Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!

10.7: Enable Time Machine encryption on Lion System 10.7
Time Machine finally supports encryption; here's how to activate it.

At the Time Machine preference pane, go to Select Disk... and select the disk you're currently using for backup. Check the checkbox in this dialog to Encrypt backup disk. Give it a good password, and never lose it. You probably won't need it ever again unless you recover the backup from a different machine, so remembering it would be tricky.

Requirements for encryption are just Mac Extended (Journaled) file system on a GPT-partitioned disk. I'd speculate it uses the same method as FileVault2, but I don't know.

It does appear to be non-destructive. When I enabled it, it did a long 'preparing for encryption' step (probably a check disk), a quick backup, and now its sitting there encrypting. It is taking a while too, so it might encrypt the whole file system, which will block recovery from anything older than Lion.

Post experiences below. Just to be safe, have another good backup on another disk.

[crarko adds: I don't need encrypted backups, but if you do, the option is now there. As mentioned in the hint, expect this to take quite a while the first time.]
    •    
  • Currently 4.00 / 5
  You rated: 5 / 5 (8 votes cast)
 
[60,216 views]  

10.7: Enable Time Machine encryption on Lion | 13 comments | Create New Account
Click here to return to the '10.7: Enable Time Machine encryption on Lion' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
10.7: Enable Time Machine encryption on Lion
Authored by: andya on Jul 22, '11 08:11:25AM

unfortunately, you can't encrypt your backup to a direct attached hard drive nor to a pre-10.7 server.



[ Reply to This | # ]
10.7: Enable Time Machine encryption on Lion
Authored by: sugarquay on Jul 22, '11 09:26:07AM

Note that encrypted backups are only available on directly-connected drives, so this doesn't work on a wireless Time Capsule (the option is greyed out).



[ Reply to This | # ]
10.7: Enable Time Machine encryption on Lion
Authored by: fracai on Jul 22, '11 10:37:25AM

An alternative is to create an encrypted sparse image with the attributes that Time Machine would like to see and put that on the TimeCapsule. This is how I enabled encrypted backups under Snow Leopard and, as I don't think I'll want to encrypt my whole Drobo, probably how I'll do things under Lion.

---
i am jack's amusing sig file



[ Reply to This | # ]
10.7: Enable Time Machine encryption on Lion
Authored by: nschum on Jul 22, '11 10:53:55AM

Not on a Time Capsule/Airport Extreme, though. :(



[ Reply to This | # ]
10.7: Enable Time Machine encryption on Lion
Authored by: Lycestra on Jul 22, '11 11:12:57AM

Small updates:
Yes, this does require a physical connection to the device, so network disks won't work.
My 1TB drive just finished "converting" (encrypting) the drive (~24 hours). When I rebooted the machine for another purpose, it did ask for the password when I logged in, and if i wanted to store it on my keychain.

Some nitty gritty details for the really geeky, you can see details at the command line using 'diskutil coreStorage list'. All old drives won't show up since they don't use it. The encryption layer, which is used by FileVault2, is implemented with Lion's new Core Storage, which is a Logical Volume system to you Linux types. Simply put, it adds encryption between the hardware and the filesystem, so the filesystem itself is unmodified, just filtered thru encryption. You could use the command line interface to convert any qualified drive, but I won't provide details here (mostly because I don't know them). Another day. This would probably be most useful to users who have multiple drives, and want to encrypt more than just the boot drive without reformatting. (Disk Utility in Lion allows you to format HFS drives encrypted now too)

If I can add a speculation, Core Storage may have come out of Apple's efforts with ZFS. The song and dance of setting up logical volumes and such with community betas seemed to have similar components, but more complicated (read: unpolished) steps to construct. Again, speculation. It's a modern API addition none the less, so it probably shouldn't be construed as momentum in that direction, just that steps have been taken to improve Apple's offering.



[ Reply to This | # ]
10.7: Enable Time Machine encryption on Lion
Authored by: TrumpetPower! on Jul 22, '11 11:32:25AM

May I please take a moment to most strongly encourage people to think very, very, very hard before encrypting backups. Indeed, it's all but guaranteed that this is something you really, really don't want to do.

The whole point of backups is to be able to get to your data even if something bad happens.

The whole point of encryption is to make sure that nobody *including you* can get to your data if something bad happens.

The two concepts are mutually exclusive.

