The University of Texas at Austin

Security Awareness

Encrypting Files on Your Mac OS X Computer Using TrueCrypt

This procedure describes how to encrypt individual files or groups of files on your Mac OS X 10.4 Tiger or higher computer using the TrueCrypt encryption software. Once you complete this procedure, you may notice that your computer slows down a bit as you open and close encrypted files.


If you lose, forget, or otherwise misplace the password for encrypted files you will be permanently unable to recover the contents of these files. Please be sure to store your password in a secure location.


The installation of TrueCrypt and the creation of TrueCrypt volumes requires administrative privileges on your machine.

TrueCrypt never saves any decrypted data to a disk - it only stores the data temporarily in RAM (memory). Even when the volume is mounted, data stored in the volume is still encrypted. When you restart or turn off your computer, the volume will be unmounted and all files stored on it will be inaccessible (and encrypted). Even when the power supply is suddenly interrupted (without proper system shutdown), all files stored on the volume will be inaccessible (and encrypted). To make them accessible again, you have to mount the volume.

If you share your computer, be aware that if owner and file system permissions are not set correctly a mounted TrueCrypt volume may be visible to other logged in users. Contact your system administrator for more information.

Installing TrueCrypt

To install the TrueCrypt software used to encrypt files, follow these steps:

  1. Visit the TrueCrypt downloads site and download the latest stable version.
  2. Run the TrueCrypt installer.

Creating the TrueCrypt Volume

To create an encrypted TrueCrypt volume to store your sensitive files, follow these steps:

  1. Go to Applications > TrueCrypt and run the TrueCrypt program.
  2. Click the Create Volume button.
  3. Ensure Create an encrypted file container is selected and click Next.
  4. Select Standard TrueCrypt volume and click Next.
  5. On the Volume Location screen, click the Select File... button.
    • Navigate to a directory of your choosing (for example "Documents").
    • In the Save As: dialog box, enter a name for your volume (for example "My Volume")
      Note: Be sure not to choose an existing file, as doing so will not encrypt the file but overwrite it causing data loss.
    • Click Save.
  6. Click Next.
  7. Choose an Encryption Algorithm and a Hash Algorithm (if you are unsure, choose AES and SHA-512) and click Next.
  8. Specify a volume size. Ensure that the size is large enough to accomodate the files you wish to encrypt.
  9. Choose a good volume password, store the password in a safe location, and click Next.
    • Passwords should be stored in safe, secure locations which include but are not limited to safe deposit boxes, safes, or locked cabinets in secure rooms.
  10. On the Cross-Platform Support screen, specify if you will be using this volume on platforms other than Mac OS X.
    • If you choose an option other than I will mount the volume on other platforms you will not be able to access these files with the Parallels or VMWare Fusion software.
  11. Move your mouse as randomly as possible within the Volume Creation Wizard window for at least 30 seconds. This significantly increases the cryptographic strength of the encryption keys.
  12. Click Format.
    • When prompted for a password, enter your Mac OS X administrator password.
  13. When prompted that "The TrueCrypt volume has been created and is ready for use" click Exit.

Mounting your TrueCrypt Volume

In order to use your TrueCrypt volume to encrypt data or read data that has already been encrypted, you must first mount the TrueCrypt volume.

  1. Go to Applications > TrueCrypt and run the TrueCrypt program.
  2. Select a drive letter where you want to mount the TrueCrypt volume.
  3. Click the Select File... button.
  4. Navigate to your volume file, select it, and click Open.
  5. Click Mount.
  6. Enter your volume password and click OK.

Encrypting Your Data

To encrypt your data on a mounted TrueCrypt volume, follow these steps:

  1. Open your mounted secure volume.
  2. Move (cut and paste) your file to this volume.
  3. Your file is now encrypted.

Sharing Encrypted Data

If you would like to share encrypted data with another individual, create a seperate TrueCrypt volumecontaining only the data and files you wish to share. You will also need to provide the volume password for this additional TrueCrypt volume.

In order to prevent unauthorized access to the ecrypted data, you should send the volume file and the volume password via different methods.

Note: If you plan to share your volume password, make sure that the volume password is not the same as your UT EID password or the password you use for any other TrueCrypt volumes.