Hi there,
Should I choose encryption for my new drive for TimeMachine?
Thanks
Should I choose encryption for my new drive for TimeMachine?
Thanks
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Encryption of TimeMachine or not?
- Thread starter Gutti
- Start date
-
- Tags
- timemachine
- Sort by reaction score
It definitely can't hurt (with the exception of the fact that if you lose/forget your password, you're screwed). If there is any sensitive information being backed up there, then definitely encrypt your backups (and encrypt any other drives with such info). I've been doing this for years.
This article is very instructive about key questions to ask before encrypting a local backup. I make sure to have at least one unencrypted backup of things like my photolibrary.
www.imore.com
Fail safe vs. fail secure: What everyone gets wrong about backups
When it comes to encrypting your backups, is data loss or data theft your bigger threat?
www.imore.com
Last edited:
This article is very instructive about key questions to ask before encrypting a local backup. I make sure to have at least one unencrypted backup of things like my photolibrary.
Fail safe vs. fail secure: What everyone gets wrong about backups
When it comes to encrypting your backups, is data loss or data theft your bigger threat?
This is a good reminder to be super careful with backup passwords, but I wouldn't leave my stuff unencrypted like that.
If someone stole my Mac, it would suck but 1) I could replace it and 2) everything inside is encrypted so I don't worry about this hypothetical thief rooting around in my stuff. Chances are pretty good a burglar would also steal my Time Machine drive, and if it was unencrypted I'd be very uneasy knowing everything I have may well be accessible.
So, I keep my Time Machine drive encrypted with a password stored securely on 1Password. Same goes for my offsite backup drive.
I'd say it depends on the data you've put on your Mac. If you use your computer for business purposes or store anything personal that is sensitive or confidential, you should encrypt your Time Machine drive as soon as possible. As well, if you use a portable drive for Time Machine, I would encrypt it because it is easier to lose or steal than a desktop drive.
My personal backup workflow uses Carbon Copy Cloner on a portable drive and Time Machine on a desktop drive, both encrypted (more detail here). I also put copies of things that are irreplaceable but not sensitive, such as family photos, on unencrypted USB flash drives to avoid the situation mentioned by @usagora.
----------
ETA
A couple of comments on the iMore article linked earlier in this thread:
- I think the advice based on opinions from corporate IT workers doesn't take the massive difference in resources available to companies versus individuals into account. If, say, Apple suffers a data breach or loses access to some data, it has a lot of money, expertise, and employees available to deal with problems. A small business owner or home user, on the other hand, could end up in a catastrophic situation if a bank account is drained or confidential information is stolen.
- The article is a few years old. Now that spinning HDs and high capacity USB flash drives are pretty inexpensive and password managers are common, I don't feel there is any need to risk keeping backups unencrypted if you have data to protect.
Last edited:
This is my opinion only.
One should not make a backup that is "hard to get at" in a "moment of extreme need".
That is to say, if you encrypt a backup, it can then throw up "one more roadblock" to you recovering that data when you actually need to.
If the data on the backup is THAT critical, then either keep it in a locked drawer or in a safe, or hidden.
I want my backups to be "easy to access" when I need them!
One should not make a backup that is "hard to get at" in a "moment of extreme need".
That is to say, if you encrypt a backup, it can then throw up "one more roadblock" to you recovering that data when you actually need to.
If the data on the backup is THAT critical, then either keep it in a locked drawer or in a safe, or hidden.
I want my backups to be "easy to access" when I need them!
As per above if you have unencrypted sensitive data that you don't want exposed then it makes sense to encrypt. In my case all of my sensitive data such as passwords is already encrypted so I don't need to encrypt the drive, i.e. double encrypt it.
As above when you are in a panic trying to restore a system you don't want to encounter any encryption issues if you can avoid it. Be aware that a TM backup can be only one of the recommended 3 in a 3-2-1 backup strategy.
As above when you are in a panic trying to restore a system you don't want to encounter any encryption issues if you can avoid it. Be aware that a TM backup can be only one of the recommended 3 in a 3-2-1 backup strategy.
If you have a single backup then I'd probably be evaluating whether there's valuable personal data on the machine. If you have ( as you should) more than one backup then I'd say definitely encrypt
I think if one uses a proper password manager (which is a must in the year 2022, IMO) then adding a password to one's Time Machine backup need not throw up any kind of significant barrier to restoring files.
I see what you're saying about a locked drawer, etc. But I also keep a backup offsite, and you couldn't pay me to leave that unencrypted!
Thanks to all of you for sharing your thoughts. All have been helpful.
With the release of 16.2 and Advanced Data Protection the topic of encryption has been on my mind.
Like most on the thread I have multiple cloud and multiple external drive backups. Drives are currently unencrypted. Again, like most, I try to imagine the worst case. I keep my drives stored away far from my MacBook so it’s doubtful any thief would find them. Most thief’s are likely after things they can sell rather than my vacation photos. It seems extremely far fetched that anyone is going to break in, steal my drive then go through my data in order to read my boring texts.
Having said all that, it seems equally far fetched that my laptop would be stolen, fail or be destroyed and my cloud backups would not be accessible and I’d forget my encryption password.
So for me I’m down to either solution being good. I’ll give it more thought to see if a clear winner emerges. I’m considering encrypted backups at home and an unencrypted backup in a safety deposit box. Which is probably a wimpy-I-can’t-decide solution.
With the release of 16.2 and Advanced Data Protection the topic of encryption has been on my mind.
Like most on the thread I have multiple cloud and multiple external drive backups. Drives are currently unencrypted. Again, like most, I try to imagine the worst case. I keep my drives stored away far from my MacBook so it’s doubtful any thief would find them. Most thief’s are likely after things they can sell rather than my vacation photos. It seems extremely far fetched that anyone is going to break in, steal my drive then go through my data in order to read my boring texts.
Having said all that, it seems equally far fetched that my laptop would be stolen, fail or be destroyed and my cloud backups would not be accessible and I’d forget my encryption password.
So for me I’m down to either solution being good. I’ll give it more thought to see if a clear winner emerges. I’m considering encrypted backups at home and an unencrypted backup in a safety deposit box. Which is probably a wimpy-I-can’t-decide solution.
Why? Making the best-for-your-needs plan by taking storage locations into account is smart, not stupid.