Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

Question

Encryption software for Mac OSX

Apr 18, 2016 1:54PM PDT

I'm looking for an OSX app that can give me an encrypted volume or folder, for which I must manually enter the password when I want to open it. I would like backup services to see it as a single opaque file when it's not open, because I don't want the contents to be backed up in the clear.

When I used to use Windows I had a tool called Kryptel, but I haven't yet found anything similar for Mac.

Free is best, but I'm willing to pay a little money for something worthwhile. Any ideas?

Discussion is locked

- Collapse -
Answer
Did you try an old standard?
Apr 18, 2016 2:50PM PDT

That is a zip file? Some file managers open that and don't extract except to access the file you want and then it's temporary as well.

- Collapse -
Old standard - reply
Apr 19, 2016 9:05AM PDT

Nope, didn't even think of it.

Thanks for the idea. I'll see if I can find an in-place zipfile app. I think that would do it for me.

- Collapse -
I like OS X File Vault better.
Apr 19, 2016 9:09AM PDT

But zip with password is an oldie solution to that question and works across many OSes.

- Collapse -
Answer
OS X File Vault can encrypt your entire Home Folder,
Apr 18, 2016 3:25PM PDT

possibly overkill for you, but all your Time Machine backups will also be encrypted.
Just make sure you click the "Encrypt Backup Disk" check box.

P

- Collapse -
File Vault reply
Apr 19, 2016 9:10AM PDT

I don't use Time Machine, but another online backup service. If I'm not mistaken, that service will grab my files in the clear, won't it?

I played with File Vault a bit, and it seemed to me that though it encrypted the files on disk, they were completely accessible to may and anybody else who managed to log in to my laptop, again including the backup service. Maybe I missed something?

- Collapse -
You didn't miss anything,
Apr 19, 2016 3:38PM PDT

I believe that an on-line backup would not have the files encrypted.

That said, how would anyone else be accessing your account if you did not give them the password to your account.
You do use different accounts for different users, hopefully.

P

- Collapse -
Backup encryption
Apr 19, 2016 4:46PM PDT

Yes, different accounts etc.

I've just gotten pretty cynical about the security of online providers, now that we live in the "post-Snowden era". Not that I think anybody's going to intentionally target ME (least of all Mr. Snowden himself), but there have been enough mass security breaches that I don't think I want to risk my data any more than I have to. And once data gets out there in unencrypted form even once, it's there to stay.

Traditional zipfile security isn't anything to write home about either. WinZip even warns you when you enter a password that it's not terribly safe. But maybe with a strong password...

- Collapse -
If you want to launch a discussion about encryption
Apr 19, 2016 5:03PM PDT

We can spend the next few years on that alone.

However, if you look at the iPhone encryption debate then Apple's own encryption must be pretty good or our government agencies very bad (well there are good and bad folk in there.)

Around here, the thoughts are about using zip type encoding along with a codebook ( https://en.wikipedia.org/wiki/Codebook ) or stream cipher. Since some of these messages have remained uncracked for over a century it's clear that it's possible to encrypt beyond your government's reach today.

Using a known encryption is well, leaving you open to known ways to decrypt. So if you want better than off the shelf encryption you learn about this topic and make your own that looks nothing like what the major players use.

- Collapse -
Getting off-topic
Apr 20, 2016 7:39PM PDT

True, we can talk about that for a very long time. I'm not sure you and I agree, but I will resist the temptation to get into it here! Thanks for your feedback.