And it's that "including you" bit that people misunderstand the most. Encrypted files are extremely fragile by design. The idea is to prevent access unless it's guaranteed that everything is okay. If there's even something slightly wrong, your data may well be rendered perfectly unreadable. If you're going to your backup, it's because the original is already toast...and now so is your backup as well.

The *only* context in which encrypted backups even theoretically make sense is if the backups will be in a physically insecure location -- and there's almost no circumstance where it makes sense for an individual to leave backups in such a place. Apparently, the only way to get TimeMachine to encrypt backups is with a local disk that will be in the same physical location as the original data.

I'm willing to bet that only a vanishingly minuscule percentage of Mac OS X users are better off encrypting their backups than not. If you're one of those few, then you've already got well-established mechanisms in place for removing backups to secured offsite vaults or the like.

If you're reading this hint and you're thinking this might be cool to try...please don't. You're almost guaranteed to wish you hadn't.

(Of course, experimenting with non-critical data can be fun and educational -- my cautions only apply to people who actually care about the data they're trying to protect. And if you're the ultra-paranoid type, you hopefully are well aware of the risks and would much rather lose everything than have it fall into the worng hands.)

Cheers,

b&



[ Reply to This | # ]
10.7: Enable Time Machine encryption on Lion
Authored by: Ten on Jul 22, '11 11:54:57AM
Sorry, but this is hyperbole.

It's important to understand that if you encrypt a backup, if you lose your password you will have lost access to your backup. Additionally, if the header gets corrupted *and* the header backup gets corrupted (to my knowledge there's an automatic backup; at least that's the case with sparsebundles) then you also lose access, *but* in the very very rare event that does happened, if you're only using it as a backup drive, and you realise it's become corrupted, then you can simply make a new backup. There's of course a risk something will go wrong with your backup and your main computer simultaneously, but that's always been an issue with or without encryption.

Giving this advice to the average user is fair, but average users aren't browsing Mac OS X Hints. I think you need to give people more credit.

Personally, I'm a college student, I carry around an external HD with my laptop as my backup drive. My backup drive is, as you say, for if something bad happens, e.g. my laptop's hard drive dies. In that case, it still works as a backup. By using encryption, it ensures that if anyone steals my bag they can't have access to my files. It makes perfect sense to me and carries very little risk unless I forget my password which I shouldn't because I type it in every day.

Anyway, this is just plain wrong:

The whole point of backups is to be able to get to your data even if something bad happens.

The whole point of encryption is to make sure that nobody *including you* can get to your data if something bad happens.

The two concepts are mutually exclusive.

The whole point of encryption is that nobody can get access to your data without your permission, e.g. if someone steals your laptop. You don't want to have to be dealing with identity theft as well as having to buy a new laptop. It's not to prevent people getting to your data "if something bad happens" (like what?!)

Encrypted data is not "fragile by design" as you claim. There were problems with the original FileVault, back in Panther(!!!!) right when it was launched, that caused some people to lose some data and I fear that reputation will live with it, but your encrypted data is very safe now and a lot of engineering thought has gone into ensuring your data is safe over the last few years.

[ Reply to This | # ]

10.7: Enable Time Machine encryption on Lion
Authored by: hamarkus on Jul 27, '11 08:38:22AM

Every additional backup adds another layer of security against things going wrong. Every encryption adds another vector for things to go wrong. From a probability point of view, two encrypted backups are very likely safer than one unencrypted backup but one unencrypted backup is safer than one encrypted one (from a things-going-wrong perspective not from a keeping-your-data-private perspective, there obviously encryption is a boon).
I for once would add at least one more backup the moment I start encrypting things (both main drive and backup drive). And will MacDrive support encrypted backups? Being in a situation where all your backups are on HFS+ is pretty much standard, and being in a situation where you 'only' have a Windows PC to access your backups is a possible scenario for quite a number of people.



[ Reply to This | # ]
10.7: Enable Time Machine encryption on Lion
Authored by: Frederico on Jul 22, '11 12:21:39PM

> " If you're going to your backup, it's because the original is already toast...and now so is your backup as well."

Please present your data supporting this guaranteed outcome.

Are you sure you know how Time Machine encryption works? In my testing, an encrypted Time Machine drive can be carried to any machine and, as long as you know the password used when created, can be used to restore a user as thought it were a standard TM drive.

Your assertion simply does not compute.

Respectfully

F



[ Reply to This | # ]
10.7: Enable Time Machine encryption on Lion
Authored by: Crazor on Jul 22, '11 01:05:02PM

You can take your encrypted TM backup to any other Mac running Lion (right now only Lion supports Core Storage), connect it and enter your encryption password at the prompt.

