How to Use TrueCrypt to Encrypt Your Sensitive Documents
By Eric Geier
PCWorldOct 26, 2011 7:00 pm PDT
Unless you encrypt your files, outsiders can easily gain access to them–even without knowing your Windows password–by booting into their own operating system from a special disc or from a bootable USB drive.
If you work with sensitive data–because you have a small business, say, or because you store personal financial documents on your computer–you should consider encrypting them to protect them against snoopers and thieves, especially if you keep them on a laptop, which can easily be stolen or lost.
One useful encryption utility is TrueCrypt, from the TrueCrypt Foundation. With this free, open-source program, you can create virtual encrypted disks or encrypt entire drives, including the Windows drive.
In this article I’ll concentrate on describing how to create virtual encrypted disks, which enable you to protect specific sensitive documents without having to encrypt your entire drive. For other practical encryption how-to’s, click the article titles listed in the panel at right.
When you create a virtual encrypted disk with TrueCrypt, you actually create a single encrypted file container that you can open or decrypt with the password you choose.
Like any other file, this file container can be deleted, moved, or copied. But no one can access its contents without supplying the correct password.
The idea underlying the file container is similar to the idea behind compressed .zip files: You can put other files and folders inside the file container; and while it remains closed, it appears as a single file in Windows. But unlike with .zip files, you can’t simply double-click the encrypted file container to open it and access the files contained inside. With TrueCrypt you have to mount the volume (the file container) as a drive–and to do that, you must first enter your encryption password.
The file container will appear as a drive in Windows, similarly to the way the C and D drives do, and you’ll be able to access, modify, remove, and add more files and folders inside the encrypted file container.
If you’d like to try using TrueCrypt, start by downloading it. When you install it you can use the default settings; the installation is quick and simple.
After opening the application, follow these steps to create the encrypted file container:
1. Click Create Volume to get started.
2. Keep the first choice–Create an encrypted file container–selected, and click Next.
3. Keep the first choice–Standard TrueCrypt volume–selected, and click Next.
4. Click Select File, choose where you want to place the encrypted file container, give it a name, and click Save. To continue, click Next.
5. Unless you have a special reason not to, accept the default encryption options and click Next.
6. Specify the size you want the encrypted file container to be. Make sure that it’s big enough to fit the files and documents that you want to protect, with room to grow if needed. Input the desired size, and click Next.
7. Enter your preferred encryption/decryption password, and click Next.
8. Keep the default volume format settings, but move your mouse around randomly to create a more random and secure cryptographic strength. Then click Format to create the encrypted file container.
To use the encrypted file container, you must mount it as a drive. The most basic way to do this is to click the desired drive letter on the main TrueCrypt window, click Select File to find and select your file container, and then click Mount. You’ll be prompted for the encryption password you set when you created the file container. Enter it and click OK, and thereafter you can access your encrypted files in Windows by using Computer (or My Computer). Just as with other drives, you can see and access it from open/save dialog boxes from Windows and within other programs.
If you want the file container to be mounted automatically when you log onto Windows, you can add it to your favorites.
Eric Geier is a freelance tech writer; become a Twitter follower to keep up with his writings. He’s also the founder of NoWiresSecurity, which helps small businesses easily protect their Wi-Fi network with Enterprise-class security.