Encrypted Containers - Mac

Owned by Former user (Deleted)
Dec 03, 2018
2 min read

Creating Encrypted Containers with Disk Utility

Current versions of the macOS include the ability to create encrypted disk images.  This allows you to create a password-protected container file that will mount as an additional drive in the Finder only after a decryption key is entered -- without the decryption key, the data is unreadable by anyone who merely has access to the file.

The following instructions will walk you through basic setup using the built in Disk Utility application.  (If you wish to use a third-party tool -- you can reference the instructions for Windows users -- they are very similar.)

If you are interested in a full-disk encryption solution -- please contact the WCTS Help Desk or the Information Security Office for a discussion about the options available to you.


** Reminder:  modern encryption tools are very powerful.  If you lose or forget your decryption key (password) -- the encrypted data is effectively lost.  Proceed with caution and understand the potential data loss risks.


To create a new protected container:

  1. Launch the Disk Utility application (located in /Applications/Utilities)

  2. Select Blank Image… from the File → New Image menu

  3. Name the file and select your desired storage location

  4. Enter the name you want to appear when the container is mounted in the Name: field

  5. Enter the desired size of your container in the Size: field

  6. Choose Format:  - default is fine

  7. Select Encryption level from dropdown - (use 256 unless; this is large, complex container)

  8. Enter and confirm password for the container

  9. Click Save

  10. The protected container will be created as a .dmg file and mounted on your desktop.

To mount and use your encrypted container:

  1. Double-click on the .dmg file in the Finder

  2. Enter the container password

  3. The container will automatically mount on your desktop

  4. The container will automatically dismount upon log off.

To disconnect the container/drive letter without logging out:

  1. Drag the container’s desktop icon towards the trash icon

  2. Drop the container icon on the ‘eject’ icon


Encrypted file containers can be moved and used on multiple Macintoshes.

If you need to exchange containers with Windows computers you must use the third-party tool called VeraCrypt.