Will it work well to use a .dmg as an encrypted folder?
Solution 1:
Your use case is exactly why encrypted DMG were created. The external file name can be different than the actual name of the filesystem can be obfuscated while the drive is not mounted.
The only con (which kind of is a Pro) is that spotlight can't search within an unmounted image and you may want to disable spotlight entirely on that volume just in case you don't want any extra caches / extra access that isn't necessary.
Alternatives to this is storing text in a keychain secure note, especially if you keep alternate keychains for more secure information. I also find myself storing more things in 1Password when I don't need a self-contained archive for things like certain client data or certain data I wish to be doubly encrypted. (I use FileVault on most Mac these days so that everything is encrypted at least once.)
Solution 2:
Using a disk image .dmg
to hold your private documents is an ideal use of disk images. Apple provide detailed steps for setting up such a disk image, how to create a password-protected (encrypted) disk image.
Applications > Utilities > Disk Utility.app
Use the Disk Utility application to create a sparse bundle disk image with 256-bit AES encryption. These two settings ensure you have a secure container that can grow to accommodate more files in the future.
You should select a suitably large initial size, such as 8 GB or more. The initial disk image will not be 8 GB but will be able to to grow as you add files.
You should disable Spotlight indexing on your secure volume by creating a .metadata_never_index
file. You can do this through the Terminal.app:
- Mount your secure disk image;
- Launch Terminal.app;
- Change in your secure volume's root directory:
cd /Volumes/<secure volume name>
- Create the invisible never index file:
touch .metadata_never_index