Securing an external (flash/usb) drive in mac OS X

Being the typical nerd that I am, I tend to have several different Thumb drives and some of them have confidential data on them. I try to never loose them but let’s face it, sometimes those little critters just get lost. The question is do you really want the data you keep on those drives out in the hands of the general public? I have a few different drives. A few I just use to throw junk on and transfer between computers, but I do have drives that I keep confidential data on that I use as a backup from my computer. So I faced the issue of if that drive came up missing not freaking out that my data is in the hands of someone who might use it maliciously.

I use Mac OS X Lion and so I first tried turning to the trusted File Vault, but alas, as you may have found if you’ve looked yourself, this is only available for the local hard drive OS X Lion is installed on. So what do we do to secure a flash/thumb/usb/external/secondary/whatever drive?

Step 1: Open “Disk Utility” app and Locate your disk after inserting the disk into your computer. *Note this can be used with any type of hard drive that uses standard partition tables.

As you can see here I have a standard 4 GB SanDisk Cruzer with a FAT partition on it.

Before we go any further let’s specify a few things. All data will be lost on this drive so please move your data to a local folder if you have important things on the drive already. Secondly, this drive that we are going to secure will only work with Mac OS X computers after we encrypt it. You will not be able to use it with Windows Computers anymore.

Step 2: Click on the Label for the drive in “Disk Utility” app and find and click the Erase tab located toward the top.

Step 3: You can see from the above we have a default set of MS-DOS (FAT) for format and UNTITLED as the Name. We will change this to Mac OS Extended (Journaled, Encrypted) and set the name to something more identifiable for us. In my case I am going to use the Name: cpierce From here we’ll click the Erase button.

Step 4: The box about creating the encrypted partition comes up and asks us to place our password into the box! We need to use something secure so the more complex the better. I also choose not to use a password hint (but to each his/her own). Once more we click the erase button after entering in the data.

You’ll see things about Switching the disk to Core Storage, Formatting Logical File System, etc. in the progress and your light should flash on your pen drive. Next we’ll test our encrypted disk as it now shows up as ready:


To test eject the drive (Command+E after clicking the drive and remove it from your computer. Insert it again and you should see the following:

You have a few options here. If this is your computer you can remember this password in my keychain if you’d like. If not, or if you insert this into another Mac, you’ll be asked for the password credentials each time the pen drive is inserted. The drive will remember until the computer is rebooted, or the drive is removed (Unless you Remember the password in the keychain of course).

Enjoy and I hope this helps someone. *Note* If you forget your password, you can always repeat the steps, but this is going to cause the data contents to be wiped from the drive. Now you can safely lose your external drive.

Join the Conversation

2 Comments

Leave a comment

Your email address will not be published. Required fields are marked *