Important BitLocker To Go is NOT an additional application you need to install. It is how BitLocker is referred to when used on an external attached drive. It is not dependent on a Trusted Platform Module (TPM) being enabled on PC's that support BitLocker natively. BitLocker is available on the Ultimate and Enterprise editions of Windows Vista and Windows 7, the Pro and Enterprise editions of Windows 8 and later, and Windows Server 2008 and later. Older Windows OS's and Macintosh users can download a 'BitLocker To Go Reader' utility to use with those systems.
Reader Links Older Windows OS: Macintosh OS: With the increase in the use of small, large capacity USB drives, the potential for sensitive data to be lost or stolen has become a serious threat. How can you protect MIT data from loss or theft? The answer: BitLocker To Go.
Improved for Windows 7 Ultimate and Enterprise and Windows 8.1 Pro and Enterprise. You can use BitLocker To Go to protect all file stored on a removable data drive, such as an external hard drive or USB flash drive.
To enable BitLocker encryption on a USB flash drive, perform the following steps:. Insert and browse to the USB flash drive. Best Practice: As a precaution, backup all data on the drive prior to encrypting. Right-click the USB flash drive or external hard drive, and then click on Turn on Bitlocker. On the Choose how you want to unlock this drive window, choose Use a password to unlock the drive.
Caution Bitlocker suggests a name that is structured in the following way. The text, 'BitLocker Recovery Key', then the Full Recovery Key ID. The first 8 alpha/numeric characters are what you will be shown when using the key recovery process.
This option prompts the user for a password to unlock the drive. Passwords allow a drive to be unlocked in any location and to be shared with other people. BitLocker To Go requires that passwords have at least eight characters. That they contain a mixture of characters, numbers, and special characters. On the How Do You Want To Store Your Recovery Key windows, click Save The Recovery Key To A File. In the Save BitLocker Recovery Key As dialog box, choose a save location, such as your Documents folder, and then click Save. Note: You can also print the recovery key if you desire (from here, or by opening your saved recovery key and printing).
With this recovery key file you can regain access to your encrypted USB flash drive in the event you forget your password!. The message Your Recovery Key has been saved will appear in the dialog box and you can now click Next to continue. On the Are You Ready To Encrypt This Drive window, click Start Encrypting. Do not remove the USB flash drive until the encryption process is complete. How long the encryption takes depends on the size of the drive. USB drive encryption take approximately 6 to 10 minutes per gigabyte to complete.
The encryption process performs the following:. Creates a virtual volume with the full contents for the drive in the remaining drive space. Encrypts the virtual volume with Advanced Encryption Standard(AES) 128-?bit. Once the encryption process completes you will be notified by a window. Start using your encrypted drive. Access an encrypted external storage drive. Important: BitLocker To Go is NOT an additional application you need to install.
It is how BitLocker is referred to when used on an external attached drive. It is not dependent on a Trusted Platform Module (TPM) being enabled on PC's that support BitLocker natively. BitLocker is available on the Ultimate and Enterprise editions of Windows Vista and Windows 7, the Pro and Enterprise editions of Windows 8 and later, and Windows Server 2008 and later. Older Windows OS's and Macintosh users can download a 'BitLocker To Go Reader' utility to use with those systems. Reader Links Older Windows OS: Macintosh OS: Once you have encrypted your external drive and saved a recovery key, you’re ready to go. Your drive will be unlocked for as long as it is connected to your computer, but at some point, you may reboot, or need to eject it.
After this happens, you will be required to enter your password again. Scenario 1 – Reboot.
Browse to your Computer, and you will find your external USB drive is locked. It will NOT automatically prompt you for a password. Double-click on the locked drive icon. Optionally, you can Right-click and choose Unlock Drive. Enter your password, and click Unlock. Choose Open folder to view files.
Start using your drive. Scenario 2 – You inserted your external drive in the same/other machine. The BitLocker Drive Encryption dialog box will automatically pop-up. Enter your password, and click Unlock.
Choose Open folder to view files. Start using your drive. Manage an encrypted external drive. Important: BitLocker To Go is NOT an additional application you need to install.
