• 0

Password Protect External Drive/Folder

Asked by jimbb,

 Share

Question

Apprentice

jimbb

Posted
Posted

Hi guys,

Does anyone know of any good programs (ideally freeware) that can password protect an external drive (3TB) or 2.5TB folder within the drive?

I have read lots of good things about truecrypt but I am worried it will be too slow; i havent read any reviews of people encrypting over 1TB of data. Has anyone here used it for 3TB worth of data? any impact on drive speeds?

I have als read good things about a paid app called Folder Lock, but again not sure on the speeds.

Thanks the help

18 answers to this question

Recommended Posts

  • 0
Veteran

ZakO

Posted
Posted

TrueCrypt. I've got two external 3TB drives, one uses TrueCrypt to encrypt the whole drive, the other has a 2TB TrueCrypt container on it. I get ~95MB/s over USB 3.0 while writing to them and haven't had any other speed issues.

  • 0
Enthusiast

xamolios

Posted
Posted

are you sure TrueCrypt cannot be broken through disk management by changing the letterpath? because that's what usually happens to easily access a password protected hard drive!

I think the key here is by only just giving it file access permissions read, write execute etc...

  • 0
Apprentice

jimbb

Posted
  • Author
Posted

ok true crypt sounds like the best option then.

is their any other freeware option available? doesnt necessarily have to be as advanced as true crypt...

Its a large mixture of files - work files, music, videos etc. im making a backup of all my personal files basically

  • 0
Grand Master

Open Minded

Posted
Posted

is their any other freeware option available? doesnt necessarily have to be as advanced as true crypt...

It might seem a little overwhelming at first with all the options, but the step-by-step help they give is pretty good if you get stuck. I'd use TC over anything else that's free to protect my data... if I were so inclined. :shiftyninja:

  • 0
Grand Master

Teebor

Posted
Posted

I can't find a link at the moment but if you have a look around there are some really neat external HDD that I've used which have a built in keypad. You use the keypad to enable access to the drives and without the code you can't get in. There is a master code however using it wipes the drive.

Also if you remove the drive from the caddy you cannot access the data as it is encoded in hardware so you would have to attempt to decode the whole drive.

They also do not require and special software to work, which is why we looked at using them for a secure storage medium for a customer.

Google istorage disk genie

Pretty sure it was one of those

Not sure if they go up to the capacity that you want, and they are slightly expensive.

But if you are open to the option it is there :)

  • 0
Grand Master

+BudMan MVC

Posted
  • MVC
Posted

So this external disk sits where? In your house? Do you move around with your backup where you might loose it?

If you don't move about with the disk, you have physical security of the device - who in the house that also has physical access to the device are you worried about seeing the files?

I bring up these topic because in all honesty its rare that files actually warrant encryption - yeah its cool! Yeah you should secure your files, but the issue is more often than not encryption secures them from the owner of the files more times than securing them from unauthorized access ;)

If you have some sensitive work files - sure by all means put them in an encrypted volume. But do your other files warrant encryption, keep in mind that if something goes wrong, you forget your password, loose the encryption key file, etc.. You have no loss access to these files as well.

You mention they are backups - in the same house I assume, so the originals are encrypted? Kind of pointless to have files encrypted in the back, next to the originals - if the originals are not encrypted.

What encryption do you use for the originals - why not use the same for your backup?

Look around even just the threads on neowin, you get people jumping on the encryption band wagon because well it's cool ;) Next thing you know - how do I access my files, I used EFS and then reinstalled my OS - but didn't bother to read all the details and never backed up my encryption keys. Now I am F_cked!!! ;)

Here is a basic question before use of encryption -- would you rather loose the files, then someone access them?

  • 0
Community Regular

ingramator

Posted
Posted

So this external disk sits where? In your house? Do you move around with your backup where you might loose it?

If you don't move about with the disk, you have physical security of the device - who in the house that also has physical access to the device are you worried about seeing the files?

