Encrypting Hard Drive For Os X
Securing computer data through encryption software has become a clear necessity for many businesses and individuals carrying sensitive information on their laptops or USB flash drives. Unfortunately, many people do not encrypt their data because they’re too lazy or feel data theft won’t happen them. A lot of people simply feel they don’t have anything all that important stored on their computer and therefore they don’t need encryption.
Dec 18, 2019 BitLocker for Windows 10. Click Start, click or search for Control Panel, then click or search for BitLocker Drive Encryption. On the BitLocker Drive Encryption page, click Turn On BitLocker next to the primary disk volume (C:). NOTE: An administrator or administrator account will be required to complete this step. If the TPM module is not initialized, you will need to initialize the TPM. May 30, 2017 Encrypting a USB Drive on a Mac Made Easy macOS 10.12.x “Sierra” Edition & 10.13.x “High Sierra” Edition A YouTube video of these instructions can be found here! (NOTE: This was written for OS X 10.12.5 “Sierra.” If you’re looking for the Mac OS 10.11.x “El Capitan” edition, click here. The original blog entry written for OS X. Apr 29, 2020 Here are two ways to decrypt the HDD in Windows OS and one way to decrypt Mac OS. Decrypt Windows hard drive - Option One. If you have a certificate for the encrypted (EFS) hard drive partition, you can access data in the hard drive with ease. Here below are detailed steps about how to decrypt EFS (encrypted) hard drive partition in Windows 10/8/7. Jun 29, 2020 FileVault 2 cannot be used with every Mac and all drive configurations. It can only be enabled on a single drive containing OS X and Recovery partitions. In addition to encrypting Mac hard disk drive, FileVault 2 also helps you encrypt removable drives. This allows you to protect your Time Machine backup drives.
Whatever your reason may be, encrypting your data is very important. Whether you think you store important data on your computer or not, there are hackers out there who would love to browse through your files, pictures, and data to do harm like identity theft. Even something as innocuous as pictures can be used in very evil ways if in the wrong hands.
Encrypting your hard drive in Windows and OS X is now a fairly simple and straight-forward process that pretty much anyone can do, so there’s no reason to leave yourself open to possible attacks. In this article, I’ll go through using BitLocker on Windows and FileVault on OS X to encrypt your data.
Previously, I had written about using a program called TrueCrypt, but it seems the project has been discontinued for various reasons. The program had been one of the most popular for encrypting your hard drive, but now that it is no longer supported, we don’t recommend using it. The TrueCrypt team even recommends using BitLocker as it can do pretty much everything TrueCrypt was able to do.
Bitlocker on Windows
In Windows Vista, Windows 7 and Windows 8, you can turn on drive encryption by enabling BitLocker. Before we get into how to enable BitLocker, there are a couple of things you should know first:
1. BitLocker works on the Ultimate and Enterprise versions of Windows Vista and Windows 7 and on the Pro and Enterprise versions of Windows 8 and Windows 8.1.
2. There are three authentication mechanisms in BitLocker: TPM (Trusted Platform Module), PIN, and USB key. For the greatest security, you want to use TPM plus a PIN. The PIN is a password that has to be entered by the user before the booting process.
3. Older computers that don’t support TMP can only use the USB key authentication mechanism. This is not as secure as using TPM with a PIN or TPM with a USB key or TPM with both a PIN and a USB key.
4. Never print a backup key on paper and store it somewhere. If someone, even the police, can get access to that paper, they can decrypt your entire hard drive.
Now let’s talk about actually enabling BitLocker. Open the Control Panel in Windows and click on BitLocker Drive Encryption.
You’ll see a list of all your partitions and drives listed on the main screen. To get started, all you have to do is click on Turn On BitLocker.
If you have a newer computer with a processor that supports TPM, you’re good to go and the process will start. If not, you’ll get the following error message: “A compatible Trusted Platform Module (TPM) Security Device must be present on this computer, but a TPM was not found.” To fix this, read my previous post on this TPM problem when enabling BitLocker.
