OS X: Encrypting Time Machine Backups

No, no, I’m kidding! Don’t leave. Luckily for you (and for me, since I don’t have to write so much), I covered some easy ways to encrypt external drives in a tip from last year. But as far as Time Machine backups go, you’ll need to do something a little bit different to make sure those are safe and encrypted—and you might even need to wipe the disk in question to accomplish your task. Yuck.

Just FYI: The instructions below assume you’re setting up a new encrypted Time Machine backup, but if you have questions (or if you run into a scenario I don’t mention), run on over and check out Apple’s support article on the subject. In fact, I’m gonna say you should just read that page first no matter what. I’m paranoid like that.

Anyhow, what you’ll do to get started is open System Preferences and click on the Time Machine pane.

Time Machine iconWithin that, you’ll see a few choices. There’s a big switch that lets you toggle Time Machine on and off; there’s an “Options” button, under which you can choose what items you want to exclude from your backups; and then there’s the “Select Disk” button.

Time Machine preferencesClick on “Select Disk,” and you’ll see everything available you are or could start backing up to. 

Time Machine's Encrypt Disk optionWithin that dialog box, pick a destination and turn on the “Encrypt backups” checkbox I called out above. After you hit “Use Disk,” your Mac will ask you to create a strong password to secure your backups.

Setting a Time Machine passwordDon’t forget that password, please. Like, really.

Finally, if you do happen to be trying to encrypt an existing backup set and OS X has to erase the drive or your backup history (because, for example, your drive isn’t formatted properly to be encrypted or because your backups are on a Time Capsule), it should warn you what it’s about to do and why.

Time Machine's Erase Disk warningFor what it’s worth, there’s some debate about whether it’s better to encrypt your backups (for improved security) or leave them unencrypted (which offers potentially easier restoration if something goes wrong). I fall firmly on the side of “better security” as long as you have multiple backup sets, including some off-site. For more info and instructions on backup redundancy, check out my previous tip about making clones of your Mac, and then go and back up to your heart’s content. And make sure you have at least seven different backups kept in seven different locations across the globe. Or is that just me?

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

WIN an iPhone 16 Pro Max!