Creating an Encrypted Disk Image on macOS | Information Technology | University of Pittsburgh

You are here

Creating an Encrypted Disk Image on macOS


The Disk Copy or Disk Utility feature for macOS can be used to create an encrypted disk image. Encryption means it requires a password to open or become available (to "mount"). An encrypted disk image acts as secure storage space and can be used like any other disk image file. It may be copied to or created on network volumes or removable media, including Zip drives, USB flash media, or FireWire hard drives. Each encrypted disk image is protected by a password. The following document explains how to create, mount, and unmount an encrypted disk image.

Important: If you forget the password to your encrypted disk image, the data on that disk image cannot be recovered.

Getting Started

Files can be moved to or from an encrypted disk image as easily as you can from a non-encrypted disk image. Please be aware of the following when using an encrypted disk image:

  • Backup programs will need to back up the entire image if any files within it have changed, since the image appears as a single file.
  • There is no way to change the password on an image file.
  • An encrypted disk image cannot be used as your home directory.

Complete the following steps to create an encrypted disk image for your version of macOS v. 10.4 or greater.


  1. Click Go, Applications, Utilities, and then click to open Disk Utility.
    Disc Utility Icon
    Note: You can also click the New Image button and go to Creating a New Blank Image section.
  2. Choose File, then New, then Blank Disk Image.
    File Menu
  3. A New Blank Image window will display.
    New Blank Image Window
  4. Enter a name in the Save As field. This name is used for the disk image (.dmg) file.
    Save As FieldSave As Field
  5. Enter a name in the Name field. This name displays when the disk image file is opened (mounted).
    Name Field
  6. Select the Size of the image file from the drop-down menu.
    Size Field
  7. Choose the Encryption option 128-bit AES to encrypt the image.
    Encryption Field
  8. Select the volume Image Format from the drop-down menu. The default “read/write” option is recommended. Click the Create button.
    Image Format Field
  9. Enter and verify a secure password when prompted and click OK.
    Password Screen
    Note: Ensure the box next to Remember password (add to keychain) is unchecked. This ensures that no one will be able to determine the password for your encrypted drive by checking your keychain.

Mounting and Unmounting Encrypted Disk Images

  1. After the encrypted disk image has been created, it will automatically mount for the first time and files can be copied to this location. The named volume disk image will display above the mounted source file.
    Mounted Disk Icon
  2. When you are finished using the encrypted disk image, you must unmount the image. Drag its icon to the trash or select the eject button next to its icon in any finder window. In the example below, the encrypted disk image is named “personal."
    Finder Window
  3. To mount the image again, simply double-click on the disk image you created. In the image below, the disk image is named personal.dmg. You will see it at the top of the list.
    Finder Window
  4. Enter your password when prompted. Click OK. Your disk image should be mounted.
    Authenticate Password Prompt
    Note: Always remember to unmount your disk image when you are finished with it.