3 Replies Latest reply: Jun 12, 2012 6:48 AM by WZZZ
lpfrench Level 1 (0 points)

Hello, I am concerned about security should our iMac be stolen.  What is the best way to protect our personal data should this happen?

  • WZZZ Level 6 (12,875 points)

    Move your personal data into a password protected encrypted disk image. Best is to use sparse bundle. Don't store the password in the Keychain, which would defeat the entire purpose of doing this. And don't lose the pword. This is where I keep my tax returns or anything else I consider sensitive. Besides the issue of theft, it might be quite useful for peace of mind in the event my drive or some hardware component fails without warning and I need to bring the computer in for repair. If I had any warning I'd zero out the drive first, if possible.


    I also make a duplicate/backup of this, which I try not to use, and I keep a copy on a Flash drive, just in case the first two get corrupted -- which is very unlikely. I've been using this for around a year with no problems. (I also have three backup clones on external drives, for redundancy.)




    There is also File Vault, which has become, at least so I hear, much more dependable in Lion -- I still wouldn't trust it. Pre-Lion, it's known to be quite risky and potentially troublesome. It's an all your eggs in one basket kind of thing.

  • Linc Davis Level 10 (192,957 points)

    If running Lion, activate FileVault.


    It's very important to understand the implications of encrypting your data. If you forget the password, the data is lost. With FileVault, you have the option of storing an alternative decryption key with Apple. You'll specify some security questions. If you forget the password and the answers, the data is lost. If someone steals your computer and can guess the answers, the data is stolen.


    Storing data on an encrypted disk image is not a good solution. While mounted, disk image files are not backed up by Time Machine, and they can't be reliably backed up by any means, because the file may be changing while it's being copied, leaving the copy in an inconsistent (and unusable) state.


    The data in your Keychain is encrypted with your login password. If you have a strong login password, that data is safe.

  • WZZZ Level 6 (12,875 points)

    Encrypted disk images are not a problem if not using TM. Just don't leave the disk image mounted while cloning. Use a fairly long random, all over the keyboard, upper and lower case, mixed in with non-letter characters password. Don't use a dictionary word, probably nothing you can easily remember. I've had absolutely no problems.


    Message was edited by: WZZZ