How to encrypt a file on a flash drive. How to put a password on a flash drive

These days we constantly deal with information. Thanks to development information technologies, now work, creativity, entertainment have largely become processes for processing or consuming information. And among this huge amount of information, some of the data should not be publicly available. Examples of such information include files and data associated with business activities; private archives.

Some of this data is not intended for the general public simply because “they don’t need to know about it”; and some information is vital.

This article is dedicated to reliable protection of vital important information, as well as any files that you want to protect from access by others, even if your computer or storage media (flash drive, HDD) fell into the hands of unauthorized persons, including those who are technically advanced and have access to powerful computing resources.

Why you shouldn't trust closed-source encryption software

In programs with closed source code“bookmarks” can be introduced (and don’t hope that they are not there!) and the ability to open encrypted files using a master key. Those. you can use any complex password, but your encrypted file can still be opened easily, without brute-forcing passwords, using a “bookmark” or the owner of the master key. The size of the encryption software company and the name of the country do not matter in this matter, since this is part of the government policy of many countries. After all, we are surrounded by terrorists and drug dealers all the time (what can we do?).

Those. You can hope for truly reliable encryption by correctly using the popular software with open source code and a crack-resistant encryption algorithm.

Is it worth switching from TrueCrypt to VeraCrypt?

The reference program that has been providing very secure file encryption for many years is TrueCrypt. This program still works great. Unfortunately, development of the program has currently been discontinued.

Its best successor was the VeraCrypt program.

VeraCrypt is a free disk encryption software based on TrueCrypt 7.1a.

VeraCrypt continues the best traditions of TrueCrypt, but also adds increased security algorithms used to encrypt systems and partitions, making your encrypted files immune to new advances in brute force attacks.

VeraCrypt has also fixed many of the vulnerabilities and security issues found in TrueCrypt. It can work with TrueCrypt volumes and offers the ability to convert TrueCrypt containers and non-system partitions to the VeraCrypt format.

This improved security only adds some latency to opening encrypted partitions, without any performance impact during the encrypted drive phase. For a legitimate user this is an almost imperceptible inconvenience, but for an attacker it becomes almost impossible to gain access to encrypted data, despite the presence of any computing power.

This can be clearly demonstrated by the following benchmarks for cracking (brute force) passwords in Hashcat:

For TrueCrypt:

Hashtype: TrueCrypt PBKDF2-HMAC-RipeMD160 + XTS 512 bit Speed.Dev.#1.: 21957 H/s (96.78ms) Speed.Dev.#2.: 1175 H/s (99.79ms) Speed.Dev.#* .: 23131 H/s Hashtype: TrueCrypt PBKDF2-HMAC-SHA512 + XTS 512 bit Speed.Dev.#1.: 9222 H/s (74.13ms) Speed.Dev.#2.: 4556 H/s (95.92ms) Speed.Dev.#*.: 13778 H/s Hashtype: TrueCrypt PBKDF2-HMAC-Whirlpool + XTS 512 bit Speed.Dev.#1.: 2429 H/s (95.69ms) Speed.Dev.#2.: 891 H /s (98.61ms) Speed.Dev.#*.: 3321 H/s Hashtype: TrueCrypt PBKDF2-HMAC-RipeMD160 + XTS 512 bit + boot-mode Speed.Dev.#1.: 43273 H/s (95.60ms) Speed.Dev.#2.: 2330 H/s (95.97ms) Speed.Dev.#*.: 45603 H/s

For VeraCrypt:

Hashtype: VeraCrypt PBKDF2-HMAC-RipeMD160 + XTS 512 bit Speed.Dev.#1.: 68 H/s (97.63ms) Speed.Dev.#2.: 3 H/s (100.62ms) Speed.Dev.#* .: 71 H/s Hashtype: VeraCrypt PBKDF2-HMAC-SHA512 + XTS 512 bit Speed.Dev.#1.: 26 H/s (87.81ms) Speed.Dev.#2.: 9 H/s (98.83ms) Speed.Dev.#*.: 35 H/s Hashtype: VeraCrypt PBKDF2-HMAC-Whirlpool + XTS 512 bit Speed.Dev.#1.: 3 H/s (57.73ms) Speed.Dev.#2.: 2 H /s (94.90ms) Speed.Dev.#*.: 5 H/s Hashtype: VeraCrypt PBKDF2-HMAC-RipeMD160 + XTS 512 bit + boot-mode Speed.Dev.#1.: 154 H/s (93.62ms) Speed.Dev.#2.: 7 H/s (96.56ms) Speed.Dev.#*.: 161 H/s Hashtype: VeraCrypt PBKDF2-HMAC-SHA256 + XTS 512 bit Speed.Dev.#1.: 118 H /s (94.25ms) Speed.Dev.#2.: 5 H/s (95.50ms) Speed.Dev.#*.: 123 H/s Hashtype: VeraCrypt PBKDF2-HMAC-SHA256 + XTS 512 bit + boot-mode Speed.Dev.#1.: 306 H/s (94.26ms) Speed.Dev.#2.: 13 H/s (96.99ms) Speed.Dev.#*.: 319 H/s

