Disk Utility encryption vs. FileVault 2

Similar Messages

• DIsk Utility, encrypted disk image

  I cannot create an encrypted disk image. I have searched through the discussion forums here but have not found an answer. After I select the name, location, image format, encryption and I hit save, I get an error that says "Unable to create '[file name].dmg'. (Resource busy)". I've tried different locations, image format and encryption, but I keep getting the same message. Any ideas what the problem is and how I can fix it? Thanks.
  NB: I want to create the disk image so that I can encrypt a few files with sensitive information. I do not want to use filevault, as I understand that it has downsides (e.g., free space needed to turn on and off, and backup with TM).

  1. Open the Disk Utility application. (If you don't know where it is, search for it in the spotlight.)
  2. At the top of the Disk Utility window, you will see several icons. Click on the one labeled "New Image". Before you do this, make sure that none of the drives on the left column (including "Macintosh HD") are selected.
  3. A new window opens. It asks you for the name you want to give the new disk, and where you want to save it to (you can choose to save it on the desktop). It will also ask you for the volume size of the new disk (the default setting is 100MB, but you can give it any size you want). It also asks you for the volume format, encryption (128- or 256-bit; 128 should be enough, unless you want to make it more secure, but compromise a bit of speed), partition (there is no need to partition; in fact, many recommend no partition at all), and image format (if you plan to frequently add and delete files on your encrypted disk, "sparse bundle disk image" is recommended".
  4. Click "create". It will ask you to create a password for your disk image.
  5. The new disk image should appear on your desktop (or other destination you chose). Double-click on the image to open it. It will ask you for your password. Enter the password you selected. You can choose to save the password on your keychain. That defeats the purpose of encrypting the disk image, since anyone who gains access to your computer will not have to enter the password to open the disk image and see its contents.
  I hope this step-by-step guide helps you. Let me know if something is not clear or if I got something wrong.

• Disk Utility Encryption

  Hi Everyone,
  How secure is the option in disc utility that says Mac OS X (Journaled, Encrpyted)?
  What level is it 128/256-bit and is it done hardware or software level wise?
  I'm trying to figure out the difference between this encryption and something like file-vault.
  Thanks!

  The key size is 128 bits. Disk Utility and FileVault use the same encryption algorithm. The transform is done in software, with hardware acceleration on late-model Macs.

• Blocksize error during Disk Utility encryption reformatting

  So I was erasing-and-reformatting an external hard drive so that I could encrypt it (it's through Disk Utility, so I suppose that means FileVault, right?), when I get the attached error. It sounds like it's either some kind of internal incompatability within the encryption or a buggy version of the encryption algoritm or something, because padding? But... that's really unlikely, of course. Thoughts? Has anyone seen this before?
  Thanks! : )

  Update: I called Western Digital and they say this error is caused when one of the sectors of the hard drive is damaged in some manner (they didn't elaborate, but I assume it's some sort of physical corruption). So, if you have the same error, chances are you'll need to replace the drive.

• Disk Utility / Encryption on Flash Drive used on Windows & Mac

  I am interested in using a flash drive whose contents are encrypted. I will be using this flash drive to open/trasnfer files between a Windows computer as well as a Mac. Does anyone have any solutions for running an encryptiont that can be used on both platforms.
  I have come across the opensource GNU Project. Is this the best technology use? Also there are different apps for each platform that use this standard. If this is the best solution, do you have any suggestions which are the best apps to use on the Mac and on the PC side?
  Thanks,
  Tim

  http://www.pcpro.co.uk/features/390385/how-to-format-a-usb-drive-on-a-mac-or-win dows
  "In most cases we recommend you select Microsoft’s exFAT format: this will give you full read and write access in both Windows (Vista or later) and OS X (Snow Leopard 10.6.5 or later)."
  That's what I've done so that the flash drive can be read in Win 7 and OS 10.6.8 and above.