I bring up these topic because in all honesty its rare that files actually warrant encryption - yeah its cool! Yeah you should secure your files, but the issue is more often than not encryption secures them from the owner of the files more times than securing them from unauthorized access ;)

If you have some sensitive work files - sure by all means put them in an encrypted volume. But do your other files warrant encryption, keep in mind that if something goes wrong, you forget your password, loose the encryption key file, etc.. You have no loss access to these files as well.

You mention they are backups - in the same house I assume, so the originals are encrypted? Kind of pointless to have files encrypted in the back, next to the originals - if the originals are not encrypted.

What encryption do you use for the originals - why not use the same for your backup?

Look around even just the threads on neowin, you get people jumping on the encryption band wagon because well it's cool ;) Next thing you know - how do I access my files, I used EFS and then reinstalled my OS - but didn't bother to read all the details and never backed up my encryption keys. Now I am F_cked!!! ;)

Here is a basic question before use of encryption -- would you rather loose the files, then someone access them?

100% Correct. Encryption usually just becomes a hindrance to the encryptor for no real reason! If you're on Win 7/8 I suggest Bitlocker for portable drives, its simple and forgiving unlike other encryption sweets that will lock it away forever in the event of a software issue!

  • 0
Apprentice

jimbb

Posted
  • Author
Posted

Teebor - thanks. that drive is pretty nice. expensive but the numberpad is pretty cool.

+BadMan -

very informative post. your are right, encrypting all the files is overboard. the only files that require encrypting are the work files.

the other personal files (pics, videos and other random data) will be remaining in the house at all times. I dont encrypt them at all currenlty i just password protect access to my pc. I intend to move the majority to the external drive.

Work Files - will encrypt them with truecrypt

Other Files - encryption not needed but would like to password protect access. Anything free you could rcmd that does this?

Paid ones that seem to do the job are - IObit and Folder Lock...

ingramator - bitlocker looks great but seems to be only for the ultimate version of windows....

thanks again

  • 0
Grand Master

+Xinok Subscriber²

Posted
  • Subscriber²
Posted

If somebody breaks into your home and steals your laptop or external disk, they're probably looking to sell it off to somebody. Whomever they sell it to may be involved in identity theft and know how to extract information from a disk. There's a real market for this and people with the motive and expertise to do so.

So you could painstakingly pick your system apart, putting sensitive files into an encrypted container. Then you have to deal with the inconvenience of mounting that container each time you need to access one of those files and wiping all free space each time to ensure nothing leaks out onto the hard disk unencrypted, such as through a temporary file or the paging file.

... or you could encrypt the entire disk, only typing in your password once at each boot, and be rest assured your information is secure. This is why full-disk encryption makes sense, it minimizes the chance of any information being stored unencrypted.

I prefer TrueCrypt over Bitlocker because it's multi-platform, so I can mount any volume from a Linux LiveCD to gain access to my files, should things ever go kaput.

@BudMan: The difference between myself and the average person, I know what I'm doing! As for EFS, I think the implementation is wrong for the average user. A TrueCrypt container is portable; it can be decrypted using the same password on any system. If the same was true for EFS, then it would be as simple as setting the same user password to gain access to those files. Unfortunately, a person must know how to backup and restore the user credentials, which isn't very user-friendly.

  • 0
Grand Master

+BudMan MVC

Posted
  • MVC
Posted

Your point of identity theft is a valid one for sure. But I am curious what is on that computer that could be used for that means? I only have what is on mine and ones I have access to as examples.

I don't store my SS# on my PC, nor any sort of account numbers to banks etc. If they broke into my home - they would have mail laying around with my full name in plain site, along with most bills and account statements have your account number on them. These are not encrypted and could be very easily stolen and used for that purpose. If their goal is identity theft - my hard copy tax returns are sitting there in file cabinet right next to computer. Much easier to just grab those I would think if that is the goal.

If a someone stole my PC they would have access to pictures and videos of my grand daughter, family trips and gatherings. They could view my browser history and find out I like to visit neowin and reddit, etc. All passwords to sites are encrypted via lastpass - so they wont have any of those to access any accounts or email to be used in the theft of my identity.

If that was their goal - they might be better off infecting my machine with something and leaving it there for me to use and then send them my passwords, etc.