As you can see, cracking encrypted VeraCrypt containers is several orders of magnitude more difficult than TrueCrypt containers (which are also not at all easy).

I published the full benchmark and description of the hardware in the article “”.

Second important question- reliability. Nobody wants especially valuable and important files and the information was lost due to a program error. I knew about VeraCrypt as soon as it appeared. I followed her development and constantly looked closely at her. For last year I completely switched from TrueCrypt to VeraCrypt. In a year daily work VeraCrypt has never let me down.

Thus, in my opinion, it is now worth switching from TrueCrypt to VeraCrypt.

How VeraCrypt works

VeraCrypt creates special file, which is called a container. This container is encrypted and can only be connected if the correct password is entered. After entering the password, the container is displayed as additional disk(like an inserted flash drive). Any files placed on this disk (i.e., in the container) are encrypted. As long as the container is connected, you can freely copy, delete, write new files, and open them. Once a container is disconnected, all files on it become completely inaccessible until it is connected again, i.e. until the password is entered.

Working with files in an encrypted container is no different from working with files on any other drive.

When opening a file or writing it to a container, there is no need to wait for decryption - everything happens very quickly, as if you were really working with regular disk.

How to install VeraCrypt on Windows

There was a half-spy story with TrueCrypt - sites were created to “download TrueCrypt”, on them the binary file (well, of course!) was infected with a virus/Trojan. Those who downloaded TrueCrypt from these unofficial sites infected their computers, allowing attackers to steal personal information and facilitate the spread of malware.

In fact, all programs should be downloaded only from official websites. And this is even more true for programs that address security issues.

Official placements installation files VeraCrypt are:

Installing VeraCrypt on Windows

There is an installation wizard, so the installation process for VeraCrypt is similar to that of other programs. Is it possible to clarify a few points?

The VeraCrypt installer will offer two options:

• Install(Install VeraCrypt on your system)
• Extract(Extract. If you select this option, all files in this package will be extracted, but nothing will be installed on your system. Do not select this if you intend to encrypt system partition or system disk. Selecting this option can be useful, for example, if you want to run VeraCrypt in so-called portable mode. VeraCrypt does not require installation on the operating system on which it will run. After extracting all the files, you can run the extracted file "VeraCrypt.exe" directly (VeraCrypt will open in portable mode))

If you select the checked option, i.e. file association .hc, then this will add convenience. Because if you create a container with the .hc extension, then double click By this file VeraCrypt will start. But the downside is that third parties may know that .hc are encrypted VeraCrypt containers.

The program reminds you to donate:

If you are not short of money, of course, be sure to help the author of this program (he is alone) I would not want to lose him, like we lost the author of TrueCrypt...

VeraCrypt Instructions for Beginners

VeraCrypt has many different features and advanced features. But the most popular feature is file encryption. The following shows step by step how to encrypt one or more files.

Let's start by switching to Russian. Russian language is already built into VeraCrypt. You just need to turn it on. To do this in the menu Settings select Language…:

There, select Russian, after which the program language will immediately change.

As already mentioned, files are stored in encrypted containers (also called “volumes”). Those. you need to start by creating such a container; to do this, in the main interface of the program, click on the button “ Create Volume».

The VeraCrypt Volume Creation Wizard appears:

We are interested in the first option (“ Create an encrypted file container"), so we, without changing anything, press Further,

VeraCrypt has very interesting feature- ability to create a hidden volume. The point is that not one, but two containers are created in the file. Everyone knows that there is an encrypted partition, including possible ill-wishers. And if you are forced to give out your password, then it is difficult to say that “there is no encrypted disk.” When creating a hidden partition, two encrypted containers are created, which are located in one file, but can be opened different passwords. Those. you can place files that look “sensitive” in one of the containers. And in the second container there are really important files. For your needs, you enter a password to open an important section. If you cannot refuse, you reveal the password for a not very important disk. There is no way to prove that there is a second disk.

