I am considering putting personal documents inside DevonThink.

Is there a capability to encrypt documents, or are they already safe inside the dtBase?

I don’t put much faith in DT’s security, and I’m not sure anyone really does. I don’t think it was intended to act as more than a deterrent to casual thieves. (I might be wrong, of course)

Have you considered using PGP or something similar (GNU has an free software equivalent, with the necessary freedom and difficulty)? Based on my wretched experiences, I’d really avoid FileVault, but IIRC PGP and Gnu Privacy Guard do folder encrypting very well.

Another option is an encrypted disk image that contains your DT database. You can only encrypt (through OS X Tiger’s Disk Utility, at least) with AES-128, but depending on your desired privacy level that might be enough for you.

I’ve never really cared too much about my privacy, so I don’t have much experience with this sort of thing. If someone wants to steal my wife’s and my identities and our $130 000 in school debt, they’re more than @#$%ing welcome to. What are they going to do, open a credit card? (insert Sam Kinison laughter)

Safe for what?

Inside the database, the files are exactly as secure (or insecure) as any other file on your system.


Kalisphoenix is on target. The password protection for DEVONthink databases is secure enough to protect data from normal prying eyes. Unfortunately, it’s secure enough to protect itself from the vast majority of users who forget their passwords. In the latter case, the remedy is to ftp (see FAQ) the database to DEVONtechnologies, where the database can be cracked. As that would defeat the purpose of keeping confidential data concealed from other eyes, if you use password protection, please don’t forget your password.

I would never enable File Vault on my computers. Too many things can go wrong.

We recommend encrypted disk images to users who want high-level security. Disk Utility gives the option of using 128 or 256-bit encryption. If you do this and forget your password we can’t help you. The National Security Agency could possibly get in, but they won’t do it for you unless you convince them that you are a threat to national security – which would not be a win-win situation for you.

The majority of cases where password protected files are cracked happen through human engineering, not computer hacking. The intruder gets in by persuading the data owner to give him the password, or finds the password on a sticky note attached to the monitor, or tries obvious passwords such as the data owner’s birthday, wedding anniversary, dog’s name or the name of a family member. So much for the level of encryption. :slight_smile: