PGP Whole Disk Encryption support for removable and non-boot fixed disks was added for Macintosh OS X in PGP Desktop 9.5. This article provides instructions for how to protect a disk with PGP Whole Disk Encryption.
HOW TO: Protect disks with PGP Whole Disk Encryption
Here are some things to consider before you begin using PGP Whole Disk Encryption:
1. The larger the disk or partition being encrypted, the longer the encryption process takes. Other factors that may affect encryption speed are, among others:
2. Generally, with an average system, an 80 GB boot disk or partition takes approximately three hours to encrypt using PGP Whole Disk Encryption (when no other applications are running). A very fast system, on the other hand, can easily encrypt such a disk or partition in less than an hour.
3.Your system is somewhat slower than usual during the encryption process, although it is fully usable. It returns to normal operation when the encryption process is complete. PGP Desktop automatically slows the encryption process if you are using the system.
4. The encryption process is faster if you avoid using your computer during the initial encryption. If you decide to run other applications during the encryption process, those applications will probably run slightly slower than normal until the encryption process is over.
5. You can hide PGP Desktop during encryption. This does not affect the process.
6. To stop the encryption process for a short time, use the Stop button, then click Pause in the dialog box. You need to authenticate after you click Resume.
7. To shut down the system before the encryption process is over, perform a normal shutdown. You do not need to pause the process. When you restart, the encryption process resumes where it left off.
8. Encryption cannot begin on removable disk connected to a laptop computer if the laptop is running on battery power. It must be running on AC power. If a laptop computer goes on battery power during the initial encryption process (or a later decryption or re-encryption process) the activity is paused. When AC power is restored, the encryption, decryption, or re-encryption process resumes automatically.
9. Regardless of the type of computer you are working with, your system must not lose power, or otherwise shut down unexpectedly, during the encryption process. Do not remove the power cord from the system before the encryption process is over.
To protect a disk or partition using the PGP Whole Disk Encryption feature:
|Note: The Passphrase Quality bar provides a basic guideline for the strength of the passphrase you are creating by comparing the estimated amount of entropy in the passphrase you enter against a true 128-bit random string (the same amount of entropy in an AES128 key). Filling the Passphrase Quality bar should give you a strong passphrase that could take billions of years to brute-force decrypt.
Normally, as an added level of security, the characters you type for the passphrase are not visible on the screen. However, if you are sure that no one is watching and you would like to see the characters of your passphrase as you type, select the Show Keystrokes checkbox.
If the encryption process stops and PGP Desktop indicates a disk read/write error, it means that PGP Desktop has encountered bad sectors on your disk or partition during the encryption process. Immediately reverse the encryption process by decrypting the portion of the disk or partition that has been encrypted, then use your disk verification tools to find and resolve the problem.