Os x yosemite for ipad mini 1. Mac Pro (Late 2013 or newer)Boot CampAllows Boot Camp installations of Windows 10 on supported Mac models.Exchange SupportRequires Microsoft Office 365, Exchange 2016, Exchange 2013, or Exchange Server 2010.
Once you’ve followed the directions in that post, you should be able to click on Turn On BitLocker again and the error message should not appear. Instead, the BitLocker Drive Encryption setup will start.
Go ahead and click Next to get started. The setup basically prepares your drive and then encrypts it. To prepare the drive, Windows needs two partitions: one small System partition and one operating system partition. It will tell you this before it begins.
You might have to wait for a few minutes while the C drive is first shrunken down and the new partition is created. After it is finished, you’ll be asked to restart your computer. Go ahead and do that.
Once Windows restarts, the BitLocker setup should pop up automatically with a check mark next to drive setup. Click Next to start the actual hard drive encryption.
On the next screen, you’ll get to choose your BitLocker security options. If you don’t have a TPM installed, you won’t be able to use a PIN for startup, but only a USB key.
You’ll be asked to insert a USB stick at which point it will save the startup key there. Next you’ll need to also create a recovery key. You can save it to a USB drive, to a file or print it. It’s best not to print it.
After this, you’ll finally be asked if you’re ready to encrypt the hard drive, which will require a restart.
If all goes well and Windows is able to read the encryption keys off your USB stick or from the TPM, then you should see a dialog pop up telling you that the drive is being encrypted.
Once completed, your data is now safely encrypted and cannot be accessed without your keys. Again, it’s important to note that using BitLocker without TPM is a lot less secure and even if you use TPM, you need to use it with a PIN or with a USB key or with both to be truly protected.
Also, it’s worthwhile to note that while you are logged in, the keys are stored in RAM memory. If you put your computer to sleep, the keys could be stolen by savvy hackers, so you should always shutdown your computer when you’re not using it. Now let’s talk about FileVault in OS X.
FileVault in OS X
FileVault in OS X provides the same functionality as BitLocker does in Windows. You can encrypt the entire drive and a separate boot volume is created to store user authentication information unencrypted.
To use FileVault, you need to go to System Preferences and click on Security & Privacy.
Now click on the FileVault tab and click on the Turn On FileVault button. If the button is disabled, you have to click the little yellow lock at the bottom left of the dialog and enter your system password in order to make changes.
Now you will be asked where you want to store your recovery key. You can either store it in iCloud or you can get a recovery key code and then store it in a safe place. I would highly recommend against using iCloud, even though that is easier, because if law enforcement or a hacker needs to break into your computer, all they have to do is get access to your iCloud account to remove the encryption.
Now you’ll be asked to restart your computer and when OS X logs back in, the encryption process will begin. You can go back into Security and Privacy to see the progress of the encryption. You should expect the computer performance to be slightly impacted in the range of 5 to 10% slower. If you have a new MacBook, the impact may be less.
As mentioned earlier, all full-disk encryption can still be hacked because the keys get stored in RAM while you’re logged in. You must always shut down the computer instead of putting it to sleep and you should always disable automatic login. In addition, if you use a pre-boot PIN or password, you’ll have the most security and it will be extremely difficult for even technical forensic experts to crack into your hard drive. Have any questions, post a comment. Enjoy!
It’s a fact of life that computers slow down. Sometimes it’sdue to wear and tear but it can also be something as simple as your hard-drivefilling up with files which are no longer needed. Or essential operating systemfiles being accidentally deleted.
When this happens, it’s time to consider reinstalling theoperating system. It is a monumental pain in the neck as it is not a shortprocess, but in the case of MacOS it is an easy process. You need an Internetconnection though so don’t think about doing this on the bus or anything.
This is something I have been meaning to do for a while butProcrastination is my friend. But today, for the purposes of this article, Ihave decided to get it done.