It is how BitLocker is referred to when used on an external attached drive.It is not dependent on a Trusted Platform Module (TPM) being enabled on PC's that support BitLocker natively. BitLocker is available on the Ultimate and Enterprise editions of Windows Vista and Windows 7, the Pro and Enterprise editions of Windows 8 and later, and Windows Server 2008 and later. Older Windows OS's and Macintosh users can download a 'BitLocker To Go Reader' utility to use with those systems. Reader Links Older Windows OS: Macintosh OS: When you have an external encrypted drive in your computer and unlocked, there are some options for managing BitLocker for this drive. Below are some examples of things you can manage. Common method for All Scenario’s below - Access the Manage BitLocker dialog box.
Right click on your unlocked encrypted drive and select Manage BitLocker. Select options to manage.
Scenario A – Change password to unlock the drive. Select Change password to unlock the drive. Type in your new password and click Next. You will receive the following confirmation.
You will be returned to the Select options to manage dialog box. Click Close if you have no other options to manage. Scenario B – Remove password from this drive. Select Remove password from this drive.
If you do have Automatically unlock this drive on this computer previously set, you will receive the following message. Note: The Change password to unlock the drive option goes away, and you can click Close now. If you don’t have another unlocking method, you will receive the following message. You will be returned to the Select options to manage dialog box.
You will now have to set Automatically unlock this drive on this computer, for this to work. Return to Step 1 to remove the password now. Scenario C – Add a smart card to unlock the drive (NOT Supported ). Select Add a smart card to unlock the drive. Without a Smart Card reader, you get the following error.
You will still be in the Select options to manage dialog box, so you can click Close if you have no other options to manage. Scenario D – Save or print recovery key again. Select Save or print a recovery key again.
Select Save the recovery key to a file. Save the file locally. In the Save BitLocker Recovery Key As dialog box, choose a save location, such as your Documents folder, and then click Save. BitLocker suggests a name but you can name this anything you will remember. It would be nice to at least leave the first alphanumeric series of 8 numbers as this will be useful in the recovery process. You will be returned to the Select options to manage dialog box. Click Close if you have no other options to manage.
Select Print the recovery key. Choose a Printer, then click Print. Click Close if you have no other options to manage. Scenario E – Automatically unlock this drive on this computer. Select Automatically unlock the drive on this computer. You will see the option now reads Turn off automatic unlocking for this drive on this computer.
You can click Close if you have no other options to manage. Recover from key to an encrypted external storage drive. Important: BitLocker To Go is NOT an additional application you need to install. It is how BitLocker is referred to when used on an external attached drive.
It is not dependent on a Trusted Platform Module (TPM) being enabled on PC's that support BitLocker natively. BitLocker is available on the Ultimate and Enterprise editions of Windows Vista and Windows 7, the Pro and Enterprise editions of Windows 8 and later, and Windows Server 2008 and later. Older Windows OS's and Macintosh users can download a 'BitLocker To Go Reader' utility to use with those systems. Reader Links Older Windows OS: Macintosh OS: When you forget your password, and need to gain access to your encrypted drive, you can gain access with your recovery key.
Insert the external drive, and click on I forgot my password. The clue to finding your key file is in Your recover key can be identified. Make note of this. Find and open the recovery key file on your computer.
Confirm that the id matches. Copy the BitLocker Recovery Key. Return to the Unlock this drive using your recovery key dialog box (see step 2), click on Type the recovery key. Pasted the recovery key in the Type your BitLocker recovery key: box, and click Next.
You are now have Temporary access to the drive and must reset the password. Click on Manage BitLocker. Chose Change password to unlock the drive. Type in your new password, then click Next.
You will receive a conformation that your password had been changed. Click OK to close this dialog box. You will be returned to the dialog box in step 6. Click on Close now. You will be returned to the dialog box in step 5.
Click on Finish now. You will now be presented with your open drive in a new explorer window. You can now work with the contents.
