Yesterday I wrote about encrypting data on your notebook computer when you are carrying data around. Within that posting I mentioned TrueCrypt as a program which can be used for this task so for those of you that are interested in it, I mean who wouldn’t as it’s open source, here’s a brief tutorial.
Once TrueCrypt is installed then you can create a new secure volume using the wizard which can be launched from the main program screen.
From here click on the “Create Volume” button to launch the wizard.
From here select the “Create a File Container” option the create a new secure volume on your Hard Disk. From here you can also choose to Encrypt the entire system partition which means that the partition that Windows is installed on would be encrypted and require a password to be entered before Windows can boot. You can also encrypt a non-system partition which would be another partition on your drive or a USB memory stick. In this example we will create a “File Container”; once selected click next.
At the next screen you have the option to select a “Standard TrueCrypt Volume” or a “Hidden TrueCrypt Volume”. A Standard volume is simply an encrypted volume which when the password is entered it mounts and the data is visible. The “Hidden Volume” however is a little more sophisticated; what happens is when the volume is created it will create another volume within that one. Both volumes are located as a single file on the disk however the one that becomes visible is dictated by the password entered. This is especially useful if you have to enter your are forced to enter your password under duress; in this scenario you would enter the password for the volume which does not contain the actual secure data but is in fact the “fake” secure data. For this example however we will create a “Standard Volume”; once selected click Next.
Once the next screen you will be asked to “Select File” which basically speaking means that you need to specify the filename and location. The actual filename you use should be a obscure as possible as this will make the file harder to locate to would be attackers. In this example we have called the file “readme.txt” Once you have done this click on Next.
From the next screen you have the option to select what encryption algorithm you want to use for your volume. The algorithm that you use simply dictates how the data is encoded when the file is created and more importantly when data is stored on the volume. For most of us AES will be sufficient so we will select that and click Next.
Now we have to specify the size of our encrypted volume. This will be entirely down to personal choice and will be dictated by the amount of data that you want to carry with you. For simplicity we will enter a value of 100MB and then click on Next.
At this point we are now required to enter a password. It cannot be impressed enough how important it is to choose as strong enough password for this file. Lets face it if you simply enter the password as “password” then it isn’t going to take much to guess it. So no kids names, no pets, no car registration, no spouse’s, nothing that is anything to do with you. Lets face it if you used you favourite nursery rhyme that would be more secure as a password; for example “tw1nkle tw1nkle l1ttle star how 1 wonder what you are” would be completely random, nothing to do with you and yet easy to remember. So think long and hard what you will use and make sure it’s something easy to remember but still strong. Once this is done then click Next.
The next screen is for formatting the volume however before you click “Format” you need to move your mouse randomly within the Window. This is done to help to create a completely random key and the more you move the mouse then more random it becomes.
When you have done this and you are happy with it click on “Format” and wait until a box appears telling you it is complete. Now click on “OK”
When this has finished you can either continue with the wizard to create another volume or you can click on “Exit” to return to the main TrueCrypt screen.
From them main TrueCrypt screen click on the “Select File” button and you will be presented with a screen titled “Select a TrueCrypt Volume”. From here we can select our newly created volume, in our example we will select the file “readme.txt” and click on “Open”.
Now select the drive letter from the top part of the screen that you want to assign the volume to, in our case this will be “F:”, now click on “Mount”. This will then prompt you for the password that you entered earlier as below.
Enter your password and then select “OK”. If you need to you can check the “Display Password” box so that you can see what you are typing but obviously make sure no-one is around to see it.
That is basically it, you can now go into “My Computer” and you will see your newly create volume as shown below.
I hope this is of help to some of you and if you have any questions then please post them up and I will try help where possible. The program is just one of many that are around and each of these vary in the way that they work however this all work towards the same end result which is that they all try to make your data more secure.