With encryption you add risk, the stuff your encrypting should warrant the extra risk. If it does then more power to you - there are great tools out there to accomplish it. TrueCrypt being one of them, great product. You could use bitlocker as well very easy to use.

But I am not going to encrypt the TBs of home video for one - because for one the loss of said data well surpasses any loss if stolen for sure if something went wrong with encryption. Kind of pointless to encrypt the original and not the backup, so what happens if something goes wrong with my encryption - I loose the key, forget the password?

I can see your point of whole disk encryption makes it easy not to have to worry about what warrants encryption and what doesn't or what might not be encrypted that should be, etc. And yes its a valid point - Then again your going a bit over the top to be honest if your thinking not doing so you should have to secure wipe your free space just in case your machine gets stolen and some Chinese hacker gets the disk and pulls up some info they can use to steal your ident.

But I think we both agree - encryption is not something to play without fully understanding what your doing, or yes the normal user could quite easy secure themselves out of their own files ;)

I am more worried about billy encrypting his home video and pictures and then loosing them vs the "possible" breaking to his home and someone stealing his ident because there is some privacy information on the machine.

  • 0
Grand Master

+Xinok Subscriber²

Posted
  • Subscriber²
Posted

Your point of identity theft is a valid one for sure. But I am curious what is on that computer that could be used for that means? I only have what is on mine and ones I have access to as examples.

I'd be curious to see what information I could pull off your hard disk. Even in private browsing mode, your web browser still writes cache files to the disk (I should write an article proving this - I tested it in a virtual machine once). Even if you manage to secure all your sensitive files (there's bound to be a few things you missed), there's very likely sensitive information in the free space between files. When you move a file into an encrypted container, do you shred it afterwards?

Simply put, full disk encryption is the most fail-safe solution there is. It's practically guaranteed (I'm choosing my words carefully) that your information is secure should the physical medium ever be stolen.

I don't store my SS# on my PC, nor any sort of account numbers to banks etc. If they broke into my home - they would have mail laying around with my full name in plain site, along with most bills and account statements have your account number on them. These are not encrypted and could be very easily stolen and used for that purpose. If their goal is identity theft - my hard copy tax returns are sitting there in file cabinet right next to computer. Much easier to just grab those I would think if that is the goal.

Neither do I. Any sensitive information of that nature, I'll store encrypted. But it's simply too likely that the OS or software will leak the information; most developers don't think about these things or don't understand. Suppose you scanned some documents with sensitive information and saved them as image files to an encrypted container, then your image viewer stores thumbnails of those documents somewhere. Heck, even some PDF/document readers store thumbnails.

If a someone stole my PC they would have access to pictures and videos of my grand daughter, family trips and gatherings. They could view my browser history and find out I like to visit neowin and reddit, etc. All passwords to sites are encrypted via lastpass - so they wont have any of those to access any accounts or email to be used in the theft of my identity.

Unless you logout of all of those websites every time, valid cookies could still exist somewhere in the free space on your disk.

With encryption you add risk, the stuff your encrypting should warrant the extra risk. If it does then more power to you - there are great tools out there to accomplish it. TrueCrypt being one of them, great product. You could use bitlocker as well very easy to use.

In an encrypted volume, the most vulnerable part is the header where the keys are stored. Keep a backup of those (email them to yourself) and your files are no more at risk than without encryption.

But I am not going to encrypt the TBs of home video for one - because for one the loss of said data well surpasses any loss if stolen for sure if something went wrong with encryption. Kind of pointless to encrypt the original and not the backup, so what happens if something goes wrong with my encryption - I loose the key, forget the password?

I guess it's a matter of risk assessment here. But if somebody steals my laptop or hard disk, I don't want them gaining insight on my life. It happens that criminals will rob the same place twice, and the more they learn about you, the easier it is for them. And even if the person has no malicious intent and digs into my life for their own amusement, I still don't care for them to look through all my personal photos and videos.

I can see your point of whole disk encryption makes it easy not to have to worry about what warrants encryption and what doesn't or what might not be encrypted that should be, etc. And yes its a valid point - Then again your going a bit over the top to be honest if your thinking not doing so you should have to secure wipe your free space just in case your machine gets stolen and some Chinese hacker gets the disk and pulls up some info they can use to steal your ident.

