Devonian Times Masthead

The DEVONtechnologies Blog

How to Encrypt an Existing Database

April 16, 2024 — Jim Neumann
Screenshot showing an encrypted database in DEVONthink.

When DEVONthink 3 debuted, it came with the option of creating a truly secure, encrypted database. If you have an unencrypted database and would like to convert it to an encrypted one, here is how you do it.

First of all, this process requires you to sync the database. To avoid issues with network connections and remote servers, a sync to a local sync store is suggested. This local sync store can even be put on a connected external drive, if space is at a premium. However, you can use an active sync location as well.

Secondly, it’s a good idea to check out the Help > Tutorials > Use Encryption or the Getting Started > Building Your Database > Encrypted Databases section of the built-in Help or manual. This will help clarify the Size component of the encrypted database.

  1. Do a File > Verify & Repair on the database and make sure it’s healthy before proceeding. Check Window > Log for errors and clean up what needs to be tended to.
  2. Select File > Database Properties and note the size listed at the bottom of the popover. This is critical information for the process.
  3. Sync the database.
  4. Once the sync is finished, select the database in the sidebar. Choose File > Delete Database, enabling the confirmation checkbox, and pressing delete. The database will be moved to the trash. (And yes, this is the correct step to take.)
  5. Go back to the sync location and the database should now be shown in the Remote section of the databases list on the right.
  6. Control-click the database and select Import Encrypted Database.
  7. Choose the location to save the database, ideally the Databases folder in your home directory. Then…
    • Set the desired password.
    • Set the maximum expected size of the database. This would include the size noted in step 2 and space for future growth.
    • The name should be automatically populated.
  8. Press Save and DEVONthink creates the encrypted database.
  9. If you no longer need the local sync store, e.g., you are syncing via another method, you can remove it from the Sync preferences.

Note this process has the benefit that will not change item links or date metadata, e.g., Date Added, for items in the database. There should also be no interruption in syncing. Now you have a clean and secure encrypted version of your database!

A few notes:

  • We do not recommend using encrypted databases unless they’re actually needed.
  • You must remember or record the encryption key for the database. If you forget it or can’t find it, your data will be forever locked away. Secure here really means secure.