• 0

Password Protect External Drive/Folder


Question

Hi guys,

Does anyone know of any good programs (ideally freeware) that can password protect an external drive (3TB) or 2.5TB folder within the drive?

I have read lots of good things about truecrypt but I am worried it will be too slow; i havent read any reviews of people encrypting over 1TB of data. Has anyone here used it for 3TB worth of data? any impact on drive speeds?

I have als read good things about a paid app called Folder Lock, but again not sure on the speeds.

Thanks the help

Link to comment
Share on other sites

18 answers to this question

Recommended Posts

  • 0

TrueCrypt. I've got two external 3TB drives, one uses TrueCrypt to encrypt the whole drive, the other has a 2TB TrueCrypt container on it. I get ~95MB/s over USB 3.0 while writing to them and haven't had any other speed issues.

Link to comment
Share on other sites

  • 0

are you sure TrueCrypt cannot be broken through disk management by changing the letterpath? because that's what usually happens to easily access a password protected hard drive!

I think the key here is by only just giving it file access permissions read, write execute etc...

Link to comment
Share on other sites

  • 0

ok true crypt sounds like the best option then.

is their any other freeware option available? doesnt necessarily have to be as advanced as true crypt...

Its a large mixture of files - work files, music, videos etc. im making a backup of all my personal files basically

Link to comment
Share on other sites

  • 0

ya true only the work files need encryption. the other doent actually need encryption but would like to password protect it at least.

can truecrypt password protect files only?

Link to comment
Share on other sites

  • 0

is their any other freeware option available? doesnt necessarily have to be as advanced as true crypt...

It might seem a little overwhelming at first with all the options, but the step-by-step help they give is pretty good if you get stuck. I'd use TC over anything else that's free to protect my data... if I were so inclined. :shiftyninja:

Link to comment
Share on other sites

  • 0

I can't find a link at the moment but if you have a look around there are some really neat external HDD that I've used which have a built in keypad. You use the keypad to enable access to the drives and without the code you can't get in. There is a master code however using it wipes the drive.

Also if you remove the drive from the caddy you cannot access the data as it is encoded in hardware so you would have to attempt to decode the whole drive.

They also do not require and special software to work, which is why we looked at using them for a secure storage medium for a customer.

Google istorage disk genie

Pretty sure it was one of those

Not sure if they go up to the capacity that you want, and they are slightly expensive.

But if you are open to the option it is there :)

Link to comment
Share on other sites

  • 0

So this external disk sits where? In your house? Do you move around with your backup where you might loose it?

If you don't move about with the disk, you have physical security of the device - who in the house that also has physical access to the device are you worried about seeing the files?

I bring up these topic because in all honesty its rare that files actually warrant encryption - yeah its cool! Yeah you should secure your files, but the issue is more often than not encryption secures them from the owner of the files more times than securing them from unauthorized access ;)

If you have some sensitive work files - sure by all means put them in an encrypted volume. But do your other files warrant encryption, keep in mind that if something goes wrong, you forget your password, loose the encryption key file, etc.. You have no loss access to these files as well.

You mention they are backups - in the same house I assume, so the originals are encrypted? Kind of pointless to have files encrypted in the back, next to the originals - if the originals are not encrypted.

What encryption do you use for the originals - why not use the same for your backup?

Look around even just the threads on neowin, you get people jumping on the encryption band wagon because well it's cool ;) Next thing you know - how do I access my files, I used EFS and then reinstalled my OS - but didn't bother to read all the details and never backed up my encryption keys. Now I am F_cked!!! ;)

Here is a basic question before use of encryption -- would you rather loose the files, then someone access them?

Link to comment
Share on other sites

  • 0

So this external disk sits where? In your house? Do you move around with your backup where you might loose it?

If you don't move about with the disk, you have physical security of the device - who in the house that also has physical access to the device are you worried about seeing the files?

I bring up these topic because in all honesty its rare that files actually warrant encryption - yeah its cool! Yeah you should secure your files, but the issue is more often than not encryption secures them from the owner of the files more times than securing them from unauthorized access ;)

If you have some sensitive work files - sure by all means put them in an encrypted volume. But do your other files warrant encryption, keep in mind that if something goes wrong, you forget your password, loose the encryption key file, etc.. You have no loss access to these files as well.

You mention they are backups - in the same house I assume, so the originals are encrypted? Kind of pointless to have files encrypted in the back, next to the originals - if the originals are not encrypted.

What encryption do you use for the originals - why not use the same for your backup?

Look around even just the threads on neowin, you get people jumping on the encryption band wagon because well it's cool ;) Next thing you know - how do I access my files, I used EFS and then reinstalled my OS - but didn't bother to read all the details and never backed up my encryption keys. Now I am F_cked!!! ;)

Here is a basic question before use of encryption -- would you rather loose the files, then someone access them?

100% Correct. Encryption usually just becomes a hindrance to the encryptor for no real reason! If you're on Win 7/8 I suggest Bitlocker for portable drives, its simple and forgiving unlike other encryption sweets that will lock it away forever in the event of a software issue!

