You can make a difference in the Apple Support Community!

When you sign up with your Apple Account, you can provide valuable feedback to other community members by upvoting helpful replies and User Tips.

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

User profile for user: Michel Colman
Michel Colman Author
User level: Level 1
26 points

Double encryption in Time Machine?

I used Disk Utility to wipe a disk and initialize it as an encrypted volume to be used for Time Machine backup. But in the Time Machine preferences, there's also an option to encrypt the destination. I'm a bit confused now:


If I use the encrypted disk AND choose the Time Machine encryption option, will everything be encrypted twice? Or will Time Machine simply use the encrypted volume without further ado? And what if I don't check the encryption option in Time Machine? Will it convert the disk to an unencrypted format?


Which is the best way? Using encrypted Time Machine backup on a regular disk, using "normal" Time Machine on an encrypted disk, or using encrypted TM on an encrypted disk? Or is it all just the same? I would assume the latter, but I want to be sure.


I just want to avoid a possible double encryption (which would be slow and pointless), but I do want to make sure everything is really encrypted.


Thanks for the info,


Michel Colman

MacBook Pro, Mac OS X (10.7.2)

Posted on May 22, 2012 1:12 AM

Reply
Question marked as Top-ranking reply
User profile for user: Pondini
Pondini
User level: Level 8
38,863 points

Posted on May 22, 2012 5:33 PM

Michel Colman wrote:


I used Disk Utility to wipe a disk and initialize it as an encrypted volume to be used for Time Machine backup. But in the Time Machine preferences, there's also an option to encrypt the destination. I'm a bit confused now:

If the disk is encrypted, when you select it as the destination, the Encrypt backup disk box should be checked automatically.



If I use the encrypted disk AND choose the Time Machine encryption option, will everything be encrypted twice?

No.


Or will Time Machine simply use the encrypted volume without further ado?

Yes.


And what if I don't check the encryption option in Time Machine? Will it convert the disk to an unencrypted format?

I believe so, but don't recall if I tested that.


Which is the best way? Using encrypted Time Machine backup on a regular disk, using "normal" Time Machine on an encrypted disk, or using encrypted TM on an encrypted disk? Or is it all just the same? I would assume the latter, but I want to be sure.

Yes, encryption is encryption.


See Time Machine - Frequently Asked Question #31 for the gory details.

View in context
2 replies
Question marked as Top-ranking reply
User profile for user: Pondini
Pondini
User level: Level 8
38,863 points

May 22, 2012 5:33 PM in response to Michel Colman

Michel Colman wrote:


I used Disk Utility to wipe a disk and initialize it as an encrypted volume to be used for Time Machine backup. But in the Time Machine preferences, there's also an option to encrypt the destination. I'm a bit confused now:

If the disk is encrypted, when you select it as the destination, the Encrypt backup disk box should be checked automatically.



If I use the encrypted disk AND choose the Time Machine encryption option, will everything be encrypted twice?

No.


Or will Time Machine simply use the encrypted volume without further ado?

Yes.


And what if I don't check the encryption option in Time Machine? Will it convert the disk to an unencrypted format?

I believe so, but don't recall if I tested that.


Which is the best way? Using encrypted Time Machine backup on a regular disk, using "normal" Time Machine on an encrypted disk, or using encrypted TM on an encrypted disk? Or is it all just the same? I would assume the latter, but I want to be sure.

Yes, encryption is encryption.


See Time Machine - Frequently Asked Question #31 for the gory details.

Reply
User profile for user: Crypto Smith
Crypto Smith
User level: Level 1
7 points

Apr 3, 2013 11:56 AM in response to Michel Colman

Let me describe my own experiment with "double encryption" on Time Machine.


At first I enabled encryption just for the Time Machine backup. Then I realized that I wanted the whole drive encrypted and not "just" the backup (a long story, don't ask).


I restarted Disk Util and reformatted the drive, enabling encryption at the same time. When I went to select the drive for Time Machine, the "encrypt" box was already checked.


Given Pondini's response, I think the box simply echoes the encryption setting of the underlying drive.


At the time, though, I thought the checked "encrypt" box was left over from my earlier decision to encrypt just the backup. I tried several times to un-check the box, not wanting the dreaded double encryption.


I couldn't uncheck the box. Each time I tried, I was led through a series of dialogs that tried to turn off encryption, but failed, ending with an obscure "conversion" error message.


On reflection, this may have been because I used a different encryption password/key each time: one for "just" encrypting Time Machine, and a different one when I chose to encrypt the whole volume from Disk Util.


Perhaps if I had used the same password/key both times I would have simply disabled disk encryption. Or perhaps OS X wouldn't let me un-encrypt a drive from Time Machine.

Reply

Double encryption in Time Machine?

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.
Learn more Sign up