• HT4718 FileVault 2, the Recovery System, and the use of Disk Utility

  I have FileVault 2 turned on for my Lion-equipped Powerbook Pro. When booting from the Recovery System, however, the Disk Utility thereon cannot even verify the internal HD, much less repair anything. I am aware that this is due to the encryption, of course.
  However, for external encrypted drives, all I need to do is enter the password to mount them. So is there something that one can do in order to get the Disk Utility on the Recovery System -- on this very same drive -- to recognize the main volume, in order to enable it to perform diagnostics?
  Secondarily, if I put the Powerbook Pro into target mode, and connect it to another Mac (which I have not tried yet) will I be able to mount it from the other computer if (A) It is running Lion OSX or higher, and (B) I can provide one or more of the login passwords?
  I am one who has always liked to keep my hard drives running smoothly (e.g using Disk Warrior, Drive Genius, Disk Utility...whatever). So this is a bit foreign to me to be unable to run at least basic diagnostics. Any input would be appreciated. Thanks.

  If you're talking about just the Recovery HD, you only need 1GB so use a 4GB USB thumb drive and the OS X Recovery Disk Assistant to create it.
  If you're talking about the ML installer (installESD.dmg) use an 8GB USB thumb drive.

• Disk utility's encrypted drives and user permissions

  I've decided against using filevault based on some of the feedback and research I have conducted. I am still interested, however, in encryption of some documents. I have used the Disk Utility to create a 128 bit encrypted .dmg image. I mount it using my user account, but only as r-x. I see that root has write permission, and so I assume it is safe to write to these drives. What is the best way to make it so that my user account has rwx permissions? I could manually do a chmod each time I mount the drive, but that seems silly. Also I noticed that apple doesnt seem to mount drives using the same files as linux, so I'm a little confused. Could someone please provide some insight to this. Also, *put on tin foil hat* how secure is this? When I access the drive is it writing unencrypted data to the swap file? thanks,

  Hi, iMacGyver.
  A. You wrote: " I have used the Disk Utility to create a 128 bit encrypted .dmg image. I mount it using my user account, but only as r-x. I see that root has write permission, and so I assume it is safe to write to these drives."Were you logged in as root when you created the dmg? Or did you create a read-only image from a folder containing the documents?
  To create a disk image to which you can add/remove documents and on which you will have Read/Write permissions:
  1. Log in to your account.
  2. Launch Disk Utility.
  3. Select File > New > Blank Disk Image...
  4. In the New Blank Image window, type a name for the new disk image in the Save As field, then select a location for saving the disk image, the desired Size, Encryption (select AES-128 in the pop-up menu), and leave Format as "read/write disk image."
  5. Click Create.
  6. Provide a password for the disk image when prompted. If you want extra security, de-select the option to save the password in your keychain, but be sure to never forget the password if elect to not save it in your Keychain.
  You can then double-click the disk image you just created, type the password when prompted, the disk image will mount, and you can add files to it. Ejecting the disk image will unmount it and all the content you added will be encrypted.
  One can use Disk Utility > File > New > Disk Image from Folder... to create either a Read Only or Read/Write encrypted disk image of an existing folder of documents, but if you elect to make it Read/Write there isn't much spare capacity for adding documents as the size of the disk image is based on the size of the folder.
  Also, if your comfortable with Terminal, you can look into the hdiutil command for creating and managing disk images.
  For example, if in step 4 above you selected the format as "sparse disk image", you'd later need to use the hdiutil command to compact the sparse image to recover disk space from files deleted from the spares disk image. Spare disk images are always Read/Write and only occupy as much hard drive space as the data they contain, e.g. a 100 MB sparse disk image containing 30 MB of files only uses 30 MB of hard disk space: they grow as files are added. A conventional R/W disk image of 100 MB in size takes up 100 MB of hard drive space even if it is empty.
  However, when you delete files from a sparse disk image, the amount of hard disk space it occupies does not decrease until you compact it using the compact verb of hdiutil. Disk Utility does not expose all of hdiutil's functions.
  B. You wrote: "Also I noticed that apple doesnt seem to mount drives using the same files as linux, so I'm a little confused. Could someone please provide some insight to this. "I don't understand what you mean. You'll need to be more specific.
  C. You wrote: " Also, *put on tin foil hat* how secure is this? When I access the drive is it writing unencrypted data to the swap file? thanks"To use encrypted swap files, select "Use secure virtual memory" in System Preferences > Security. Depending on the applications you use, there may be a slight performance reduction with encrypted swap.
  D. Your questions imply you're new to Mac. While you may be familiar with Linux, there are differences, especially in doing things through the GUI. If that's the case, my "Learning About Mac OS X" FAQ has a number of resources that you will find helpful including books, online training, and more.
  Good luck!
  Dr. Smoke
  Author: Troubleshooting Mac® OS X
  Note: The information provided in the link(s) above is freely available. However, because I own The X Lab™, a commercial Web site to which some of these links point, the Apple Discussions Terms of Use require I include the following disclosure statement with this post:
  I may receive some form of compensation, financial or otherwise, from my recommendation or link.

