I’ve always had my issues with Bitlocker. I love the technology as it gave users the opportunity to finally encrypt their entire hard drive a la Microsoft however, the major problem stemmed from the fact that this feature is only available in the highest edition of Windows Vista and Windows 7! This pretty much left a huge portion of the casual Windows population out in the dark. You could make the argument about whether or not it’s necessary for these “casual” users to need a technology such as full disk encryption but that ultimately in my opinion should be left for the user to decide. If Microsoft talks so much about security and wanting to better protect user PCs, they should have included that feature in the Home Premium edition as well. But hey, why should they listen to me eh? Anyways, the good news is that you don’t have to convince Microsoft to give you that feature. Truecrypt, one of the world’s most popular open source encryption software allows just about anyone to fully encrypt their hard drive so that no one but the owner may access it. It’s completely free and best of all, the encryption strength is military grade so you know you’re not being ripped off here!
*Disclaimer and a Few Notes*
To reiterate, if you’re the type of person who likes to think that something bad can’t happen to you for whatever reason, I’ll have to say that encrypting your data might not be best suited for you. You have to realize that this is not a game. There is a chance that you will lose all your data. Even if you’ve followed all the steps, computers can be very funny sometimes in that it won’t behave as expected and screw something up without any reason. But enough of this, if you think that you’re up to the task, proceed with the following instructions at your own risk. Simple as that.
TrueCrypt to the RescueYou can download TrueCrypt from here.
Using TrueCrypt to encrypt your entire disk is surprisingly easy. I was so amazed with the amount of effort that went into this program. The developers definitely did a good job in making such a complex security tool user friendly. The only keyboard input required of you throughout the entire procedure is your master password. That’s it! The process is entirely wizard driven and every step is clearly defined and explained by the TrueCrypt team. Granted, we are talking about encryption here so there might still be terms you won’t be familiar with. However, the good news is that the default choices usually works best. This tutorial will include many pictures so you should be able to follow along without any problems.
Once you’ve gotten TrueCrypt installed, proceed to the System file dropdown menu at the top and select the “Encrypt System Partition/Drive” option.
Next up, you’ll select the type of encryption to apply. Unless you are James Bond or have documents on your computer that is critical to your country’s national security, it’s a safe bet to select the Normal option. The Hidden feature actually allows you to create a fake or decoy operating system alongside a truly hidden one. TrueCrypt does a good job explaining the details here. To sum it up, if you are forced to decrypt your computer by a bad guy (due to extortion or a gun to your head), you can give them your password for the decoy operating system. If everything is done correctly, they will never know that a hidden operating system partition exists. To load the “real” hidden partition, you supply the actual “secret” password which is of course different than the first one. Again, this feature is overkill for casual users but it does sound pretty awesome right?!
Under the Area to Encrypt window, it’s best to select the “Encrypt the whole drive” option. If you want to just encrypt the partition where Windows resides on, then select the other option. Although I haven’t tried it myself, I’m guessing that other partitions you make in the future (for your data and whatnot) will not be encrypted if you select that first choice.
The next window is particularly important if your computer was purchased from an OEM manufacturer (Dell, HP, Sony, etc). Some of them include a hidden partition that can only be accessed during the boot-up process and includes your system recovery data along with other pieces of information you may need to restore your computer back to its default state. You generally do not want to encrypt this data and here, TrueCrypt is smart enough to give you this option. To be on the safe side, select No here.
Next, you specify whether or not you have more than one operating system installed. Because TrueCrypt will install its own boot loader, it will takeover the one currently in use. Therefore, it’s imperative that you supply the correct answer here. By choosing “Multi-Boot”, TrueCrypt will save your existing bootloader into a safe place. When one day you want to stop using TrueCrypt, you’ll have the option to restore this bootloader so that your system will continue to function as it did prior to the encryption.