Mac OS X includes FileVault to encrypt the information in your home folder. FileVault creates a separate volume for your home folder and encrypts the contents of it. The information in your personal folder is encrypted and ensure your data if your computer is lost or stolen. FileVault uses the latest encryption Government recognized standard, the advanced encryption standard with 128-bit keys (AES-128).
When you turn on FileVault, you also set up a master password for the computer that you or an administrator can use if you forget your regular login password.
WARNING: If you turn on FileVault and then forget both your login password and your master password, you will not be able to log in to your account and your data will be lost forever.
If you store sensitive information on your computer, you should consider using FileVault. For example, if you run your business financial data on your portable computer loses allow someone could access to sensitive data that might harm your business. If you are logged on from your account, if you have your portable is lost, and FileVault is turned on, your are sure data.
Because your home folder is encrypted, can some tasks that normally access to your private folders be prevented. Example: backup programs can see your personal folders as one of the always changing, and this could slow down your backup. Even if you are not logged into your computer, other users have no access to shared folders in your home folder.
Using FileVault for Mac OS X
FileVault creates an encrypted disk version of your User file. Because of this, it is recommended that you move iTunes and iPhoto libraries out of your home directory and into the shared folder.
- Move your iTunes and iPhoto libraries into /Users/Shared. FileVault takes your entire home folder and encrypts it into one big file; by moving iPhoto, iTunes, and movie files out, you can keep the size of this file down and improve reliability. In iTunes, go into Preferences: Advanced, and select where to keep your iTunes Library. Make sure you check the box that says ‘Keep iTunes Music Library Organized’. Then go into Advanced: Consolidate Library, and iTunes will move all your files for you. For iPhoto, just move your iPhoto Library. The next time you launch iPhoto, it will ask you to point it towards your library.
- Create a maintenance user account with administrative privileges. In System Preferences, just click on Accounts and add the user there — make sure it’s an Administrator account. You could name it ‘Maintenance’, and gave it a secure passphrase. This account is critical – without it, if your FileVault gets corrupted, you are in serious trouble.
- Backup your entire hard drive with TSM (Tivoli Storage Manager). Backing up your hard drive protects you against the risk of losing data through the process of disk encryption.
- Make sure TSM is set for incremental backups. Incremental backups keep track of changed files, while a whole drive backup is merely a clone. The risk of having only a clone is that your backup might be corrupt, and without the copies of your files you won’t be able to restore.
- Go into System Preferences; click on Security. Set a master password for your computer; your NetID password is a good choice. Make sure you have a copy of this password and DO NOT FORGET IT; this might be the same as the Maintenance password, since they both provide control over your computer (albeit in different ways). Record the password and store it somewhere safe.
- Check the settings on the bottom to: a) Require a password to wake this computer, b) Disable automatic login, and c) Use secure virtual memory.
- Click the button at the top to Turn on FileVault.
- This can take a while. Wait.
- Once complete, your Security preferences should look like this screenshot:
And again, usually after you have added or deleted a lot of files, will your Mac asks you to extra space from your encrypted drive restore. Make sure the time to run it – it could take as long as 20 minutes, but it ends up in 5 minutes. You want to turn off to your Mac during this process.
Notes:
When you turn on FileVault, you will not have access to mapped drives and printers. If you use your Mac to work remote printing, FileVault is probably not the solution for you. Again access to mapped drives could FTP it from a second account on the Mac which enabled access using FileVault.
Responses to “What is FileVault?”
Leave a Reply