Last week I wrote a post on how to encrypt entire hard drives with TrueCrypt. We all know how easy it is to have your laptop lost or stolen and how important it is to protect sensitive data. However, something that is even easier to lose and often has just as sensitive data on it is thumb drives. I know personally I’ve lost a couple of them over time.
Today we’re going to learn how to encrypt these drives to keep them from prying eyes.
Just a few things to get you prepared for the encryption process.
- Grab TrueCrypt if you don’t already have it.
- Make sure your thumb drive is plugged in and move everything on it to your desktop. This is important because TrueCrypt is going to format the drive during the encryption process.
- Open the main TrueCrypt window
Beginning the Encryption Process
During this phase, we will be getting the settings together so we can actually encrypt the drive.
- Click the ‘Create Volume‘ button on the main TrueCrypt window
- Choose the second radio button: Create a volume with a non-system partition/device
- At the next screen, leave the radio button on ‘Standard TrueCrypt Volume‘ (unless you know what you’re doing and want to get fancy:)
- Now click the button that says ‘Select Device‘
- Find your thumb drive in the list (you can tell by what drive letter it is mounted in Windows). For this tutorial, we are going to choose the ‘partition’ not the actual device (so in my case ‘\Device\Harddisc6\Partition1′)
If you get a warning after clicking ‘ok’, you can ignore it. It’s simply stating that you could also create an encrypted file on the device rather than encrypting the entire drive. Click Next
- I like to leave the Encrpytion and the Hash algorithms at their defaults, AES and RIPEMD-160 respectively. Feel free to play around if you know what you are doing.
- On the Volume Size screen, you won’t be able to do anything because we chose to encrypt the entire drive. Click ‘Next‘
- Create a passphrase on the next screen. Depending on how secure you want it to be, 20 characters is recommended. If nothing else, try to use symbols, caps, lowercase and numbers.
Starting the Encryption
Now, we will actually start the encryption process itself.
- Now you will need to move your mouse around the TrueCrypt window to create a unique pool of characters. This is important to the strength of the encryption keys TC will use.
- Once you are satisfied, click the ‘Format’ button. You will be presented with a box saying that all data will be lost NOT encrypted. If you followed along from the start, you’ve already moved all your data off the drive and this won’t be a problem and you can click ‘Yes‘
- TrueCrypt will now begin to encrypt the drive. Mine was only 128MB so it only took a few minutes. Your time will vary
- If everything went well, you should see a box saying the encryption was successful!
Mounting the Drive
The first thing you will probably notice is that Windows doesn’t recognize the drive like it normally did. You can click on the drive letter it assigns it, but it’s just going to ask you if you want to format it. Don’t! Here’s what you do.
- Make sure the drive is still plugged in and the main TrueCrypt window is open. Also, select a drive letter in the list, I highlighted ‘Y’
- Click the ‘Auto-Mount Devices‘ button. It’s going to ask you for the passphrase you created earlier, so enter that.
- Your drive should now be mounted as whatever letter you choose (in my case ‘Y’)
- Your drive will now be able to be accessed just like any other drive on your system!
There really isn’t much to encrypting your data with TrueCrypt, but that doesn’t diminish the need for strong encryption on all of our portable (and non-portable) devices. A couple of final notes:
- Make sure you ‘Dismount’ the thumb drive before pulling it out by selecting the volume in the main TrueCrypt window and clicking on the ‘Dismount’ button.
- Also remember that you need TrueCrypt installed on every computer you will be using your thumb drive one. Sounds like a no-brainer, but be aware if your IT department won’t allow you to install extra software on your work machines.