13.4. Using FileVault

In addition to offering encrypted disk images that you can create manually to protect any number of files, Mac OS X includes a mechanism called FileVault that puts an encrypted disk image — specifically, an encrypted sparse bundle disk image — to a special use. FileVault encrypts the entire contents of a user's home folder (/Users/username), which typically includes all the user's documents, email, photos, music, preferences, and other personal files. Because FileVault operates almost invisibly behind the scenes, it makes a convenient way to keep nearly all your personal files secure. However, it also has some noteworthy downsides, so it's not the best choice for everyone.

NOTE

For more on FileVault, see Chapter 4.

13.4.1. FileVault virtues and vices

I wish I could offer either a blanket recommendation to use FileVault or a blanket warning not to, but it's not that simple. FileVault does some things brilliantly, which makes me quite enthusiastic about it at times, but it also has some significant failings and limitations that give me pause (enough so that I don't use FileVault on my own Macs). But your mileage may vary, so I present here some of the pros and cons of FileVault.

13.4.1.1. Great things about FileVault

The first great thing about FileVault is that it encrypts almost all your personal files without demanding any more interaction from you than would be necessary for encrypting a single file (and, typically, much less). Assuming you keep all ...

Get Mac® Security Bible now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.