Link to comment
Share on other sites

  • 0

Teebor - thanks. that drive is pretty nice. expensive but the numberpad is pretty cool.

+BadMan -

very informative post. your are right, encrypting all the files is overboard. the only files that require encrypting are the work files.

the other personal files (pics, videos and other random data) will be remaining in the house at all times. I dont encrypt them at all currenlty i just password protect access to my pc. I intend to move the majority to the external drive.

Work Files - will encrypt them with truecrypt

Other Files - encryption not needed but would like to password protect access. Anything free you could rcmd that does this?

Paid ones that seem to do the job are - IObit and Folder Lock...

ingramator - bitlocker looks great but seems to be only for the ultimate version of windows....

thanks again

Link to comment
Share on other sites

  • 0

If somebody breaks into your home and steals your laptop or external disk, they're probably looking to sell it off to somebody. Whomever they sell it to may be involved in identity theft and know how to extract information from a disk. There's a real market for this and people with the motive and expertise to do so.

So you could painstakingly pick your system apart, putting sensitive files into an encrypted container. Then you have to deal with the inconvenience of mounting that container each time you need to access one of those files and wiping all free space each time to ensure nothing leaks out onto the hard disk unencrypted, such as through a temporary file or the paging file.

... or you could encrypt the entire disk, only typing in your password once at each boot, and be rest assured your information is secure. This is why full-disk encryption makes sense, it minimizes the chance of any information being stored unencrypted.

I prefer TrueCrypt over Bitlocker because it's multi-platform, so I can mount any volume from a Linux LiveCD to gain access to my files, should things ever go kaput.

@BudMan: The difference between myself and the average person, I know what I'm doing! As for EFS, I think the implementation is wrong for the average user. A TrueCrypt container is portable; it can be decrypted using the same password on any system. If the same was true for EFS, then it would be as simple as setting the same user password to gain access to those files. Unfortunately, a person must know how to backup and restore the user credentials, which isn't very user-friendly.

Link to comment
Share on other sites

  • 0

Your point of identity theft is a valid one for sure. But I am curious what is on that computer that could be used for that means? I only have what is on mine and ones I have access to as examples.

I don't store my SS# on my PC, nor any sort of account numbers to banks etc. If they broke into my home - they would have mail laying around with my full name in plain site, along with most bills and account statements have your account number on them. These are not encrypted and could be very easily stolen and used for that purpose. If their goal is identity theft - my hard copy tax returns are sitting there in file cabinet right next to computer. Much easier to just grab those I would think if that is the goal.

If a someone stole my PC they would have access to pictures and videos of my grand daughter, family trips and gatherings. They could view my browser history and find out I like to visit neowin and reddit, etc. All passwords to sites are encrypted via lastpass - so they wont have any of those to access any accounts or email to be used in the theft of my identity.

If that was their goal - they might be better off infecting my machine with something and leaving it there for me to use and then send them my passwords, etc.

With encryption you add risk, the stuff your encrypting should warrant the extra risk. If it does then more power to you - there are great tools out there to accomplish it. TrueCrypt being one of them, great product. You could use bitlocker as well very easy to use.

But I am not going to encrypt the TBs of home video for one - because for one the loss of said data well surpasses any loss if stolen for sure if something went wrong with encryption. Kind of pointless to encrypt the original and not the backup, so what happens if something goes wrong with my encryption - I loose the key, forget the password?

I can see your point of whole disk encryption makes it easy not to have to worry about what warrants encryption and what doesn't or what might not be encrypted that should be, etc. And yes its a valid point - Then again your going a bit over the top to be honest if your thinking not doing so you should have to secure wipe your free space just in case your machine gets stolen and some Chinese hacker gets the disk and pulls up some info they can use to steal your ident.

But I think we both agree - encryption is not something to play without fully understanding what your doing, or yes the normal user could quite easy secure themselves out of their own files ;)

I am more worried about billy encrypting his home video and pictures and then loosing them vs the "possible" breaking to his home and someone stealing his ident because there is some privacy information on the machine.

Link to comment
Share on other sites

  • 0

Your point of identity theft is a valid one for sure. But I am curious what is on that computer that could be used for that means? I only have what is on mine and ones I have access to as examples.

I'd be curious to see what information I could pull off your hard disk. Even in private browsing mode, your web browser still writes cache files to the disk (I should write an article proving this - I tested it in a virtual machine once). Even if you manage to secure all your sensitive files (there's bound to be a few things you missed), there's very likely sensitive information in the free space between files. When you move a file into an encrypted container, do you shred it afterwards?

Simply put, full disk encryption is the most fail-safe solution there is. It's practically guaranteed (I'm choosing my words carefully) that your information is secure should the physical medium ever be stolen.

I don't store my SS# on my PC, nor any sort of account numbers to banks etc. If they broke into my home - they would have mail laying around with my full name in plain site, along with most bills and account statements have your account number on them. These are not encrypted and could be very easily stolen and used for that purpose. If their goal is identity theft - my hard copy tax returns are sitting there in file cabinet right next to computer. Much easier to just grab those I would think if that is the goal.