Decrypt an external storage drive. Important: BitLocker To Go is NOT an additional application you need to install. It is how BitLocker is referred to when used on an external attached drive. It is not dependent on a Trusted Platform Module (TPM) being enabled on PC's that support BitLocker natively. BitLocker is available on the Ultimate and Enterprise editions of Windows Vista and Windows 7, the Pro and Enterprise editions of Windows 8 and later, and Windows Server 2008 and later. Older Windows OS's and Macintosh users can download a 'BitLocker To Go Reader' utility to use with those systems. Reader Links Older Windows OS: Macintosh OS: At some time, you may want to turn off the encryption on your external encrypted drive.
Here's the step on how to do that. Turn Off BitLocker to Decrypt Removable Drive. Connect the removable hard drive or USB flash drive. Type in your password, and click on the Unlock button. Open the Control Panel (icons view), and click on the BitLocker Drive Encryption icon. Click on Turn Off BitLocker for the drive letter for the removable hard drive or USB flash drive that you want to decrypt. (See screenshot below).
Click on the Decrypt Drive button. (See screenshot below).
Rubenking The Best Encryption Software for 2019 Just because you have antivirus software installed on your PC doesn't mean a zero-day Trojan can't steal your personal data. The best encryption software keeps you safe from malware (and the NSA). Encrypt Everything!
Did you ever pass secret, coded messages as a kid? There's a certain thrill in knowing that nobody else can read your communication, even if the content is as banal as 'Johnny love Jane.' That's just fun, but when the content is significant, like a contract or a patent application, keeping unauthorized types from seeing it is essential. That's where encryption comes in.
When you keep all your sensitive documents encrypted, they're inaccessible to hackers and snoops. To share those documents with the right people, you simply supply them the decryption password. Just which encryption product is best for you depends on your needs, so we've rounded up a varied collection of encryption products to help you choose. File Encryption, Whole-Disk Encryption, and VPNs. In this roundup, I'm specifically looking at products that encrypt files, not at whole-disk solutions like Microsoft's Bitlocker. Whole-disk encryption is an effective line of defense for a single device, but it doesn't help when you need to share encrypted data.
You can use a, to encrypt your own internet traffic. From your PC to the VPN company's server, all your data is encrypted, and that's a great thing.
However, unless you're connected to a secure HTTPS website, your traffic is not encrypted between the VPN server and the site. And of course the VPN's encryption doesn't just magically rub off on files you share. Using a VPN is a great way to protect your internet traffic when you're traveling, but it's not a solution for encrypting your local files. No Back Doors When the FBI needed information from the San Bernardino shooter's iPhone, they asked Apple for a back door to get past the encryption. But no such back door existed, and Apple refused to create one. The to get into the phone.
Why wouldn't Apple help? Because the moment a back door or similar hack exists, it becomes a target, a prize for the bad guys. It will leak sooner or later. In a talk at Black Hat this past summer, Apple's Ivan Krstic revealed that the company has done something similar in their cryptographic servers.
Once the fleet of servers is up and running, they that would permit modification. Apple can't update them, but the bad guys can't get in either. All of the products in this roundup explicitly state that they have no back door, and that's as it should be. It does mean that if you encrypt an essential document and then forget the encryption password, you've lost it for good. Two Main Approaches. Back in the day, if you wanted to keep a document secret you could use a cipher to encrypt it and then burn the original. Or you could lock it up in a safe.
The two main approaches in encryption utilities parallel these options. One type of product simply processes files and folders, turning them into impenetrable encrypted versions of themselves. The other creates a virtual disk drive that, when open, acts like any other drive on your system. When you lock the virtual drive, all of the files you put into it are completely inaccessible. Similar to the virtual drive solution, some products store your encrypted data in the cloud. This approach requires extreme care, obviously. Encrypted data in the cloud has a much bigger attack surface than encrypted data on your own PC.
Which is better? It really depends on how you plan to use encryption. If you're not sure, take advantage of the 30-day free trial offered by each of these products to get a feel for the different options. Secure Those Originals After you copy a file into secure storage, or create an encrypted version of it, you absolutely need to wipe the unencrypted original. Just deleting it isn't sufficient, even if you bypass the Recycle Bin, because the data still exists on disk, and data recovery utilities can often get it back.
Some encryption products avoid this problem by encrypting the file in place, literally overwriting it on disk with an encrypted version. It's more common, though, to offer secure deletion as an option. If you choose a product that lacks this feature, you should find a free secure deletion tool to use along with it.
