Securing files on your computer with TrueCrypt

Ever been in a situation where a work colleague, close friend or a relative asks to use your computer for a couple of minutes to either check something on the web or carry out a given task and you just can't say no even though you would rather not give in since you are worried that they might stumble upon a confidential file or folder should they decide to snoop around without your knowledge.

Its a fact that most people who own personal computers and or laptops usually have some confidential files stored in them and resort to just about any means to keep them hidden. Such means include creating a long directory tree and placing the files deep inside, renaming the files to something else that will not arouse curiosity or simply changing the file attributes to Hidden and memorizing the location of the file for future access.
While the above methods are effective to some degree, they are still nowhere near perfect and they always leave you looking over the shoulder of the one who has borrowed your machine just in case they get a bit adventurous. Worst yet, should you loose your machine in a theft incident, someone can easily gain access to your confidential files.
So how can one secure their files against prying eyes? Well, there exists quite a number of software out there that can aid you achieve this, however the best free option is one called TrueCrypt.

TrueCrypt is a lightweight free open source software that offers the following features:
Creates a virtual encrypted disk within a file and mounts it as a real disk.
Encrypts an entire partition or storage device such as USB flash drive or hard drive.
Encrypts a partition or drive where Windows is installed (pre-boot authentication).
Encryption is automatic, real-time (on-the-fly) and transparent.
Parallelization and pipelining allow data to be read and written as fast as if the drive was not encrypted.
Encryption can be hardware-accelerated on modern processors.
Provides plausible deniability, in case an adversary forces you to reveal your password

It is available for Windows, Linux and OS X operating systems and is quite simple to set up and configure.
For the most basic and or essential use of this application is to create a virtual encrypted disc where you can safely store all your confidential information and secure it with a strong password or better yet a Key File meaning that your encrypted data is almost impossible to decrypt without the correct password or key file.
Creating an Encrypted File Container
To get started simply download and install TrueCrypt on your machine.
Afterwards, run the application, click on the Volumes menu then select Create New Volume
On the Volume creation wizard window, leave the first option selected: Create an encrypted file container then click Next
On volume type select Standard TrueCrypt Volume
Specify the volume location of your encrypted file container, make sure it is a well hidden location that is not regularly accessed so as to avoid accidental deletion of the encrypted container. (Later on after creating it, it is recommended to locate the encrypted container and set its file attributes to hidden to avoid accidental deletion)
Memorize the location then click on Next
For encryption algorithm, simply leave it to the default AES or select your preferred choice from the drop down if you are knowledgeable then click Next
Set your preferred volume size then click on Next

Here set your preferred password, a minimum of 20 characters is recommended but you can choose to ignore the prompt if you want to stick to a shorter one. Additionally for added security, you can also choose to make use of a Key file which can be in the form of a .mp3, .jpg, .avi, or in any suitable file extension, but unlike your ordinary password, in event that you loose your key file or any bit of its first 1024 Kbits is either changed or damaged, you might permanently loose access to your encrypted data so only use key files with great caution.
Once you have set your password click on Next

In this step, specify the file system to be used to create the encrypted file container depending on your OS. Leave cluster to default then randomly move your mouse pointer several times over the window to generate strong encryption keys then finally click on Format
Depending on the size and speed of your computer, the format step duration can vary from a few seconds to several minutes. Once it is completed, a prompt will pop up and let you know.
You can now exit the wizard window and head back to the application's main window to mount your new encrypted container as a drive.
Mounting your encrypted container
To do so, open TrueCrypt then specify the location of your encrypted container. On the windows below, the location is at C:\users\edutchz\mna1 in which case mna1 is the name of my encrypted container.

Click on any empty drive letter say G: then click on Mount button at the bottom, on the pop up window that shows up, enter your password and or Key file if you made use of key files as well.
If your credentials are correct, your encrypted file container will be mounted as a drive and you can either double click on it or simply go to My Computer and locate it there listed among your drives.
You can then add, edit and remove files on your mounted encrypted container. Once you are done, go back to TrueCrypt, select the mounted drive from the list and click on dismount to close it.
Things to Note
After creating your encrypted file container, you can freely move it from one location to another or even store and mount if from a flash drive or external hard drive.

The encrypted file container has no extension and therefore windows will not recognize it and it will appear as a white icon with the name you specified. To avoid accidental deletions of the file, it is recommended you store it in a less frequently accessed location and if possible, memorize the location and set it's file attribute to hidden.

Always be extra cautious if you choose to make use of Key files. Loosing the key file, modifying it or having it damaged by a computer virus could mean permanent loss of all your secured data.
All mounted volumes are automatically dismounted every time you restart or switch off your computer without manually dismounting them.


Leave a comment