Back That Data Up

Mac backup

Is Time Machine enough? An honest answer.

Time Machine is the best free backup Apple has ever shipped. For most Macs, it is genuinely enough. But there are specific situations where it quietly falls short, and you tend to find out the hard way. Here is the honest evaluation.

2026-06-28 · 8 min read

Start here: Time Machine is genuinely good

Let me say this clearly before anything else. Time Machine is the best free Mac backup ever shipped, and Apple deserves credit for it. It has been quietly protecting files since 2007. It ships on every Mac. It requires almost no configuration beyond pointing it at a drive. It runs in the background without you thinking about it. For the job it was designed to do, it does that job well.

Under the hood, Time Machine uses APFS snapshots on the destination drive and hardlinks files that have not changed, so each backup point looks like a full copy of your Mac without consuming the space of a full copy. That is technically elegant. Apple spent years getting that experience right, and it shows.

If you have one Mac, one backup drive, and your main concern is "I can restore my files if the drive fails," Time Machine covers that job for free and without fuss. Keep it running. I mean that sincerely. A free backup running is better than an expensive backup you turned off.

So when does it fall short? In a few specific situations. Not hypothetical ones. Real ones that I have seen, and that drove the decisions I made when building Back That Data Up.

The ransomware gap

Time Machine was designed in 2007 for a 2007 threat model. The concern at the time was a failing hard drive. You lose the drive, you restore from the backup. That logic still holds.

But ransomware did not exist at scale in 2007. It does now, and it changes the picture.

When ransomware encrypts your files, it does so file by file, rapidly, across your entire Mac. Time Machine has no way to detect this. It sees files changing and faithfully backs them up. The backup is of the encrypted files. By the time you notice the attack, your most recent snapshots may already contain the ransomware's output rather than your data. The clean versions you would restore from are in older snapshots, and only if the infection moved fast enough that Time Machine did not have time to overwrite them.

The technical detail that matters here: Back That Data Up monitors the FSEvents stream on your Mac. FSEvents is the operating system's own log of file changes. When BTDU sees the pattern of rapid, uniform file rewrites across many files simultaneously, it pauses the backup before those files can overwrite the clean versions in your existing snapshots. It is not magic. It is not AI. It is conservative heuristics that fail safe. But it catches the thing Time Machine cannot.

For most home users, ransomware is a low probability event. If you are a photographer with ten years of client work, a freelancer with files under active contract, or a developer with years of code and no off-site copy, that probability multiplied by that magnitude is worth thinking about.

The APFS chain problem

This one is subtle and frustrating. Time Machine stores its backup history as a chain of APFS snapshots on the destination drive. Each snapshot references the one before it. When the chain is intact, this is efficient and fast.

When the chain develops a corrupt link, everything after that link becomes unreadable. A backup that appeared healthy in the sidebar for months can quietly become useless. You find out the day you actually need it.

I am not saying this happens often. But it happens. Drives develop bad sectors. Unexpected shutdowns during a write leave incomplete data. File system events on the destination drive can cause state inconsistencies. When any of these touch the chain, the whole tail is gone.

BTDU takes a different approach. Each snapshot is independently readable. Unchanged files between snapshots are hardlinked, so the same space efficiency applies. But each point in time backup does not depend on an unbroken chain. You can read the backup from any day without needing every day before it to be intact. That independence is the property that makes a backup trustworthy rather than just present.

The local only problem

Time Machine is local backup. It backs up your Mac to a drive that is usually sitting next to your Mac. That means one flood, one fire, one theft takes your Mac and your backup drive together.

Apple has added limited support for backing up to a network share via Time Machine, and you can point it at a NAS. But there is no cloud component in Time Machine, and there never has been.

The classic backup advice is 3-2-1: three copies, two different media, one off-site. Time Machine gets you to one copy on one media in one location. Getting to 3-2-1 from there requires you to add something.

That is one of the things Cloud Vault in BTDU is built for. It encrypts your most important files and stores them in the cloud you already pay for: Dropbox, Google Drive, iCloud Drive, or OneDrive. Not as sync. As encrypted versioned backups in a private format that only your Mac can open. Your files, in your own cloud account, in a format no one at Dropbox or Google can read. That gets you to the off-site copy without adding a new subscription.

The encryption gap

You can encrypt a Time Machine backup with a password. That is better than nothing.

You cannot require a physical security key.

There is a meaningful difference there. A password alone means anyone who gets the backup drive and knows the password gets your files. Passwords get written down. Passwords get reused. Passwords get guessed.

BTDU supports unlocking backups with a FIDO hardware key such as a Yubikey. Plug it into the USB port on your Mac, and that physical token is the only thing that can open the backup. The backup stays sealed against anyone who does not have the key physically in their hand. As far as I can tell, no other major Mac backup app does this. It is the feature I am most proud of, and the one that separates BTDU most clearly from everything else on the market.

For most home users, password encryption is fine. For anyone who stores files that would be seriously harmful in the wrong hands, a hardware key is a different category of protection.

The honest bottom line

Is Time Machine enough? For a lot of people, yes. If you have one Mac, one backup drive, your main risk is hardware failure, and you do not store files that would be catastrophic in the wrong hands, Time Machine covers that job and costs you nothing. Keep it running.

It falls short for people who need more than its 2007 design assumptions:

  • You work with files where ransomware would be catastrophic (client work, legal documents, years of photos, source code).
  • You want a verified off-site copy without a new subscription.
  • You want each snapshot to be independently readable without depending on an unbroken chain.
  • You want a physical key required to open the backup, not just a password.
  • You want multiple backup jobs, custom schedules, and control over what backs up when.

A lot of BTDU users run both. Time Machine for the quick local restore, BTDU for anomaly aware backups, the hardware key lock, the independent snapshots, and the off-site cloud copy. They are not competing for the same job. If you can afford $29.99 once, that is the setup I would recommend.

If you cannot afford $29.99 right now, run Time Machine. A working free backup beats a paid backup you do not have.

If BTDU sounds like a fit for what you need, here is where to start. $29.99, one time. No subscription, ever.

Already running Time Machine? BTDU installs alongside it without conflicts.