And TrueCrypt makes it not only easy, but nearly un-crackable. TrueCrypt is both open source and FREE.
There are two approaches to using TrueCrypt:
- Whole Drive Encryption - you can use TrueCrypt to encrypt your entire hard disk, including your boot partition. In order to boot the machine, you must first supply your pass phrase to enable decryption. Once booted, data is automatically and transparently encrypted and decrypted as it travels to and from the disk. Once your machine is turned off, the data is unrecoverable without knowing the pass phrase.
- Container Encryption - with this approach you create a single file on your computer's hard drive that is encrypted. You then "mount" that file using TrueCrypt, supplying the correct pass phrase to decrypt it after which the contents of that file appear as another drive on your system. Reading from and writing to that "drive" automatically and transparently decrypts and encrypts the data. Once the drive is unmounted, the data is once again unrecoverable without knowing the pass phrase.
TrueCrypt is both simple and elegant.
Most users prefer container based encryption for its portability, and for the fact that you need only mount the encrypted drive when you need access. You could keep personal information in a TrueCrypt container that could be regularly copied between machines, onto a thumbdrive, and even backed up to the Internet. When you need to access the encrypted data, simply mount it, specify your pass phrase to unlock it, and use the files that are stored within it.
TrueCrypt is not tied to any one platform, your user account or anything else; just the pass phrase. In fact, you can copy your encrypted file to another machine entirely and mount it with TrueCrypt. Even using other operating systems such as Mac or Linux.
Here are a couple of important caveats:
- Encryption does not make a bad pass phrase any more secure. If you choose an obvious pass phrase, an attack can certainly be mounted that could unlock your encrypted volume. This is why we talk about pass phrase instead of password. Use a multi-word phrase that you can remember to be the key to your encrypted data, and it'll be much, much more difficult to break.
- An encrypted volume does you no good if the files you care about are also elsewhere on your machine.
- Make sure you have secure backups, updated regularly. Preferably keep them UNencrypted, but secure in some other way, in case you lose your encrypted volume or forget your pass phrase. If you've chosen a good passphrase, without it the data is not recoverable.
TrueCrypt is FREE open-source disk encryption software for Windows 7/Vista/XP, Mac OS X, and Linux
Data encryption is an important part of an overall security strategy. TrueCrypt can be a key part of that strategy.