omissions and conduct of any third parties in connection with or related to your use of the site. All postings and use of the content on this site are subject to the Apple Support Communities Terms of Use.