The FileVault feature in Leopard and Snow Leopard lets users encrypt their entire home folders. FileVault uses the AES-128 encryption standard, which is what the U.S. government specifies for protecting secret documents. As of 2009, AES has never been broken, and projections are that a brute-force attack would take all the computers on the planet, working together, longer than a human lifetime. Although FileVault itself has a variety of weaknesses, its encryption method is more than adequate for protecting any files you may have on your Mac, as long as you choose a good password and keep it safe.
Before turning FileVault on, see Chapter 13.
Before you can use FileVault, Mac OS X requires you to specify a master password, which can be used later on to access any account on your Mac protected with FileVault, even if the user's login password is forgotten. This password should be different from your administrator password and from any individual user's login password. It should also be kept extremely safe.
When you activate FileVault for a given user, Mac OS X creates an encrypted disk image, copies all the folders and files from the existing home folder (/User/short-username) onto the disk image, deletes the original home folder (optionally overwriting the data to prevent it from being recovered later), and then performs a bit of behind-the-scenes magic to make all references to the home folder point to the encrypted disk image.