Archived - Mac OS X 10.5: Security tips for using Time Machine over a network
Learn some security tips for using Time Machine over a network.
Don't share password(s) with all network users
Network-based Time Machine backups use disk images for individual backups. The network share containing the disk image is secured with the password specified in Time Machine preferences. Only the Time Machine administrator, or other users trusted to have access to all backed up data, should be given the password for network-based Time Machine backups.
You can turn on FileVault to encrypt data stored in your home directory. This data will also be encrypted in the backup. You can set the password to your choosing when you set up your account as a FileVault account. Make sure you use a good password.
When using FileVault, you cannot restore individual files in your home directory via the Time Machine browser. However, you can restore all files and folders by using the Restore System from Backup feature of the Mac OS X Installer.
Important: Time Machine will perform backups only when you are logged out of your FileVault-protected account.
Set up individual accounts on Time Capsule
The Time Capsule administrator can create individual accounts (on the Time Capsule device) for each computer being backed up. Each Time Capsule account will have its own network share point and password:
First, configure Time Capsule for individual accounts
- Open AirPort Utility, located in the Utilities folder in the Applications folder.
- Select the device you’re setting up, and then click Manual Setup. Enter the password if necessary.
- Click Disks in the toolbar, and then click File Sharing.
- Choose "With accounts" from the Secure Shared Disks pop-up menu, and then click Configure Accounts.
- Click Add (+), enter the user name, and then give the user a password.
- Choose Read and Write from the File Sharing Access pop-up menu.
- Repeat steps 5 and 6 for each user.
Next, mount your share point
- Click the Time Capsule icon located in the "Shared" group of the Finder sidebar and log in with the Time Capsule user account for this system. Select "Remember this password in my keychain."
- Once you log in, mount the share point that has the same name as your account by double-clicking it. A blue disk icon with the name of your account will appear on your desktop.
Finally, configure your Time Machine preferences
- Open Time Machine preferences (in System Preferences, or by choosing Open Time Machine Preferences from the Time Machine menu, or by Control-clicking or right-clicking the Time Machine icon in the Dock). If necessary, click the lock and enter an administrator name and password.
- Click "Change Disk," select the disk that has the blue icon and the name of your Time Capsule user account, then click "Use for Backup". Your Time Capsule account name should appear in the "Name:" field of Time Machine preferences.
Your Time Machine backup disk image is now configured to reside on your personal share point on the Time Capsule. Safeguard the password you created for this account.
Note: If your Time Capsule is mounted with only a password, and not a user name and password, then you have not configured the Time Capsule for individual accounts. Similarly, if anything except your personal account name is present in the "Name:" field of your Time Machine preferences, then you have not properly configured your Time Capsule for backing up to individual accounts. You should repeat the above steps in this section.
See this article for information about creating good passwords.