And therein lies the problem - assuming that these abilities are out of reach of common criminals and limited to "chinese hackers." The person who breaks into your house is unlikely to know much about computers. But as I stated before, they could simply sell off the hard disk to others with the skills to do so.

But I think we both agree - encryption is not something to play without fully understanding what your doing, or yes the normal user could quite easy secure themselves out of their own files ;)

I am more worried about billy encrypting his home video and pictures and then loosing them vs the "possible" breaking to his home and someone stealing his ident because there is some privacy information on the machine.

Agreed. :D

  • 0
Grand Master

+BudMan MVC

Posted
  • MVC
Posted

"I don't want them gaining insight on my life."

So you don't have any papers laying around your house, looking at my desk right now and have my retirement and investment account statements right here on my desk. They have exactly how much money I have available to me in cash, etc. Now they don't have any account numbers on them.

But that is sure a lot of insight into my personal life. Way more than some cookies on my machine, sorry.

So here's the thing - what is the point of encrypting my hard drive that is in my secure place!! My home, when yes it happens some one breaks in - all of that other info is just laying around. So now I should burn those after I have read them, or place them in my wall safe (which could be stolen too)

Comes down to what is more risky - you loosing all your data because you messed up your encryption, or someone breaking into your house stealing your computers and then giving those to people to steal your identity or break into your bank account?? I personally am not that worried about someone breaking into my home and stealing my computer to glean this info. But what I am worried about is billy who is not bright enough to even backup the pictures of his son's first birthday encrypting said pictures because someone might break into his home and steal his cookies and forgetting his password! And then wondering why he can not just brute force that AES 256 encryption he chose to use because he wanted it secure ;)

For starters - pretty sure if my house was broken into I would be calling the banks, etc. Just because my account statements are there to lock down those accounts. And because I am not stupid, would be changing my passwords, etc. If my computers are stolen.

So question for you - every piece of data you store in your house is encrypted? So what about your tablets? You do any surfing on your tablets? Are they encrypted? Your phone? These are devices that you take out of your home, and you could just forget at bar, or in your car that gets parked in bad area, or valet leaves unlocked. Are all these devices encrypted?

Don't get me wrong, encryption can be very useful when your devices are not physically secure, taken out of secure location. Passwords, personal info sure they should not be stored in plain text files on your desktop, etc. But to be honest if you are "really" worried about someone breaking into your home, and reading your cookies to gain access into your accounts.. You might want to check the size on your tin foil hat, it might be getting a bit snug. And I am curious to what level you have taken to secure the other info just laying around your house like your gas and electric bills, your bank statements, insurance papers.. Your wallet with all your CC and IDs in them - do you lock them in the safe every night in case someone breaks in?

  • 0
Apprentice

jimbb

Posted
  • Author
Posted

some useful posts guys thanks.

im still looking for a basic password folder lock for the folders on the external drive that dont require encryption (about 1TB+ in size).

So far the best freeware software ive seen is:

Wise Folder Hider - www.wisecleaner.com/wisefolderhider.html

Has anyone here used it? and any other freeware apps out their you guys can recommend?

thanks again

This topic is now closed to further replies.
 Share
Go to question listing

  • Recently Browsing   0 members

    • No registered users viewing this page.

  • Posts

    • New PowerToys update fixes memory leaks and other issues

      By Dutchie64 · Posted

      Yup, that's a doozy right there 😄
    • New PowerToys update fixes memory leaks and other issues

      By Dutchie64 · Posted

      It's a bundle of tools created by a variety of people, so things can go wrong sometimes. It's a great addition to Windows, and I use a lot of the tools on a daily basis. Also, it's still a 0.**** release so quick updates are to be expected 😉
    • Why Delta Chat is the best decentralized messenger you have probably never tried

