AppleScript: Secure Downloads Folder Archiver

Lenovich · February 22

This script creates an encrypted DMG archive of your entire Downloads folder, wipes its contents clean, and moves the finished archive back to Downloads. Perfect for secure backups before clearing!

What it does:

Generates archive name with current date/time: archive_20260222_0455.dmg
Prompts for password (hidden input) for AES-256 encryption
Creates DMG in secure /tmp/ location with UDZO compression
Completely clears Downloads (including hidden files via find -delete)
Moves archive back to Downloads folder
Shows progress notifications at each step

Security features:

AES-256 encryption
Temporary files in /tmp/
Password never stored in script
Complete wipe of original files

How to use:

Save as .scpt or .applescript
Run via Script Editor or Automator
Enter password → wait for completion → done

Test on sample data first

macOS only

try
-- Get current date and time in YYYYMMDD_HHMM format
set currentDate to do shell script "date +%Y%m%d_%H%M"
set archiveName to "archive_" & currentDate & ".dmg"

-- Path to "Downloads" folder
set downloadsFolder to path to downloads folder as string
set downloadsPOSIX to POSIX path of downloadsFolder

-- Password input dialog (hidden input)
set passwordDialog to display dialog "Enter password for archive:" default answer "" buttons {"Cancel", "OK"} default button "OK" cancel button "Cancel" with hidden answer
set archivePassword to text returned of passwordDialog
if archivePassword is "" then error "Password cannot be empty"

-- Inform user about process start
display dialog "Creating encrypted archive...
Do not close the window until operation completes." buttons {"OK"} default button "OK" giving up after 2

-- Create encrypted DMG in /tmp (secure temporary location)
set tempDMGPath to "/tmp/" & archiveName
do shell script "printf '%s' " & quoted form of archivePassword & " | hdiutil create -ov -srcfolder " & quoted form of downloadsPOSIX & " -encryption AES-256 -stdinpass -format UDZO " & quoted form of tempDMGPath

-- Delete ALL contents of "Downloads" folder (including hidden files)
do shell script "find " & quoted form of downloadsPOSIX & " -mindepth 1 -delete"

-- Move archive to "Downloads" folder
do shell script "mv " & quoted form of tempDMGPath & " " & quoted form of downloadsPOSIX

-- Final notification
display dialog "Archive created successfully:
" & archiveName & "

Downloads folder contents cleared." buttons {"Done"} default button "Done"

on error errMsg number errNum
if errNum is not -128 then -- -128 = user cancellation
display alert "Error" message "Failed to create archive:
" & errMsg & "

Error code: " & errNum as critical
end if
return
end try

Eigenvektor · February 22

Or just set up encrypted Time Machine backups?

Lenovich · February 22

9 minutes ago, Eigenvektor said:

Or just set up encrypted Time Machine backups?

perfect for quick daily cleanups without full backups. Time Machine is great for system-wide versioning, but it bloats your drive with everything (apps, caches, temp files) and runs automatically. This gives you more control: lightweight, password-secured "snapshots" of just downloads (often 100s of MBs from browsers/torrents), timestamp-named, portable files ready in ~2 minutes. No external drive needed, no Time Machine overhead