For many cases (hiding is not very critical files from prying eyes) it will be enough to create a regular volume, so I just click Further.

Select file location:

The VeraCrypt volume can be located in a file (in a VeraCrypt container) on the hard drive, USB flash drive and so on. The VeraCrypt container is no different from any other regular file(for example, it can be moved or deleted like other files). Click the "File" button to specify the name and path to the container file to be created to store the new volume.

NOTE: If you select an existing file, VeraCrypt will NOT encrypt it; this file will be deleted and replaced with the newly created VeraCrypt container. You can encrypt existing files (later) by moving them to the VeraCrypt container you are creating now.

You can choose any file extension; this does not affect the operation of the encrypted volume in any way. If you select the extension .hc, and also if you associated VeraCrypt with this extension during installation, then double-clicking on this file will launch VeraCrypt.

History recently open files allows you to quickly access these files. However, entries in your history like “H:\My offshore accounts of stolen dollars worth of dollars.doc” may raise doubts in the minds of outsiders about your integrity. To prevent files opened from an encrypted disk from going into history, check the box next to “ Don't save history».

Selecting encryption and hashing algorithms. If you are not sure what to choose, then leave the default values:

Enter the volume size and select units of measurement (kilobytes, megabytes, gigabytes, terabytes):

Very important stage, setting a password for your encrypted disk:

Good password- it is very important. Avoid passwords with one or more words found in the dictionary (or combinations of 2, 3 or 4 such words). The password must not contain names or dates of birth. It should be difficult to guess. A good password is a random combination of uppercase and lowercase letters, numbers and special characters (@ ^ = $ * +, etc.).

Now you can again use Russian letters as passwords.

We help the program collect random data:

Note that here you can check the box to create a dynamic disk. Those. it will expand as it is filled with information.

As a result, I have created a test.hc file on my desktop:

If you created a file with the extension .hc, then you can double-click on it, the main program window will open, and the path to the container will already be inserted:

In any case, you can open VeraCrypt and select the path to the file manually (To do this, click the "File" button).

If the password is entered correctly, a new disk will appear in your system:

You can copy/move any files to it. You can also create folders there, copy files from there, delete them, etc.

To close the container from outsiders, press the button Unmount:

To regain access to your secret files, remount the encrypted disk.

Setting up VeraCrypt

VeraCrypt has quite a few settings that you can change for your convenience. I highly recommend checking the " Automatically unmount volumes when inactive for a period»:

And also install hotkey For " Immediately unmount everything, clear the cache and exit»:

This can be very... VERY useful...

Portable version of VeraCrypt on Windows

As of version 1.22 (which is in beta at the time of writing), a portable option was added for Windows. If you read the installation section, you should remember that the program is already portable and allows you to simply extract your files. However, the standalone portable package has its own peculiarities: you need administrator rights to run the installer (even if you just want to unpack the archive), and the portable version can be unpacked without administrator rights - that's the only difference.

Official beta versions are only available. In the VeraCrypt Nightly Builds folder, the portable version file is VeraCrypt Portable 1.22-BETA4.exe.

The container file can be placed on a flash drive. You can copy it to the same flash drive portable version VeraCrypt - this will allow you to open an encrypted partition on any computer, including those without VeraCrypt installed. But be aware of the dangers of keystroke hijacking - an on-screen keyboard could probably help in this situation.

How to Use Encryption Software Properly

Some tips to help you keep your secrets better:

1. Try to prevent unauthorized persons from accessing your computer, including not checking laptops in luggage at airports; If possible, send computers for repairs without a system hard drive etc.
2. Use a complex password. Don't use the same password you use for mail etc.
3. Don't forget your password! Otherwise, the data will be impossible to recover.
4. Download all programs only from official sites.
5. Use free programs or purchased (do not use hacked software). And also do not download or run dubious files, since all similar programs, among other malicious elements, may have kilologgers (keystroke interceptors), which will allow an attacker to find out the password for your encrypted container.
6. Sometimes, as a means of preventing keystrokes from being intercepted, it is recommended to use on-screen keyboard- I think this makes sense.