I have an SSD and a HDD in my MacBook, and the former is backed up to the latter via TimeMachine, and having the backup encrypted is a godsend. I didn't bother with FileVault before, because having an unencrypted backup is kinda pointless...

If I didn't have two disks in my MacBook, I'd carry an external drive with me for TimeMachine, and I would also encrypt it. Better safe than sorry!

Edited on Jul 22, '11 01:07:13PM by Crazor



[ Reply to This | # ]
10.7: Enable Time Machine encryption on Lion
Authored by: Crazor on Jul 22, '11 01:14:15PM

Time Machine uses the same technology to encrypt the backup volume that File Vault 2 uses to encrypt the system's disk(s): Core Storage.

Unfortunately, Lion is required to read Core Storage volumes...

I went another way to encrypt my Time Machine backup volume, since encrypting it like the hint describes took ages (even on an empty volume, before the first backup; I canceled the encryption after 20 minutes). Using Disk Utility to reformat the volume as "Mac OS Extended (Journaled, Encrypted)" resulted in the very same Core Storage volume, but this time it was "instantly" encrypted. Don't know what was going on there.
The only difference: Formatting normally and checking the encryption checkbox converts the volume to Core Storage, which is reversible later. The same with File Vault 2: If you check the checkbox, the normal volume gets converted and encrypted, but if you create an empty, encrypted volume and install Lion there, you won't be able to convert it back to unencrypted.

BTW: You can watch the encryption status by running "diskutil cs list" in a terminal.



[ Reply to This | # ]
10.7: Enable Time Machine encryption on Lion
Authored by: Crazor on Jul 26, '11 02:55:09AM

Update: Even when you create an encrypted volume with Disk Utility, the encryption can be removed. Just select File => Disable encryption in DU.

But from what I've read in diskutil's manpage, it is only possible to convert Core Storage volumes to normal volumes that were created by converting a normal volume in the first place. So I guess that disabling encryption on a volume that was created by formatting a partition as "Mac OS Extended (journaled, encrypted) will result in an unencrypted Core Storage volume.

I'm trying this right now and will report back when decryption is finished.



[ Reply to This | # ]
10.7: Enable Time Machine encryption on Lion
Authored by: hitechabyss on Dec 09, '11 08:32:00PM

Lion is still pretty new and Lion Server is still very buggy. Enabling encrypted backups is risky, and could lead to significant dataloss if you're not careful and test everything thoroughly and regularly (especially after system patches or changes).

TEST everything, including Booting from your Recovery partition, booting from your TM backup disk (that doesn't work for me) and from your las chance unencrypted backup disk (a monthly superduper/ccc disk that's kept safe and unencrypted).

I'm running Lion Server with latest patches, firmware password and every volume encrypted including 3 Time Machine disks, which I'll be undoing after I save this posting.

I rotate through multiple TM disks regularly to ensure a corrupted time machine volume only impacts a week or two of data (learned from several Leopard and Snow Leopard corrupted TM volumes). I recently had to wipe a TM disk with a year worth of backups due to significant volume issues. Luckily I had other volumes.


I also recently found that you can use multiple encr TM volumes (meaning switching active TM disks) but you CANNOT browse them (holding option and click the TM icon in the menu bar).

If you switch TM disks, it appears to remove (at least for my 2 volumes) the ability to browse other previous TM encrypted backups and claims no previous backups when you select the disk in sys preferences. The directories and data are there, just can't use the gui to get to them. THIS IS REALLY BAD. I'm filing a bug with apple later today.

I've also run into issues with Recovery Partition Boot (doesn't work, after significant effort I got the USB Recovery to boot but not the recovery on the encrypted disk. I was unable to unlock any of the encrypted volumes, something prevents it from accepting my password, after 20 attempts, it was clear I wasn't mistyping. I didn't try the recovery key though.

So BE AWARE OF THE RISK OF LOSING EVERYTHING if you're caught off guard with encrypted boot disks, firmware passwords and all encrypted backups. SAVE YOUR RECOVERY KEY to a non-connected device.

I agree that having unencrypted backups will expose your confidential data to anyone with access to it, if your TM disk *and* computer are stolen, then there was no point enabling encryption in the first.

I am glad though that it's there, I just think it's too easy to enable, and very very hard/impossible to recover.

good luck!



[ Reply to This | # ]