DT3 Archive of an Encrypted Database

MacMini, BigSur 11.1, DT3 Pro 3.6.1

I’m a new user trying to work out a strategy for protecting my more sensitive data. I use encrypted TimeMachine for local backup. And currently use my bank’s safe deposit box as offsite storage for my most important/sensitive data. So to handle that sort of information in DT, creating a separate encrypted database seemed to be a good place to start. And so I did that and DT created the .dtSparse database. I intentionally chose not to save the password to Keychain. I tried it out a couple of times and the password protection worked just fine.

I started populating the encrypted database and then got to thinking about my off-site backup. I checked out a couple of my other databases usingcould Finder>Package Contents and the .dtBase2 files had quite a bit of extra data (meta and backups). So, I figured for my backup purposes it would be a lot more efficient to just create an Archive of the encrypted database. I did this from File>Export>Database Archive. And a nice neat little .zip file appeared in my Database folder.

But when I tested it I was quite surprised. There’s a really neat feature that won’t let you unzip the file to a cloud location (my desktop is currently sync’s with my iCloud). When I opened the .zip file (I used both Archive Utility and Keka) into the Databases folder where the .zip file was, the extracted file carried the .dtBase2 extension and required no password to open.

I’d rather not have to create and manage a disk image as backup for the database.

Is there something wrong with my workflow for archiving my encrypted database. It sure was easy, just didn’t work as planned

Comments welcome

If you created a ZIP from an unencrypted database, why would you be surprised it unzips and opens without a password?

Maybe I didn’t make that clear. I archived the encrypted database.

Here’s a screen shot of how I created the Archive from the .dtSparse database E1. Maybe I’m doing something wrong. I just figured the Archive function should create a duplicate of the encrypted file including password protection.

No. That creates a ZIP of the contents of the database.
Development would have to assess an alternative behavior.