This article is devoted to the reliable protection of vital information, as well as any files that you want to protect from access by others, even if your computer or storage media (flash drive, hard drive) falls into the hands of unauthorized persons, including those who are technically advanced and have access to powerful computing resources.

Why you shouldn't trust closed-source encryption software

Closed-source programs can include “bookmarks” (and don’t hope they aren’t there!) and the ability to open encrypted files using a master key. Those. you can use any, even the most complex password, but your encrypted file can still be opened with ease, without brute-forcing passwords, using a “bookmark” or the owner of the master key. The size of the encryption software company and the name of the country do not matter in this matter, since this is part of the government policy of many countries. After all, we are surrounded by terrorists and drug dealers all the time (what can we do?).

Those. Truly strong encryption can be achieved by properly using popular open source software and a crack-proof encryption algorithm.

Is it worth switching from TrueCrypt to VeraCrypt?

The reference program that has been providing very secure file encryption for many years is TrueCrypt. This program still works great. Unfortunately, development of the program has currently been discontinued.

Its best successor was the VeraCrypt program.

VeraCrypt is free disk encryption software based on TrueCrypt 7.1a.

VeraCrypt continues the best traditions of TrueCrypt, but adds enhanced security to the algorithms used to encrypt systems and partitions, making your encrypted files immune to new advances in brute-force attacks.

VeraCrypt has also fixed many of the vulnerabilities and security issues found in TrueCrypt. It can work with TrueCrypt volumes and offers the ability to convert TrueCrypt containers and non-system partitions to the VeraCrypt format.

This improved security only adds some latency to opening encrypted partitions, without any performance impact during the encrypted drive phase. For a legitimate user this is an almost imperceptible inconvenience, but for an attacker it becomes almost impossible to gain access to encrypted data, despite the presence of any computing power.

This can be clearly demonstrated by the following benchmarks for cracking (brute force) passwords in:

For TrueCrypt:

Hashtype: TrueCrypt PBKDF2-HMAC-RipeMD160 + XTS 512 bit Speed.Dev.#1.: 21957 H/s (96.78ms) Speed.Dev.#2.: 1175 H/s (99.79ms) Speed.Dev.#*.: 23131 H/s Hashtype: TrueCrypt PBKDF2-HMAC-SHA512 + XTS 512 bit Speed.Dev.#1.: 9222 H/s (74.13ms) Speed.Dev.#2.: 4556 H/s (95.92ms) Speed.Dev.#*.: 13778 H/s Hashtype: TrueCrypt PBKDF2-HMAC-Whirlpool + XTS 512 bit Speed.Dev.#1.: 2429 H/s (95.69ms) Speed.Dev.#2.: 891 H/s (98.61ms) Speed.Dev.#*.: 3321 H/s Hashtype: TrueCrypt PBKDF2-HMAC-RipeMD160 + XTS 512 bit + boot-mode Speed.Dev.#1.: 43273 H/s (95.60ms) Speed.Dev.#2.: 2330 H/s (95.97ms) Speed.Dev.#*.: 45603 H/s

For VeraCrypt:

Hashtype: VeraCrypt PBKDF2-HMAC-RipeMD160 + XTS 512 bit Speed.Dev.#1.: 68 H/s (97.63ms) Speed.Dev.#2.: 3 H/s (100.62ms) Speed.Dev.#*.: 71 H/s Hashtype: VeraCrypt PBKDF2-HMAC-SHA512 + XTS 512 bit Speed.Dev.#1.: 26 H/s (87.81ms) Speed.Dev.#2.: 9 H/s (98.83ms) Speed.Dev.#*.: 35 H/s Hashtype: VeraCrypt PBKDF2-HMAC-Whirlpool + XTS 512 bit Speed.Dev.#1.: 3 H/s (57.73ms) Speed.Dev.#2.: 2 H/s (94.90ms) Speed.Dev.#*.: 5 H/s Hashtype: VeraCrypt PBKDF2-HMAC-RipeMD160 + XTS 512 bit + boot-mode Speed.Dev.#1.: 154 H/s (93.62ms) Speed.Dev.#2.: 7 H/s (96.56ms) Speed.Dev.#*.: 161 H/s Hashtype: VeraCrypt PBKDF2-HMAC-SHA256 + XTS 512 bit Speed.Dev.#1.: 118 H/s (94.25ms) Speed.Dev.#2.: 5 H/s (95.50ms) Speed.Dev.#*.: 123 H/s Hashtype: VeraCrypt PBKDF2-HMAC-SHA256 + XTS 512 bit + boot-mode Speed.Dev.#1.: 306 H/s (94.26ms) Speed.Dev.#2.: 13 H/s (96.99ms) Speed.Dev.#*.: 319 H/s

As you can see, cracking encrypted VeraCrypt containers is several orders of magnitude more difficult than TrueCrypt containers (which are also not at all easy).

