they whom i call Godfrey DiGiorgi wrote:
* Note that when you created the disk image, if you click the option to include the password in your KeyChain it will not require that you type in a separate login when you login to your account. This is less secure ... anyone who can login to your account can get to the contents of your encrypted disk image. If you do not include it in your keychain, you'll need to input the password when you login to your account separately.
a more secure approach, which i use, is to set the login keychain (the default keychain, that is) to have a different password than the user account; this means that the login keychain won't open automatically on login -- when something needs the keychain it will prompt you for the password; then use the "Change Settings..." menu in Keychain Access to lock the keychain after a certain amount of activity, and to also lock when sleeping
the result is that items in the keychain (such as the passwords for encrypted disk images) are secure unless someone gets to your machine before the lock is triggered (and knows what they are looking for)
oh, and another thing to watch out for if you are encrypting large amounts of data such as email is that each time you update an encrypted disk image, a potentially very large file changes on the disk; if you are using Time Machine (or other incremental backup techniques) then a whole lot of data may need to be backed up for each small change
-- PDML Pentax-Discuss Mail List [email protected] http://pdml.net/mailman/listinfo/pdml_pdml.net to UNSUBSCRIBE from the PDML, please visit the link directly above and follow the directions.