Neither do I. Any sensitive information of that nature, I'll store encrypted. But it's simply too likely that the OS or software will leak the information; most developers don't think about these things or don't understand. Suppose you scanned some documents with sensitive information and saved them as image files to an encrypted container, then your image viewer stores thumbnails of those documents somewhere. Heck, even some PDF/document readers store thumbnails.

If a someone stole my PC they would have access to pictures and videos of my grand daughter, family trips and gatherings. They could view my browser history and find out I like to visit neowin and reddit, etc. All passwords to sites are encrypted via lastpass - so they wont have any of those to access any accounts or email to be used in the theft of my identity.

Unless you logout of all of those websites every time, valid cookies could still exist somewhere in the free space on your disk.

With encryption you add risk, the stuff your encrypting should warrant the extra risk. If it does then more power to you - there are great tools out there to accomplish it. TrueCrypt being one of them, great product. You could use bitlocker as well very easy to use.

In an encrypted volume, the most vulnerable part is the header where the keys are stored. Keep a backup of those (email them to yourself) and your files are no more at risk than without encryption.

But I am not going to encrypt the TBs of home video for one - because for one the loss of said data well surpasses any loss if stolen for sure if something went wrong with encryption. Kind of pointless to encrypt the original and not the backup, so what happens if something goes wrong with my encryption - I loose the key, forget the password?

I guess it's a matter of risk assessment here. But if somebody steals my laptop or hard disk, I don't want them gaining insight on my life. It happens that criminals will rob the same place twice, and the more they learn about you, the easier it is for them. And even if the person has no malicious intent and digs into my life for their own amusement, I still don't care for them to look through all my personal photos and videos.

I can see your point of whole disk encryption makes it easy not to have to worry about what warrants encryption and what doesn't or what might not be encrypted that should be, etc. And yes its a valid point - Then again your going a bit over the top to be honest if your thinking not doing so you should have to secure wipe your free space just in case your machine gets stolen and some Chinese hacker gets the disk and pulls up some info they can use to steal your ident.

And therein lies the problem - assuming that these abilities are out of reach of common criminals and limited to "chinese hackers." The person who breaks into your house is unlikely to know much about computers. But as I stated before, they could simply sell off the hard disk to others with the skills to do so.

But I think we both agree - encryption is not something to play without fully understanding what your doing, or yes the normal user could quite easy secure themselves out of their own files ;)

I am more worried about billy encrypting his home video and pictures and then loosing them vs the "possible" breaking to his home and someone stealing his ident because there is some privacy information on the machine.

Agreed. :D

Link to comment
Share on other sites

  • 0

"I don't want them gaining insight on my life."

So you don't have any papers laying around your house, looking at my desk right now and have my retirement and investment account statements right here on my desk. They have exactly how much money I have available to me in cash, etc. Now they don't have any account numbers on them.

But that is sure a lot of insight into my personal life. Way more than some cookies on my machine, sorry.

So here's the thing - what is the point of encrypting my hard drive that is in my secure place!! My home, when yes it happens some one breaks in - all of that other info is just laying around. So now I should burn those after I have read them, or place them in my wall safe (which could be stolen too)

Comes down to what is more risky - you loosing all your data because you messed up your encryption, or someone breaking into your house stealing your computers and then giving those to people to steal your identity or break into your bank account?? I personally am not that worried about someone breaking into my home and stealing my computer to glean this info. But what I am worried about is billy who is not bright enough to even backup the pictures of his son's first birthday encrypting said pictures because someone might break into his home and steal his cookies and forgetting his password! And then wondering why he can not just brute force that AES 256 encryption he chose to use because he wanted it secure ;)

For starters - pretty sure if my house was broken into I would be calling the banks, etc. Just because my account statements are there to lock down those accounts. And because I am not stupid, would be changing my passwords, etc. If my computers are stolen.

So question for you - every piece of data you store in your house is encrypted? So what about your tablets? You do any surfing on your tablets? Are they encrypted? Your phone? These are devices that you take out of your home, and you could just forget at bar, or in your car that gets parked in bad area, or valet leaves unlocked. Are all these devices encrypted?

Don't get me wrong, encryption can be very useful when your devices are not physically secure, taken out of secure location. Passwords, personal info sure they should not be stored in plain text files on your desktop, etc. But to be honest if you are "really" worried about someone breaking into your home, and reading your cookies to gain access into your accounts.. You might want to check the size on your tin foil hat, it might be getting a bit snug. And I am curious to what level you have taken to secure the other info just laying around your house like your gas and electric bills, your bank statements, insurance papers.. Your wallet with all your CC and IDs in them - do you lock them in the safe every night in case someone breaks in?

Link to comment
Share on other sites

  • 0

some useful posts guys thanks.

im still looking for a basic password folder lock for the folders on the external drive that dont require encryption (about 1TB+ in size).

So far the best freeware software ive seen is:

Wise Folder Hider - www.wisecleaner.com/wisefolderhider.html

Has anyone here used it? and any other freeware apps out their you guys can recommend?

thanks again

Link to comment
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.