Time Machine: Enable encryption on a locally connected disk without deleting the existing content of said disk?

time-machine backup encryption

Solution 1:

According to Apple's support documentation, you need to remove the disk and re-add it as an encrypted disk:

  1. Choose Apple menu > System Preferences, then click Time Machine.
  2. Click Select Disk or Add or Remove Backup Disk (if you have multiple backup disks).
  3. Select your backup disk, then click Remove Disk.
  4. Set up the disk again as an encrypted backup disk.

Solution 2:

Time Machine uses a disk image if you are backing up over the network (e.g. to a file server, Time Capsule, or something like that); if you opt to encrypt these backups, it uses an encrypted disk image. If you are backing up to a directly connected volume (e.g. FireWire), it just stores the backup files in a folder (backups.backupdb) on the volume; if you opt to encrypt these backups, it encrypts the entire volume (by formatting it in the Mac OS Extended (journaled, encrypted) format).

This means that if you want an encrypted (direct-connect type) backup, you need to encrypt not just the backup, but anything else on the backup volume. If you want some of the disk to store unencrypted files, you'd need to partition it into two volumes (and encrypt just one of them).

The good news is that it should be possible to convert the existing volume to the encrypted variant of Mac OS Extended without deleting its contents. This should leave your backup history intact. To do this, secondary-click (right-click or Control-click) on the backup volume's icon in the Finder, and choose 'Encrypt "<volumename>" from the shortcut menu. It'll prompt for a password and hint, then begin converting the volume over to encrypted format. The volume will still be usable during the conversion, except for a short period when it's unmounted and then remounted in the new format. You can even unmount, shut down, sleep, etc as it encrypts, but all of these will pause the encryption process (until you remount/restart and mount/wake/whatever) and your data is not fully protected until the encryption process has finished.

Warning: I haven't tested this very extensively. I did a quick test on a spare computer, and after conversion it recognized the entire backup history & seamlessly added new snapshots to the backup. But there's a possibility it might not always work, so I can't make any promises.

Related

iPhone Today View for Apple calendar Whats Up Next showing wrong time
Apple - No devices are registered in the Developer's account
How to unmute headphones by default when plugged into MacBook Pro?
Logitech MX Keys connects to dock but does not connect to mac
Default macOS certificates not trusted and not verified by third party
Which USB to RS-232 serial drivers are installed by default on macOS?
Cannot start any Virtual Machine anymore on High Sierra [duplicate]
How do I stop my Mac from trying to open new tabs when I make normal clicks?
Switching SIM cards or switching to a secret 2nd number
Command Line Tool to Batch Convert .EML/.EMLX/.MBOX to Searchable PDFs?
Is my computer being hacked?
How do I change my icloud