Tips & Things to Consider using File Vault 1 for Mac OS X
NOTE: These tips, except for #3 backups, do not apply to File Vault 2 which is part of OS X 10.7.5 or later.
FileVault creates an encrypted disk version of your User file. Because of this, it is recommended that you move your iTunes and iPhoto libraries out of your home directory and into the shared folder.
- Move your iTunes and iPhoto libraries into /Users/Shared. FileVault takes your entire home folder and encrypts it into one big file; by moving iPhoto, iTunes, and movie files out, you can keep the size of this file down and improve reliability. In iTunes, go into Preferences: Advanced, and select where to keep your iTunes Library. Make sure you check the box that says ‘Keep iTunes Music Library Organized’. Then go into Advanced: Consolidate Library, and iTunes will move all your files for you. For iPhoto, just move your iPhoto Library. The next time you launch iPhoto, it will ask you to point it towards your library.
- Create a maintenance user account with administrative privileges. In System Preferences, just click on Accounts and add the user there — make sure it’s an Administrator account. You could name it ‘Maintenance’, and gave it a secure passphrase. This account is critical – without it, if your FileVault gets corrupted, you are in serious trouble.
- Back up your entire hard drive with TSM (Tivoli Storage Manager). Backing up your hard drive protects you against the risk of losing data through the process of disk encryption.
- Make sure TSM is set for incremental backups. Incremental backups keep track of changed files, while a whole drive backup is merely a clone. The risk of having only a clone is that your backup might be corrupt, and without the copies of your files you won’t be able to restore.
- Go into System Preferences; click on Security. Set a master password for your computer; your NetID password is a good choice. Make sure you have a copy of this password and DO NOT FORGET IT; this might be the same as the Maintenance password, since they both provide control over your computer (albeit in different ways). Record the password and store it somewhere safe.
- Check the settings on the bottom to: a) Require a password to wake this computer, b) Disable automatic login, and c) Use secure virtual memory.
- Click the button at the top to Turn on FileVault.
- This can take a while. Wait.