      By Nas · Posted

      Oh, I did. And it's even worse than I was hoping! Besides a lot of techno-babble jargon (yes I understand 100% of it but it's still all just techno-babble) there's 2 key points that make me super-weary about even considering testing this out. -- By default, after installation, a relay is automatically set up, so you do not need to care about that. * Non-chatmail apps use email servers as a long-term message archive while chatmail clients use email servers for ephemeral instant message relay. * Supporting the full variety of classic email setups would require considerable development and maintenance efforts, and complicate making chatmail-based messaging more resilient, reliable and fast. -- Basically, the end-user device is the 'server' (relay) so there is NO ARCHIVING whatsoever because every message is necessarily ephemeral. Great for techno-paranoia (and for illicit activities preferring no tracks to cover) but terrible for everybody else. It's also ironically contradictory to engineering principles of redundancies besides the transport layers due to the explicit absence of any persistent storage. Instead of 'classic email address' retaining multi-GB messaging archives on its server, now every device must retain 100% of those storage demands. (Email messages were originally meant to be short correspondences, not the multi-MB attachments boondoggle that now exists with unlimited spam engines flooding every potential recipient.) Any device swap or reset (or loss) makes the entire message history go bye-bye forever... lest there's an off-device auto-archival "relay" mechanism that's really a separate server that holds onto all transported messages (an email server) that utilizes 'chatmail email address' identities (like an email server) and its own persistent storage archive (like an email server). But... this solution is hoping to exist alongside real-world email address identities (based on the email server relay pathway) but simply render messages in chat thread format in an ephemeral manner (with contents being encrypted, and messages auto-expiring) ... In the end, it's a chat app/experience for the Web3/P2P-at-all-costs zealots. (I have accts on all sorts of federated web3 services so I understand the technical and non-technical alike.) For any practical users, however, it's just another service to download/install, register, cross-share id cards/qr codes, but know that there's no history/archive whatsoever (by design) so no account/message recovery whatsoever... update the device, install a bummed update patch, or dare upgrade your device... all history, poof, gone. Ya gotta start everything over again like they're a brand new person.
    • You've tried DuckDuckGo and Brave Search, now get serious with SearXNG