• To Shrink a filevault 2 partition using Disk Utility, decrypt it first

  Just a tip for others:  while trying to enlarge a bootcamp partition, I discovered that Disk Utility under Mountain Lion 10.8 will give you a strange (and misleading) error if you try to shrink a partition that's encrypted with filevault 2.
  The solution is to turn off encryption, let the drive fully decrypt.
  Then reboot (if you don't reboot, Disk Utility seems confused and shows a duplicate ghost version of your drive).
  Then use DU to resize the partition.

  Click the partioned disk > Hit Erase Tab  >
  Under "Format" Select "MAC OS Extended Journaled, Encrypted
  Click "Erase"
  Set Password ..
  Done

• Disk Utility create encrypted disk image hangs

  I'm trying really, really hard to backup my data but apple is not making it easy for me.
  I need my files encrypted for an offline backup. Time machine only allows home folder to be encrypted, and due to my home folder being on my SSD drive I cannot fit my files all in there, not by a long shot.
  Using Disk Utility, I choose "new disk image from folder", and select "read only", 256-bit encryption. Some of the folders worked. However some will just hang for hours on "Creating Image, copying...". I can see at the destination the dmg file has stopped incrementing larger. It has reached the full size of the folder approximately. Does apple fail at some file types? I already ran disk repair several times to no avail. I don't know what else to try, it just doesn't want to work. All I want is an encrypted backup, that any OSX install can retrieve without any special software involved. Sometimes I'll get a very unhelpful error message "Operation not supported". Whatever that is supposed to mean. Google was no help so hoping for some insights here.

  Create an encrypted sparse disk image instead of from folder, mount it, and then drag & drop your files into ii.

• Unable to create an encrypted disk image with Disk Utility

  Hi:
  With our upgrade to Lion a few weeks ago, we're now unable to create an encrypted disk image of any type using Disk Utility any more. This problem occurs on 3 different machines, and is reproducible whether one is using an internal HD or an external FW HD. We can successfully create nonencrypted disk images.
  This is a duplicate post with all the details here: https://discussions.apple.com/message/18469359#18469359
  We haven't had any luck with a solution trying various permissions fixes as helpfully suggested by other readers in response to the error message # (-60008 error), so I'm hoping that someone else has run across a solution from the encrypted disk image perspective and that this tag line will generate some help.
  Thank you!

  Save As: 01 (on Desktop)
  Name: 01
  Size: 100 MB
  Format: Mac OS Encrypted (Journaled)
  Encryption: 256-bit AES
  Partitions: Single partition- Apple Partition Map
  Image Format: read/write disk image
  At the password window that pops up I enter: 1234567890
  This says password strength is "Weak"
  All works fine
  Then I repeated this using:
  Save As: 02 (on Desktop)
  Name: 02
  Size: 100 MB
  Format: Mac OS Encypted (Journaled)
  Encryption: 256-bit AES
  Partitions: Single partition- Apple Partition Map
  Image Format: read/write disk image
  At the password window that pops up I enter: 1234567890 and when I start to enter the next "1" I get the "Unable to create "02.dmg." (error -60008)
  OS 10.7.4
  Disk Utility Version 12.1.1 (353)

• External HFS encrypted password change & Drive mounting in Disk Utility without password

  I have two questions:
  1. I have an external HFS encyrpted drive that was encrypted via Mavericks Disk Utility. I have the password for it in 1password but I cannot cut and paste it when it attempts to mount. It is a very long password and it would not be practical to type it manually. It seems that Apple does not permit pasting such passwords (I have also tried to copy the password to a sticky note and then into the drive mount password prompt with no results, thus it is not unique to 1Password). At any rate, to remedy this situation, I would like to change the password to something smaller and memorizable (which is very very unfortunate as I find this a gaping security issue for who, in their right mind will manualy type in a 60 character password every time?). I have not been able to locate a method to change this external drive's password. Any assistance would be greatly apprecaiated.
  2. Alarmingly, I AM able to mount the drive WITHOUT entry of the password if I do a verify disk and repair disk. This is horrifying. This means that without any password someone can mount the drive just by running these utilities.
  Thanks in advance.

