Beginner's Guide To Encryption: What It Is And How To Set It Up

[Turk]

Author: Whitson Gordon Posted Today 7:00 AM

Keep on hearing about encryption but still not sure what it involves? Heres a basic introductionto encryption, when you should use it, and how to set it up.

What Is Encryption?

Encryption is a method of protecting data from people you dont want to see it. For example, when you use your credit card on Amazon, your computer encrypts that information so that others cant steal your personal data as it is being transferred. Similarly, if you have a file on your computer you want to keep secret only for yourself, you can encrypt it so that no one can open that file without the password. Its useful for everything from sending sensitive information to securing your email, keeping your cloud storage safe, and even hiding your entire operating system.

Encryption, at its core, is similar to those decoder rings you played with when you were younger. You have a message, you encode it using a secret cipher, and only other people with the cipher can read it. Anyone else just sees gibberish. Obviously, this is an incredibly simplified explanation. The encryption in your computer is far more complex and there are different types of encryption that use multiple decoder rings but thats the basic idea.

There are also different levels of security when it comes to encryption. Some types, for example, are more secure but take longer to decode. Few, if any, encryption methods are 100 per cent foolproof. If you want a more detailed explainer on how encryption works, check out this article from the How-To Geek and this article from HowStuffWorks. They explain a few different kinds of encryption and how they keep you safe online.

Should I Encrypt My Files?

The short answer: yes. Things can be stolen even if you dont share your computer. All someone needs is a few minutes in front of the keyboard to retrieve anything they want. A login password wont protect you, either breaking into a password-protected computer is insanely easy.

So should you encrypt your sensitive files? Yes. But theres a bit more to it than that. You have two big choices when it comes to encryption: do you just encrypt the important files , or do you encrypt your entire drive? Each has pros and cons:

◾ Encrypting a select group of files such as the ones that contain personal information keeps them safe without any extra complications. However, if someone had access to your computer, they could still break into it and view any non-encrypted files, access your browser, install malware, and so on.

◾ Encrypting your entire drive makes it difficult for anyone to access any of your data or even boot up your computer without your password. However, if you experience any corruption on your drive, its much less likely that youll be able to retrieve that data.

We generally recommend against average users encrypting their entire drive. Unless you have sensitive files all over your computer, or have other reasons for encrypting the entire thing, its easier to encrypt the sensitive files and call it a day. Full disk encryption is more secure, but can also much more problematic if you dont put in the work to keep everything backed up safely (and then encrypt those backups as well).

That said, well show you how to do both in this guide. Well talk a bit more about each situation in their individual sections below.

How To Encrypt Individual Files Or Folders With TrueCrypt

If you need to keep just a few files safe from prying eyes, you can encrypt them with the free, open-source, cross-platform TrueCrypt. These steps should work on Windows, Mac and Linux. Note that if youre encrypting files to send them over the internet, you can also use this previously mentioned 7-Zip method.

Creating a TrueCrypt volume for your files is very easy just follow TrueCrypts step-by-step wizard. Heres an overview of what it entails:

1. Start TrueCrypt and click the Create Volume button.

2. On the first screen of the wizard, select Create an encrypted file container.

3. On the next screen, choose Standard TrueCrypt Volume. If you want to create a hidden volume (to further obscure your data), read more about how it works here. We wont cover it in this tutorial.

4. On the Volume Location screen, click the Select File button and navigate to the folder in which you want to store your encrypted files. Do not select an existing file as this will delete it instead, navigate to the folder, type the desired name of your encrypted volume in the File Name box, and click Save. Well add files to this TrueCrypt volume later.

5. Choose your encryption algorithm on the next screen. AES should be fine for most users

6. Choose the size of your volume. Make sure it has enough space to fit all your files, and any files you may want to add to it later.

7. Choose a password to protect your files. Remember, the stronger your password, the safer your files will be. Make sure you remember your password, because if you lose it, your data will be inaccessible.

8. On the next screen, follow the instructions and move your mouse around randomly for a bit. This will ensure TrueCrypt generates a strong, random key. Then click Next to continue with the wizard.

9. Choose a filesystem for your encrypted volume. If youre storing files over 4GB inside, youll need to choose NTFS. Click Format to create the volume.

To mount your volume, open up TrueCrypt and click the Select File button. Navigate to the file you just created. Then, select an open drive letter from the list and click the Mount button. Type in your password when prompted, and when youre done, your encrypted volume should show up in Windows Explorer, as if it were a separate drive. You can drag files to it, move them around, or delete them just like you would any other folder. When youre done working with it, just head back into TrueCrypt, select it from the list, and click Dismount. Your files should stay safely hidden away.

How To Encrypt Your Entire Hard Drive On Windows With TrueCrypt

The process of encrypting your entire hard drive isnt that different from encrypting individual files and folders (though TrueCrypt can only do this in Windows). Once again, the process is quite simple thanks to TrueCrypts step-by-step wizard. Heres what you need to do:

1. Start TrueCrypt and click the Create Volume button.

2. On the first screen of the wizard, select Encrypt the System Partition or Entire System Drive.

3. On the next screen, choose Normal. If you want to create a hidden operating system (to further obscure your data), read more about how it works here. We wont cover it in this tutorial.