Step One –Backup All Essential Files
This is always the first step before reinstalling anoperating system. So delete all unneeded files then backup the rest either oncloud storage, a USB stick, or a removable hard-drive.
Remember to also backup your iTunes library, your iMoviedatabase, and your Photos database. These can be dragged onto portable storageand then dragged back onto the computer again later when this process is over.
If you use Time Machine, then this backup process is veryeasy.
Step Two – TurnOff FileVault
Having FileVault on stops you from reformatting andreinstalling the hard-drive. So go into SystemPreferences–>Security & Privacy and turn it off. This can take upto 30 minutes so be patient. Go make a coffee or something.
Step Three –Have You Encrypted The Start-Up Disk?
For reasons of security, you should have encrypted yourstartup disk from the very beginning. The slight downside to this is that ifyou forget the encryption password, you can never unlock it ever again and cannever reinstall MacOS.
Trust me, I am speaking from very bitter past experiencehere.
Assuming you know your password, restart the computer and atthe same time, hold down the CMD + R keys. This will then show you the padlockscreen above (which I had to photograph since I can’t do screenshots at thisstage).
Enter your password and the screen will then change to showyou this. Again, I had to take a photo with my iPhone so apologies for thenot-so-perfect quality.
Encrypting Hard Drive For Os X 10
If you don’t know your password then you are seriously out ofluck as not even Apple will unlock it for you.
Step Four –Erase The Contents Of The Hard Drive
As you can see from the menu above, there is an option called“Disk Utility”. Choose that and then select the disk which the operating systemis installed on. In my case, there is only one disk but if you aredual-booting, you will have more than one.
Now click “Erase” and a small box will pop up asking you forthe desired name of the newly formatted drive as well as the file format type(APFS). I would recommend leaving them as they are.
Erasing takes literally seconds (in my experience anyway).When it is done, the “Used” part of the disk should be miniscule (in my case,20KB). At this point, everything on your computer is gone.
Close the Disk Utility window and you’ll be bounced back tothe Utilities screen.
Step Five –Choose Your Preferred Reinstalling Option
Now there are actually two options in the Utilities windowyou can choose from.
The first is the Time Machine backup. If you are in the habitof regularly backing up with Time Machine, and one day, you accidentally deletea whole bunch of system files, you could just roll the computer back to a TimeMachine backup from say the day before. This would be the equivalent of doing aSystem Restore on a Windows PC.
But I don’t use Time Machine (I manually backup). So for meand others like me, the only other option is to choose the “Reinstall macOS”option. So go ahead and click on that, and click “Continue” when it promptsyou.
Step Six –Pretend To Read The User Agreement
You will now be asked to read the user agreement. Do whateveryone else does and pretend you read it and click “Agree”. Don’t worry,Apple will never know.
Now choose a disk to install the operating system on. In mycase, there is only one disk. Choose it and continue.
The re-installation process will now begin.
The computer will restart several times during the processand can take up to an hour or more to finish. The nice thing is that it doeseverything by itself from now on so you can go off and do something else in themeantime. You’re not stuck staring at the screen watching your life slip away.
Step Seven –Set Everything Back Up Again
Once the system has been reinstalled, you will have to beginthe tedious process of putting things back to the way they were. This willinclude :
- Switchingon the Firewall.
- Switchingon FileVault.
- Re-encryptingthe startup disk.
- Reinstallingyour apps.
- Bringingessential files back onto the computer from your backups.
- Addinga screen lock PIN code.
Essentially you have to go through System Preferences andcheck each thing one-by-one. The computer is now back to factory settings soany tweaks and customizations you previously made will be gone.
Best Encrypted Hard Drive
There is a great guide called Hardening macOS which gives you a huge list (morethan 40) of security precautions you should carry out with a fresh install ofmacOS. I highly recommend you refer to it and do as many of them as possible.Some of it might sound like overkill but you can never be too careful.