The second important issue is reliability. No one wants to lose valuable and important files and information due to a software error. I knew about VeraCrypt as soon as it appeared. I followed her development and constantly looked closely at her. Over the past year I have completely switched from TrueCrypt to VeraCrypt. Over the course of a year of daily use, VeraCrypt has never let me down.

Thus, in my opinion, it is now worth switching from TrueCrypt to VeraCrypt.

How VeraCrypt works

VeraCrypt creates a special file called a container. This container is encrypted and can only be connected if the correct password is entered. After entering the password, the container is displayed as an additional disk (like an inserted flash drive). Any files placed on this disk (i.e., in the container) are encrypted. As long as the container is connected, you can freely copy, delete, write new files, and open them. Once a container is disconnected, all files on it become completely inaccessible until it is connected again, i.e. until the password is entered.

Working with files in an encrypted container is no different from working with files on any other drive.

When opening a file or writing it to a container, there is no need to wait for decryption - everything happens very quickly, as if you were really working with a regular disk.

How to install VeraCrypt on Windows

There was a half-spy story with TrueCrypt - sites were created to “download TrueCrypt”, on them the binary file (well, of course!) was infected with a virus/Trojan. Those who downloaded TrueCrypt from these unofficial sites infected their computers, allowing attackers to steal personal information and help spread malware.

The official locations for VeraCrypt installation files are:

Installing VeraCrypt on Windows

There is an installation wizard, so the installation process for VeraCrypt is similar to that of other programs. Is it possible to clarify a few points?

The VeraCrypt installer will offer two options:

• Install(Install VeraCrypt on your system)
• Extract(Extract. If you select this option, all files in this package will be extracted, but nothing will be installed on your system. Do not select this if you intend to encrypt the system partition or system drive. Selecting this option may be useful, for example, if you want to run VeraCrypt in what is called portable mode. VeraCrypt does not require installation on the operating system it will run in. Once all the files have been extracted, you can run the extracted file 'VeraCrypt.exe' directly (VeraCrypt will open in portable mode))

If you select the checked option, i.e. file association .hc, then this will add convenience. Because if you create a container with the .hc extension, then double-clicking on this file will launch VeraCrypt. But the downside is that third parties may know that .hc are encrypted VeraCrypt containers.

The program reminds you to donate:

VeraCrypt Instructions for Beginners

VeraCrypt has many different features and advanced features. But the most popular feature is file encryption. The following shows step by step how to encrypt one or more files.

Let's start by switching to Russian. Russian language is already built into VeraCrypt. You just need to turn it on. To do this in the menu Settings select Language…:

There, select Russian, after which the program language will immediately change.

As already mentioned, files are stored in encrypted containers (also called “volumes”). Those. you need to start by creating such a container; to do this, in the main interface of the program, click on the button “ Create Volume».

The VeraCrypt Volume Creation Wizard appears:

We are interested in the first option (“ Create an encrypted file container"), so we, without changing anything, press Further,

VeraCrypt has a very interesting feature - the ability to create a hidden volume. The point is that not one, but two containers are created in the file. Everyone knows that there is an encrypted partition, including possible ill-wishers. And if you are forced to give out your password, then it is difficult to say that “there is no encrypted disk.” When creating a hidden partition, two encrypted containers are created, which are located in the same file, but are opened with different passwords. Those. you can place files that look “sensitive” in one of the containers. And in the second container there are really important files. For your needs, you enter a password to open an important section. If you cannot refuse, you reveal the password for a not very important disk. There is no way to prove that there is a second disk.

For many cases (hiding not very critical files from prying eyes) it will be enough to create a regular volume, so I just click Further.

Select file location:

The VeraCrypt volume can be located in a file (VeraCrypt container) on a hard drive, USB flash drive, etc. A VeraCrypt container is no different from any other regular file (for example, it can be moved or deleted like other files). Click the ‘File’ button to specify the name and path to the container file to be created to store the new volume.