  You wrote: "It's definitely formatted for windows...I have Disk Warrior, but it doesn't see my drive "DiskWarrior only works on disks in Mac OS formats, e.g. "Mac OS Extended" (aka HFS Plus or HFS+), "Mac OS Extended (Journaled)." It won't fix disks in MS-DOS/FAT32 format.
  There are PC-specific disk utilities, akin to DiskWarrior for Mac, so if you have a PC as well, a PC disk utility might help repair the directory corruption if run from a PC.
  External drives, whether they're formatted for PCs or Macs, can be subject to the same causes of directory corruption discussed in See my "Data corruption and loss: causes and avoidance" FAQ. Some of those causes have nothing to do with hardware failure and many are preventable.
  Good luck!
  Dr. Smoke
  Author: Troubleshooting Mac® OS X
  Note: The information provided in the link(s) above is freely available. However, because I own The X Lab™, a commercial Web site to which some of these links point, the Apple Discussions Terms of Use require I include the following disclosure statement with this post:
  I may receive some form of compensation, financial or otherwise, from my recommendation or link.

• Encrypted drive will not accept password when re-mounting via Disk Utility

  I have used the 'whole disk encryption' on one of my external HDDs.  Sometimes i eject the drive when i don't need it because it's in a 4bay housing along with 3 other drives.  I do this because OSX wakes up all my drives even for mundane tasks like safari browsing or even looking for a dictionary definition. But anyway, my problem is if i want to re-mount that encrypted drive from disk utility (left mouse click on greyed out drive and re-mount) it does not accept my password.  I get the little shake like i typed it in incorrectly.  Anyway, i tried it like a dozen times and received a dozen shakes of negativity.
  If i swith off the drive unit and swith back on again the password is accepted just fine..
  Can anyone else test this so i can mark it up as a Lion bug?  Or is there something else i need to try?
  Thanks
  Si

  Hi MacNewb1022,
  Welcome to Apple Support Communities.
  The article linked below has some great troubleshooting tips that should help you resolve the slot-loading SuperDrive issue that you described.
  Apple Computers: Troubleshooting the slot-loading SuperDrive
  http://support.apple.com/kb/HT2801
  Cheers!
  -Jason

• My disk utility option to turn off encryption does not highlight so I can't turn off the encryption of my external hard drive with time machine back up

  I have an iMac and Retina MBP. I use Time Capsule for backup of iMac and I wanted to use an external hard drive attached to time capsule as time machine backup. The problem is that I encrypted previously that external hard drive and now Time Capsule does not recognize it.
  When I try to turn off encryption with Disk Utility, that option is not highlighted so I cannot use it.
  I tried with terminal but it answers The given UUID is a not a CoreStorage Logical Volume UUID

  Can you plug in the hard drive directly to your MBP and then decrypt the hard drive?  You should be able to do this by opening up Finder and then either right clicking the hard drive (holding down two fingers and clicking) or holding down ctrl and then clicking on the hard drive.

• Disk utility doesn't encrypt

  Disk utility will create a custom disk image on my external HD, but won't encrypt it. I've followed the instructions step-by-step for creating a secure, encrypted disk image several times and it always ends up the same: the disk image is created in the right place with the right name and size, but it doesn't require a password to open it. What am I missing here?

  Don't put the password in the Keychain. If it's already there, open Keychain Access and delete that image's entry.
  (61493)

• Disk Utility won't finish creating a 30Gb encrypted disk image

  How long should it take Disk Utility to create a 30Gb encrypted read/write disk image on a 32Gb Kingston USB 2.0 flash drive?
  Once I started the process the dialog box said "Creating Image 'backup.dmg' [thermometer bar] Creating...". The bar took about an hour to fill up completely. Then the filled bar went completely empty and the bar is completely moving candystripes as though it's made no progress at all. It's been like that for hours. Should I give it another few days or is this never gonna work?

  Hi Michael,
  Did you reformat it HFS+ or something else?
  Some USB2 Flash Drives Write at a disappointing USB1 speed, but Read at USB2 speeds.
  From what I can find, that isn't one of them and should take maybe an hour & a half to transfer 30 GB to it. Of course if write speed IS USB1, then you could expect 2 days or more.
  I'd stop it. Reformat it, then make the Image on the HD and try transferring it.