Securing Your Sensitive Data

posted November 7, 2007

People often comment about what a pain it is to remember different passwords for various different computer and online accounts they have. This can lead to using the same password for multiple accounts, writing passwords on Post-it notes and sticking them to monitors, and other unsafe (and unsightly) work-arounds to keep track of passwords.

Apple's Keychain can be a good solution to the problem of securely storing some passwords, but some accounts don't work with Keychain, and there are other types of sensitive data like credit card numbers, software serial numbers, and online account information that also need a safe place to live. Luckily, there is a free, and easy to use solution that comes with every Mac. This step-by-step tutorial shows how to create an encrypted disk image for securely storing sensitive data. These directions are written for Mac OS X 10.5 Leopard, but the procedure is similar for older versions of Mac OS.

  1. Open Apple's Disk Utility and choose "Blank Disk Image..." from the "New" sub-menu of the "File" menu. Disk Utility is located in the "Utilities" folder inside the "Applications" folder.
  2. New Blank Image DialogType "StrongBox" in both the "Save As" and "Volume Name" fields. This will be the name of the encrypted disk image file as well as the name of the disk when it is unencrypted and mounted on the desktop.
  3. Choose "Desktop" from the "Where" pop-up menu. You can save it somewhere else, but remember where you put it and do make regular backups of this file in the future.
  4. Choose the smallest size you can from the "Volume Size" pop-up menu. It is not likely that your passwords and other sensitive text will ever exceed that amount of space, but if you think you might need to store larger files in your StrongBox, adjust this number accordingly.
  5. Choose at least "128-bit AES encryption (recommended)" from the "Encryption" pop-up menu.
  6. Choose "sparse disk image" from the "Image Format" pop-up menu.
  7. Click the "Create" button.
  8. You will be asked for a password for the disk image. Type it in both fields, uncheck the "Remember password in my keychain" checkbox, and click the "OK" button. If you leave the Keychain checkbox checked, someone else accessing your computer can get into your StrongBox if you're already logged in and have entered your Keychain password. After a few progress bars, you should have a new disk image file named "StrongBox.sparseimage" (or whatever you named it), and the resulting disk image should already be mounted on the desktop. Quit Disk Utility.
  9. Open TextEdit, type your confidential password, credit card, serial number, and account information in the TextEdit window, save the file inside the StrongBox disk (give the file a name like "Confidential Info"), and quit TextEdit.
  10. Double-click the mounted StrongBox disk (not the "StrongBox.sparseimage" file) on the desktop, and drag the "Confidential Info" file to the Dock and let go on the file side (right or bottom depending on Dock orientation) of the Dock separator.

Note that your "Confidential Info" file is not secure as long as it is open and/or the StrongBox disk is mounted on the desktop. To secure your sensitive data, simply close the file in TextEdit and unmount the StrongBox disk by clicking once on the disk icon and choosing "Eject StrongBox" from the "File" menu. Once you've secured your data, you can access it again by clicking the "Confidential Info" file icon in the Dock, typing your password, and clicking the "OK" button.