NOTE: If you select an existing file, VeraCrypt will NOT encrypt it; this file will be deleted and replaced with the newly created VeraCrypt container. You can encrypt existing files (later) by moving them to the VeraCrypt container you are creating now.

You can choose any file extension; this does not affect the operation of the encrypted volume in any way. If you select the extension .hc, and also if you associated VeraCrypt with this extension during installation, then double-clicking on this file will launch VeraCrypt.

The history of recently opened files allows you to quickly access these files. However, entries in your history like “H:\My offshore accounts of stolen dollars worth of dollars.doc” may raise doubts in the minds of outsiders about your integrity. To prevent files opened from an encrypted disk from going into history, check the box next to “ Don't save history».
Selecting encryption and hashing algorithms. If you are not sure what to choose, then leave the default values:

Enter the volume size and select units of measurement (kilobytes, megabytes, gigabytes, terabytes):

A very important step is setting a password for your encrypted disk:

A good password is very important. Avoid passwords with one or more words found in the dictionary (or combinations of 2, 3 or 4 such words). The password must not contain names or dates of birth. It should be difficult to guess. A good password is a random combination of upper and lower case letters, numbers and special characters (@ ^ = $ * + etc.).

Now you can again use Russian letters as passwords.

We help the program collect random data:

Note that here you can check the box to create a dynamic disk. Those. it will expand as it is filled with information.

As a result, I have created a test.hc file on my desktop:

If you created a file with the extension .hc, then you can double-click on it, the main program window will open, and the path to the container will already be inserted:

In any case, you can open VeraCrypt and select the path to the file manually (To do this, click the "File" button).

If the password is entered correctly, a new disk will appear in your system:

You can copy/move any files to it. You can also create folders there, copy files from there, delete them, etc.

To close the container from outsiders, press the button Unmount:

To regain access to your secret files, remount the encrypted drive.

Setting up VeraCrypt

VeraCrypt has quite a few settings that you can change for your convenience. I highly recommend checking the " Automatically unmount volumes when inactive for a period»:

And also set a hotkey for " Immediately unmount everything, clear the cache and exit»:

Portable version of VeraCrypt on Windows

As of version 1.22 (which is in beta at the time of writing), a portable option was added for Windows. If you read the installation section, you should remember that the program is already portable and allows you to simply extract your files. However, the separate portable package has its own peculiarities: you need administrator rights to run the installer (even if you just want to unpack the archive), and the portable version can be unpacked without administrator rights - the only difference is that.

Official beta versions are only available. In the VeraCrypt Nightly Builds folder, the portable version file is VeraCrypt Portable 1.22-BETA4.exe.

The container file can be placed on a flash drive. You can copy a portable version of VeraCrypt onto the same flash drive - this will allow you to open the encrypted partition on any computer, including those without VeraCrypt installed. But be aware of the dangers of keystroke hijacking—an on-screen keyboard can probably help in this situation.

How to Use Encryption Software Properly

Some tips to help you keep your secrets better:

1. Try to prevent unauthorized persons from accessing your computer, including not checking laptops in luggage at airports; if possible, send computers for repair without a system hard drive, etc.
2. Use a complex password. Don't use the same password you use for mail etc.
3. Don't forget your password! Otherwise, the data will be impossible to recover.
4. Download all programs only from official sites.
5. Use free or purchased programs (do not use hacked software). And also do not download or run dubious files, since all such programs, among other malicious elements, may have kilologgers (keystroke interceptors), which will allow an attacker to find out the password from your encrypted container.
6. Sometimes it is recommended to use an on-screen keyboard as a means of preventing keystrokes from being intercepted - I think this makes sense.

) I touched on the topic of protecting personal information, but this method is not reliable, since you can remove the password from the folder.

One of the options for such protection is the encryption function built into Windows (7 or 8) called BitLocker. With its help you can put a password on a flash drive, external drive or any disk partition, and thus protect personal information from access by unauthorized persons.

But there is one drawback - this function is not available for all versions of Windows. For Windows 7 version only Ultimate, for Windows 8 - in version Pro.

Alternative option protections are free/paid programs that create virtual encrypted disk- this is a special container file, when connected, it appears in the system separate disk, which you can work with like a regular disk. I use containers like this in Kaspersky antivirus Crystal. There are also free programs, such as TrueCrypt.

But the situation with TrueCrypt is now unclear (there was information that vulnerabilities were discovered and the project was closed), so we will not consider it for now, but will use the built-in Windows function encryption, provided that your OS version has this function.