4. Next, choose Encrypt the Whole Drive. This should work for most people, though if you have other partitions on your drive that you dont want encrypted, you may want to choose the first option instead.

5. When asked to encrypt the Host Protected Area, we recommend choosing No, unless you have a specific reason to do this.

6. If you only have one operating system installed on your computer, choose Single-Boot at this next prompt. If you arent sure, youre probably using a single-boot setup. If youre dual booting (say, with Linux or another version of Windows), choose Multi-Boot.

7. Choose your encryption algorithm on the next screen. AES should be fine for most users.

8. Choose a password to protect your files. Remember, the stronger your password, the safer your files will be. Make sure you remember your password, because if you lose it, your computer will be unbootable and your data will be lost.

9. On the next screen, follow the instructions and move your mouse around randomly for a bit. This will ensure TrueCrypt generates a strong, random key. Then click Next to continue with the wizard.

10. Next, select a location for a TrueCrypt Rescue Disk, which will help you save your data if the bootloader, master key, or other important data gets corrupted. Give it a file name and save it.

11. Once youve saved the file (in ISO format), youll have the option to burn it to a CD or DVD. Do this now (using either Windows built-in tools or a program like ImgBurn) before you continue. Click Next when youve finished burning the disc (and keep the disc in a safe place!).

12. Choose a Wipe Mode for your data. None is the fastest, but if you want to ensure that your data is as secure as possible, choose one of the other options (3- or 7-pass is probably fine).

13. Run the System Encryption Pretest on the next screen. Youll need to restart your computer and enter your new TrueCrypt password when prompted.

14. If the test runs successfully, youll see the option to begin encrypting your drive. Let it run it will probably take a while (especially if you have a large drive).

Thats it. From now on, when you start up your computer, youll need to enter your TrueCrypt password before you boot into Windows. Make sure you dont forget your password or lose that recovery disc if you do and something goes wrong, you wont be able to boot into your computer and youll lose all your data.

How To Encrypt Your Entire Hard Drive On OS X With FileVault

OS X has a built-in encryption tool called FileVault, and its incredibly easy to set up. All you need to do is:

1. Head to System Preferences > Security & Privacy > FileVault.

2. Click the lock in the bottom left-hand corner of the window to make changes. Type in your password when prompted.

3. Click the Turn on FileVault button. Copy down your recovery key and store it in a safe place (preferably not on your computer somewhere physically secure like a safe). We dont recommend storing it with Apple.

4. Restart your computer when prompted.

When you boot back up, OS X will begin encrypting your disk, and your computer will probably run a little slowly while it goes. It could take an hour or more, depending on how big your hard drive is.

Alternative Tools

TrueCrypt has long been one of the most popular encryption tools out there, and its one of the easiest to set up. It isnt the only option, however. As we mentioned earlier, 7-Zip is also a great way to encrypt your files, as is BitLocker, which comes with the Pro version of Windows 8 (or the Enterprise and Ultimate versions of Windows 7). Check out our Hive Five on encryption tools for a comparison of some of the more popular alternatives if you want to try them out.

Final Words

As we mentioned at the beginning, encryption is not 100 per cent foolproof, but its better than leaving your files out in the open. Remember what encryption cant do it cant secure your drive if its infected with malware, if you leave it turned on in public spaces, or if youre using a weak password. Even if you put your computer to sleep, its possible an experienced hacker could recover sensitive data from your computers RAM. Dont let encryption lure you into a false sense of security: its just one layer of the security process.

Lastly, remember that this is just a beginners guide to what encryption is and how it works. Theres a lot more beyond basic encryption of files and folders, like transferring encrypted data to your friends, securing your email with PGP, encrypting your Dropbox, or creating a decoy operating system to further obscure your information. Now that you know the very basics, dont be afraid to branch out and learn more about encryption and what you can do to secure your data. Good luck!

Author: Whitson Gordon Posted Today 7:00 AM

Source

[Blackchildcx]

very nice post ;)

Edited January 28, 2014 by Blackchildcx

[Turk]

very nice post ;)

Thanks, here things about JavaScript, too, not sure if really good enough

http://www.nsaneforums.com/topic/203591-learn-web-design-50-of-the-best-online-educational-resources-to-learn-to-build-web-sites/

[Blackchildcx]

Thank you Turk,

link is cool and highly appreciated ..

thanx

Edited January 29, 2014 by Blackchildcx

[anyname]

Why website: http://truecrypt.sourceforge.net/

WARNING: Using TrueCrypt is not secure.

Thanks !

[cybersky]

VeraCrypt is the new Truecrypt. But i dont know if this is more secure than TC.

https://veracrypt.codeplex.com/

Looks like TC but encryption is not compatible with TC.

Edited June 23, 2014 by cybersky