      By zikalify · Posted

      You've tried DuckDuckGo and Brave Search, now get serious with SearXNG by Paul Hill Over the last decade, it has become quite trendy to dump Google Search in favor of privacy-preserving alternatives such as DuckDuckGo, Startpage, and Brave Search. These search engines have done a very good job at highlighting dodgy practices by Google, such as adjusting search results based on what it thinks you’ll like (filter bubble) and stalking you around the web to advertise to you. While these search engines are good starting points when compared to non-private services like Google, there are still quite a few issues with them. For example, both DuckDuckGo and Brave Search require running non-free JavaScript in your web browser, which is comparable to running proprietary software on your computer, meaning you can be sure about what it’s actually doing in the background. Another issue is that these search engines are hosted on the respective companies’ servers, and you are using a service that you don’t control. Finally, DuckDuckGo, while offering privacy features, relies heavily on Microsoft’s infrastructure for its results and, in the past, has permitted Microsoft tracking scripts. If you are looking for a more private search solution than DuckDuckGo, Brave Search, and Startpage, then I recommend taking a look at SearXNG. It is a privacy-respecting metasearch engine that can be used via different public instances, which is useful for mobile users, or you can install it on your computer or server and run it locally with maximum control. Unlike Google, Bing, or Brave Search, which crawl the web and have their own search indexes, SearXNG is a metasearch engine, meaning it taps other search engines, stripping your identifying data, such as IP address, user agent, and cookies, in the process. Your search query is sent to the other search engines you enable before aggregating the results. SearXNG has deployment flexibility. If you are a casual user or a mobile user and don’t want to run SearXNG locally, you can use a public instance that is hosted by someone else. The main problem with this is that you are putting trust in the maintainer of the instance regarding stuff like logs that they may keep; good hosts should have a privacy policy explaining their policies. If you are trying to use SearXNG, you can also install the software on your device and then head to 127.0.0.1:8080 in your browser and search from there. While you don’t have to worry about a third-party admin like the public instances, search engines could ultimately block your IP address if they frown on you pulling in their search results locally. If you want to run it locally, it’s a good idea to use proxies or VPNs to hide your actual IP. You don’t have to worry about this with a public instance, as search engines never see your IP address. The main privacy benefit of using SearXNG is that it isolates your identity from the underlying engines that it’s capable of searching, such as Google and Bing. These search engines will only see requests coming from a generic server, so they can’t profile you and create a bubble filter that influences what results you see. This also ensures that your search engine doesn’t turn into an echo chamber that prevents you from reading alternative points of view. As a free software project, you are allowed to inspect SearXNG to make sure there are no negative features bundled inside. This sets it apart from the privacy search engines mentioned earlier because you can’t check their source code. As a meta search engine, you are not restricted to getting results from one source. Due to the fact that it scrapes content from other websites, your SearXNG instance will periodically get blocked from different providers, so it’s good to select a range of sources as a backup. While enabling all of the services will give you great results, this can make searching slower. I am personally happy with slower searches for the best results, but you can always check which providers are slowing down your search from the search results page and disable them to speed things up. If you want decent results quickly, enable the main search providers such as Google, Brave, DuckDuckGo, Qwant, Bing, and Yahoo. This way, you get wide coverage without the latency. On the Engines tab in Preferences, do note that there are different tabs, such as General, Images, and Videos, with their own providers that can be toggled and are not covered by "Enable all" while on the General tab, so be sure to dig into each. Just a note, if you want to enable everything, press "Enable all" in one tab, then hit save at the bottom of the page, then do the next tab, and so on. If you press "Enable all", then do that in each tab, and then save, nothing will stick. When I had just some of the search engines enabled, I searched “define nefarious” and results came back with the definition of “define” - obviously that was a sucky result. However, when I had everything enabled, it found dictionary pages for the word “nefarious” and even had an inline definition on the sidebar, which is quite nice too - that was delivered by WolframAlpha for anyone wondering! Probably the worst thing about this meta search engine is that the engines you select are saved with a cookie, so you must enable them on every new device you use SearXNG on, including if you decide to go into incognito mode with your web browser. Honestly, I would say this is the most annoying aspect, and perhaps if your browser lets you choose a separate private browsing search engine, then it would be best to use DuckDuckGo for this portion of your browsing. Another weakness of SearXNG is the random blocking of it by search providers. When you are on the results page, expand the “Response time” box, and it will show things like “Suspended: too many requests” or “access denied”. This is why it is good to enable several providers so that there is always a fallback to get results from. I won’t pretend SearXNG will be for everyone, however, if you enable all of the providers and put up with the slower response time, the results can be really amazing. Even if you don’t want to use it as your daily driver, keeping a bookmark handy that links to it is a good idea if you ever feel like doing a deep dive into a niche topic where other search engines are just failing to bring up any good result, due to the amount of sources it looks on. If you’re interested in radical user control over the software you use, installing SearXNG locally can also be a good idea, but be prepared to be temporarily blocked from sites if you trigger bot sensors without a VPN. Personally, I’ve opted to use a public instance, rather than install it myself. If you want to use it via a public instance, head over to searx.space to find a provider. Let us know in the comments if you have used SearXNG or its predecessor, Searx. What do you think about the quality of the results?
    • Windows 11 is getting redesigned taskbar settings in new build

      By Captain_Eric · Posted

      Dear Neowin, If it is not too much trouble, can you start using the new-ish designations for Insider Preview? "Experimental" is different than "former Dev" as it can apply to different models, eg 26H1 or 26H2 etc, right? No need to seed confusion IMHO. And, please "finally" update your graphics. OK?

  • Recent Achievements

    • Week One Done
      flexorcist earned a badge
      Week One Done
    • One Month Later
      Woland13 earned a badge
      One Month Later
    • Week One Done
      Woland13 earned a badge
      Week One Done
    • One Year In
      bernmeister earned a badge
      One Year In
    • Week One Done
      Scoobystu earned a badge
      Week One Done

  • Popular Contributors

    1. 1
      +primortal
      503
    2. 2
      +Edouard
      226
    3. 3
      PsYcHoKiLLa
      158
    4. 4
      Steven P.
      75
    5. 5
      FloatingFatMan
      71
    Show More

  • Tell a friend

    Love Neowin? Tell a friend!