Let's look at an example of encrypting a flash drive:

Flash drive encryption.

To encrypt a flash drive, you need to go to Explorer, click right click mouse on the flash drive and select "Enable BitLocker":

“Disk Initialization” will start, after which you will need to select “Method for unlocking the disk.”

Choose the first method- “Use a password to unlock the disk”, enter the password and click “Next”:

If you forget your password, then using this key you can restore access to the flash drive, so be sure to save it on your hard drive, in some folder of your own that usually no one uses except you.

When saving a file, you can specify, for example, the size of the flash drive, so that it is clear for which flash drive this key is for:

After saving the recovery key, it becomes active button "Further":

Click it to start the encryption process, then click "Start encryption":

The encryption itself takes a long time (30 minutes), so wait for the message about its completion:

After clicking the "Close" button, the encrypted disk will look like this in Explorer:

After encryption, access to the flash drive will be open, so you can work with files. Now let's remove the flash drive and plug it back in. A password entry window will appear:

On home computer you can check the box next to the option "In the future, automatically unlock this computer". In this case, you will not be required to enter a password on this computer, but on all other computers you will need to enter a password when connecting.

Encrypting a disk partition.

To encrypt a disk partition, the procedure is the same - you need to right-click on the disk and select "Enable BitLocker", then enter the password, save the recovery key and perform encryption.

But keep in mind that encryption will take a long time, especially if the disk space is large. Therefore, I recommend creating on disk separate section a small volume (the volume depends on what you will store on it) and then encrypt this section. To create a new disk partition, you can use the free Partition program Manager. Lesson for this program.

How to disable BitLocker.

To disable encryption, go to the control panel and select "Encryption drive BitLocker" :

Find your drive and click "Turn off BitLocker":

In the next window we confirm disk decryption:

Conclusions.

If you have suitable version windows, then you can encrypt a flash drive or disk without third-party software. This is especially convenient for a flash drive, since you can use it on any Windows computer. True, in Windows XP and Vista you will be able to work with a flash drive only in “read” mode (you will not be able to write files), but on another computer with Windows 7 or 8 you will be able to work without any restrictions.

If in your Windows versions there is no BitLocker function, then you must use special programs, which we will talk about in a separate lesson.

USB flash drives are small, portable and universal devices storage Flash drives are very convenient for transferring data between computers. However, due to their portability and compact size, USB media can be easily lost. Therefore, you need to take care of reliable protection data on a flash drive.

Unfortunately, you can't simply set a password on the entire drive like you can with a smartphone or computer. For enhanced protection your files need to be encrypted. If you do not wish to purchase separately safe device flash memory with hardware encryption, you can use free software to get a similar level of security.

In this article we have presented several simple ways to protect files and folders on a USB flash drive.

If you need to protect only individual important documents, and you do not need to encrypt entire folders, then you can simply limit yourself to installing password protection for individual files.

Many programs, including Word and Excel, allow you to save files with a password.

For example, when required document open at text editor Microsoft Word, you can go to the menu File > Details, select item Document protection and option Encrypt with password.

All that remains is to ask secure password and confirm its installation. Be sure to save the document and be sure to remember or write down the password.

Download the portable version of VeraCrypt and extract it to a USB drive. When you launch the application, a list of available drive letters will be displayed. Select a letter and press Create Volume

To create a virtual encrypted disk inside a file, select the option Create an encrypted file container and click "Next".

In the next step, you can select the volume type: regular or hidden. Usage hidden volume reduces the risk of someone forcing you to reveal your password. In our example, we will create a regular volume. Next, select the location of the encrypted volume – removable USB-disk.

Configure encryption and specify the volume size (must not exceed the size of a USB drive). Then select the encryption and hash algorithm, you can use the default settings. Then set your volume password. In the next step, your random mouse movements will determine the cryptographic strength of the encryption.

Once encryption is complete, each time you connect the USB drive to any computer, you can run the VeraCrypt hosted on it and mount the encrypted file container to gain access to the data.

VeraCrypt supports encryption of entire partitions and storage devices.

Download VeraCrypt and install the program on your PC. When you launch the application, a list of available drive letters will be displayed. Select a letter and press Create Volume. The VeraCrypt Volume Creation Wizard will launch.

To encrypt the entire USB drive, select the option Encrypt a non-system partition/drive and click "Next".

