A Quick and Dirty Guide to Encryption


This is by no means an exhaustive or even the best possible set of methodologies to keep your data safe. Indeed, nothing can keep you totally safe in this realm. If the recent Apple vs the FBI fiasco has taught us anything, it's that if someone wants your stuff bad enough, they're probably going to get it. 


What you can do though, is not be the low hanging fruit, and here are some things to do:

Whole Disk Encryption 

This is first option can seem like the most intimidating and tedious to implement, but if you follow the strong but memorable password instructions below you should be fine. Basically, what your telling your machine to do is encrypt everything on the startup disk (the one that holds the operating system and very likely the bulk of your software) 

Mac - File Vault

If your computer happens to be new, or you are relatively assiduous about downloading your software updates and you have Mac OS 10.10 "Yosemite" or newer, I have good news for you. File Vault, Apple's built in whole disk encryption utility COULD be running for you already, if you were presented with a screen of a house with a vault picture on it at setup and you opted in at setup.

Official Apple Support Page On Enabling File Vault

Mac - External Disks 

Encrypting an external disk with Mac OS is as simple as right clicking the disk in question and choosing "Encrypt [Disk Name]." You will be asked to provide a password and then OS X will then chug along its merry way and encrypt the disk. NB1: If there's a lot of data already on the disk this will take some time to complete. NB 2: Like with File Vault once the password is entered the data will stay open and readable until the host machine is powered down or the disk is unmounted. 


Strong Passwords 


The excellent comic above (click the image for the site) explains, essentially, how a password should be made.

  1. Sheer length is the easiest way to add cryptographic complexity to a thing.
  2. A sequence of words is the easiest thing to remember. 
  3. The more absurd the phrase the more memorable.

The "Youman" Element

The biggest threat to security is not some super hacker or rouge Googler with access to a giant server farm. It's the social engineer. It's the guy who builds out a perfect copy of the Google website and tricks you into putting your login details into a spreadsheet. 

Another source of much grief is the lost passport card/book/document. In a perfect world you would follow the horse battery staple method to make a strong memorable password that you never need to write down. HOWEVER. If you ARE gonna write your passwrords down, do it analog (not on a computer) and treat whatever that is like a combination of money and your social security card.