TrueCrypt is a free, open source encryption program. It works by mounting an encrypted file as a virtual hard drive and encrypting/decypting all read/write operations on-the-fly.
It can also encrypt entire partitions or storage mediums such as USB drives, memory sticks, and floppy disks.
This is how this program works:
- Encryption Algorythms: TrueCrypt offers a number of encryption alogorythms including Blowfish, Serpent, Twofish, CAST5 and others. It will also allow the use of a so-called cascade of different ciphers; i.e. applying a number of these sequentially (If you don’t know what any of this means forget it; its just to say that the data is EXTREMELY secure).
- Creation of an encrypted file: you’ll have to determine how much encrypted storage you want. If, say, you choose to create a 100 meg volume you will have to create a 100 meg file somewhere on you hard drive. The contents of this file will be completely inaccessible when TrueCrypt is not mounting/decrypting it (including file and folder names and structure). Someone snooping around your computer might see that the file is there, but it will look like random data. If you want to make the file hidden from the file system, you can either use TrueCrypt to encrypt an entire partition or put your file on a hidden partition (hiding/unhiding partitions is a simple Windows registry function; a program like TweakUI can do it; to create a partition you can use Gparted).
- USB drives: TrueCrypt needs to either be installed on the machine on which you wish to view the data, or otherwise can be available on the USB drive in portable format. For a tutorial on how to do this go here; or go here for a nice script that can help you out.
- Supports “2 levels of plausible deniability”: this, in English, means that you can create 2 passwords, a ‘real’ password that gives access to your sensitive data, and a ‘safe’ passwos that will grant access to a bunch of harmless stuff should you be in a situation where you are forced to give out your password.
- Note that although you have to pre-define the size of your encrypted volume. This means that the space you select will be taken up and will not be available to Windows. However, on NTFS volumes TrueCrypt supports creating encrypted ‘sparse’ files that grow to accomodate your data up to a certain max file size. The drawback is that these offer lower performance and security thresholds, and I wouldn’t recommend them.
- You can change your password without having to transfer your data to a new container and/or losing data.
This program is the real deal. Unlike other ‘folder locking’ applications that can be circumvented by booting in safe mode or booting from a cd (or even worse, by terminating the process in Task Manager), the only way to access the data is to mount it using TrueCrypt. The best thing about TrueCrypt, as far as I am concerned, is that it is extremely fast; I’ve found that mounting a massively huge 2GB encrypted archive is almost instantaneous (as is unmounting it).
I’ve tried a number of free and ‘lite’ encryption programs and this one is my clear favorite in terms of real security and convenience. Its also 100% free and continuously getting better.
Version tested: 4.2a
Compatibility: Microsoft Windows 2000, 2003, XP, and Linux. Vista version promised.