In the next step, you can select the volume type: regular or hidden. Using a hidden volume reduces the risk of someone forcing you to reveal your password.

On the next screen of the wizard you need to select the device, i.e. our removable USB disk, and then click "OK" and "Next".

In our example, we will create a regular volume. On the next screen of the wizard you need to select the device, i.e. our removable USB drive, and then click “OK” and “Next”.

To encrypt the entire USB drive, select Encrypt the partition in place and click "Next". VeraCrypt will warn you that you must have backup copy data – if something goes wrong during encryption, you can restore access to your files. Then select the encryption and hash algorithm, you can use the default settings. Then set your volume password. In the next step, your random mouse movements will determine the cryptographic strength of the encryption.

Then select the cleaning mode. The more rewrite cycles, the more reliable the cleaning. In the final step, select Encryption to start the encryption process.

After encryption is complete, each time you connect the USB drive to your computer, you will need to mount it with using VeraCrypt to gain access to the data.

Many modern archivers, including the free 7-Zip, support AES-256 encryption and password protection of files.

Install 7-Zip, then right-click on the file or folder on your USB drive and select 7-Zip > Add to archive. In the "Add to Archive" window, select the archive format and set a password. Click "OK" to begin the archiving and encryption process.

Found a typo? Highlight and press Ctrl + Enter

One of the most valuable products modern world information can be read. At the same time, private information is also significant, and it requires certain protection, which can be provided by the operating system or using software solutions.

If you are interested in the answer to the question “how to encrypt a flash drive?” and yours operating system older than Windows XP, then you can take advantage of the capabilities of the OS itself.

Bitlocker encryption

The Bitlocker feature has been available in Windows since Vista. Its capabilities are based on encrypting data located on a hard drive or flash drive. To do this, you should:

TrueCrypt: how to encrypt a flash drive

The free TrueCrypt program is more reliable way to encrypt the flash drive. This software solution It has quite broad functionality, for example, encryption of a single folder or the operating system itself.

At the same time, the proposed encryption quality is at high level. So, last year it was decided to conduct an independent audit in the wake of the hype around Snowden. For these purposes, they announced a fundraiser in the amount of 60 thousand dollars. The money was collected, and the first stage of verification took place on April 14 this year, which did not lead to the discovery of any critical encryption errors.

TrueCrypt instructions: how to make an encrypted USB flash drive

2. If you are interested in the crack, then download it (1.4 MB). All files are available on the official website.

3. Move the downloaded TrueCrypt.exe file to a folder on your hard drive and unpack the crack there.

4. Installing the program (running a file with the extension .exe) involves choosing from two options: Install and Extract, that is, standard and portable. Choice portable installation increases the level of security, since it will not be possible to determine that a ransomware is present in computer programs. Otherwise, the flash drive can only be opened on the computer where TrueCrypt is installed, which confirms the great practicality of a portable installation.

5. When extracting, specify the flash drive as the final destination.

6. Run the TrueCrypt.exe file and in the window that opens, activate the “Create Volume” button.

7. A wizard will launch, where you should select the first item, which implies that an encrypted container will be installed on the flash drive.

8. In the next “Volume Type” window, do not change anything and click “Next”.

9. You will then be prompted to select a storage location for the container. Specify the path leading to the flash drive and specify some non-existent file on it. It doesn't matter what you write. In our example, such a file is called secret.txt.

10. Go to the window where you should set the encryption algorithm. Choose AES.

11. Specify the required size of the encrypted volume.

12. Set a password. The program recommends using at least 20 characters.

13. If you are going to save files with a volume of 4 GB or more, then select the answer “Yes”, which will allow you to format the volume in NTFC.

14. At this point, the process of creating a secret container can be considered complete, since the question “how to encrypt a flash drive with a password?” exhausts itself. Now all you have to do is figure out how to access the encrypted area of ​​the flash drive.

Encrypted files on a flash drive: how to access TrueCrypt

1. Run the TrueCrypt.exe file.
2. Select any drive label in the column provided.
3. Activate the "File" button.
4. Specify the path to the secret container (secret.txt).
5. Click “Mount” and enter the password.
6. After clicking OK in the Computer section of the Start menu, you will see that, along with hard drive Another hard drive icon appears under the letter you entered in the second step.
7. Open and use a new object in a standard way, that is, using “Explorer”.
8. To hide again secret disk, you must use the “Unmount” button.