File encryption is not just the stuff of spy movies. There are plenty of practical reasons why you might decide to encrypt a single file, multiple files, or even an entire drive. If you keep sensitive digital copies of financial information such as bank statements and tax returns, you can encrypt them to make sure unauthorized users cannot get to them. You may just have documents, such as your first novel, that you do not want anyone to see. Encryption provides an extra layer of security that simple password protection cannot.
Generally speaking, a good password will keep people from logging into your computer, and those who try to attack your computer will not be able to gain access if it has a strong password, good firewall, and has the latest security updates. But to actually break into your computer, anyone with physical access to it only needs the hard drive.
Think about a spy movie where the bad guys steal the hard drive that contains all types of sensitive, top-secret information. In order to gain access to the data, all they would need to do is connect that drive to another computer with a separate operating system. Alternatively, they could even run a Live CD such as Linux System Rescue CD and gain administrative access to the files. If, however, those files are encrypted, they will have to try decrypting it, something they may never be able to do, depending on the encryption strength.
Some operating systems have built-in encryption options. For example, when you install Ubuntu or many other Linux distributions, the installer will ask you if you want to encrypt your home folder. When you are logged in, you will have uninterrupted access to your files, but when you are not, your home folder remains encrypted. Anyone who tries to access it will have to crack the encryption.
Truecrypt is a free and open source software solution for encryption that offers you many options. You can create an encrypted virtual disk that acts like a hidden drawer for all of your secret files. You can also encrypt an entire drive, a partition, or a removable device like a USB flash drive.
Truecrypt also includes a “plausible deniability” feature, giving you the option for a hidden volume that someone trying to gain access to your data would never see. Furthermore, all of the data on your encrypted volume will appear as random gibberish until it is decrypted. This will appear to outsiders as though you wiped your drive, and they would have no way of knowing that it is actually encrypted data.
Install and Setup
Truecrypt runs on Linux, Mac OS X, and Windows 7/Vista/XP. It comes with an installer that makes it easy to get started. Just follow the instructions of the installer. You will likely need the administrative password to your computer, especially if you are encrypting a drive or partition.
To create a new encrypted volume, click “Create Volume”. It will present you with two options: 1. an encrypted file container, a virtual volume that appears as a random file until you decrypt it and mount it as a virtual drive, and 2. encrypt a partition or removable drive. The next option will ask you if you want to create a regular volume or a hidden one that someone trying to force you to reveal it cannot find.
Truecrypt will ask you for a password to your volume. If your password is simple, it could possibly defeat the purpose of having encryption. It can be a single set of characters or even an entire phrase. Make sure you remember your password. If you forget it, there is no way to ever recover your data aside from cracking the encryption, which could take years. Security experts at VPS hosting company 34SP.com informed us that even the FBI could not crack the encryption on a drive protected by Truecrypt.
Once you have created your volume, you will need to enter your password for your volume and for your administrative account to mount it as a virtual drive. It gives you the option to mount several volumes at once, and you could conceivably have one that is easy to locate serve as a decoy, and then have another hidden one somewhere more difficult to find.
As the saying goes, “Two can keep a secret if one of them is dead.” No matter how much encryption and security you have on your system, it is ultimately up to you to make sure it stays secure. That means you must use safe passwords and make sure you do not give them out to anyone. If you work for a financial institution or some other organization that depends on top-level security, encrypting your data and keeping it safe may very well save your job or even your life.