Overwriting data before deletion is sufficient to balk software-based recovery tools. Hardware-based forensic recovery works because the magnetic recording of data on a hard drive isn't actually digital.
It's more of a waveform. In simple terms, the process involves nulling out the known data and reading around the edges of what's left.
If you really think someone (the feds?) might use this technique to recover your incriminating files, you can set your secure deletion tool to make more passes, overwriting the data beyond what even these techniques can recover. Encryption Algorithms An encryption algorithm is like a black box. Dump a document, image, or other file into it, and you get back what seems like gibberish. Run that gibberish back through the box, with the same password, and you get back the original. Government has settled on as a standard, and all of the products gathered here support AES.
Even those that support other algorithms tend to recommend using AES. If you're an encryption expert, you may prefer another algorithm, perhaps, or the Soviet government's GOST. For the average user, however, AES is just fine.
Public Key Cryptography and Sharing. Passwords are important, and you have to keep them secret, right? Well, not when you use cryptography. With PKI, you get two keys.
One is public; you can share it with anyone, register it in a key exchange, tattoo it on your forehead—whatever you like. The other is private, and should be closely guarded. If I want to send you a secret document, I simply encrypt it with your public key. When you receive it, your private key decrypts it.
Using this system in reverse, you can create a digital signature that proves your document came from you and hasn't been modified. Just encrypt it with your private key. The fact that your public key decrypts it is all the proof you need. PKI support is less common than support for traditional symmetric algorithms. If you want to share a file with someone and your encryption tool doesn't support PKI, there are other options for sharing. Many products allow creation of a self-decrypting executable file. You may also find that the recipient can use a free, decryption-only tool.
What's the Best? Right now there are three Editors' Choice products in the consumer-accessible encryption field. The first is the easiest to use of the bunch, the next is the most secure, and the third is the most comprehensive. AxCrypt Premium has a sleek, modern look, and when it's active you'll hardly notice it. Files in its Secured Folders get encrypted automatically when you sign out, and it's one of the few that support public key cryptography. CertainSafe Digital Safety Deposit Box goes through a multistage security handshake that authenticates you to the site and authenticates the site to you.
Your files are encrypted, split into chunks, and tokenized. Then each chunk gets stored on a different server. A hacker who breached one server would get nothing useful.
Folder Lock can either encrypt files or simply lock them so nobody can access them. It also offers encrypted lockers for secure storage. Among its many other features are file shredding, free space shredding, secure online backup, and self-decrypting files. The other products here also have their merits, too, of course. Read the capsules below and then click through to the full reviews to decide which one you'll use to protect your files.
Have an opinion on one of the apps reviewed here, or a favorite tool we didn't mention? Let us know in the comments.
Pros: Encrypted lockers protect files and folders. Secure online backup. Can lock files and folders, making them invisible.
File shredding. Free space shredding.
Self-decrypting files. Many useful bonus features. Cons: Product serial number stands in for master password by default.
Locked files are not encrypted. Secure backup requires separate subscription. Bottom Line: Folder Lock can lock access to files for quick, easy protection, and also keep them in encrypted lockers for serious protection. It combines a wide range of features with a bright, easy-to-use interface. Pros: Easy to encrypt file just by moving them into a secure volume. Password quality meter.
Can share volumes. Mobile edition. Can encrypt files and folders for email. Cons: Secure deletion doesn't handle unencrypted originals. Complicated creation of secure volumes, especially after the first. Expensive for what it does.
Bottom Line: Cypherix Cryptainer PE creates encrypted volumes for storing your sensitive files. Lock the volume and nobody can access the files.
It does the job, but it's relatively expensive. Pros: Many options for hiding encrypted files. Two-factor authentication. Can hide existence of containers.
Price includes five licenses. Cons: Combination of hidden container and two-factor authentication can destroy data. Portable encrypted containers only portable on systems with Steganos installed. Bottom Line: Steganos Safe creates secure encrypted storage for your sensitive files. It's very easy to use, and it offers some unique options for maintaining privacy and secrecy.