Use TrueCrypt to encrypt the data on your USB storage device.
This guide will cover the steps taken to create a secure, encrypted container on your removable, USB storage device. The process here is tailored to the Microsoft Windows operating system. This software is available for Linux and Mac OSX. If you are using either of those you will need to refer to the documentation contained on the TrueCrypt homepage. However, many of the the processes here will still apply. Enjoy!http://www.truecrypt.org/1. Download TrueCrypt for your platform of choicehttp://www.truecrypt.org/downloads.php2. Double click the installation file to begin setup
The first screen will be a license agreement you must accept to continue. Read it if you like, I didn't. This program is 100% free and contains no adware or spyware. After agreeing to the license, it will ask you to install or extract. You will probably want to do both, more on this later but for now, choose Install and click Next
The default installation path is C:\Program Files\TrueCrypt
which can be changed to your liking. I used the default path.
On this screen there are some more options:
Install for all users - This will place shortcuts on the start menu for all users on your system.
Add TrueCrypt to the Start menu - This is up to you but realize it will nullify the previous option if not checked.
Add TrueCrypt icon to desktop - I did this and immediately moved the shortcut to my QuickLaunch, YMMV.
Associate the .tc file extension with TrueCrypt - I recommend this option. It makes it easier to open your encrypted volumes by simply double-clicking.
Create System Restore point - Certainly Windows specific, and I do not use it. TC is not going to break your system.
Determine your appropriate options and click the Install
button.3. Complete Setup
Once installation is complete, you may be prompted to read the tutorial. This is advised although my thread here should get you up and running for the purposes of a secure portion of a USB stick.
on the Installation log screen.4. Run TrueCrypt and create a new volume
Double-click the desktop icon or click the shortcut on your start menu to run TrueCrypt. It will present a screen with a bunch of free drive letters and many options. Insert your removable drive into a USB slot. Next, click the button labeled Create Volume
You will now see the TrueCrypt Volume Creation Wizard. You can use this to create an encrypted container for your sensitive data. The first option is what we will use however note the other choices and their descriptions. This program is way more robust than our needs require it to be and you may find it useful for other tasks.
With the first option selected, click Next
. The following dialog will let you choose from a standard or hidden volume. A hidden volume may be warranted if someone is holding a gun to your head asking for a password. This is unlikely, considering we are simply securing things like scanned copies of driver license and birth certificates. Choose the standard volume option and press Next
You will need to specify the location to place your secure container. This will look like a file with the .tc extension. My USB stick shows up as G:
in Windows Explorer. You will need to check how yours is referenced. Next you need to decide on a file name. Personally I did two things here. First I created a new folder on my USB stick named Crypt. Then I used this dialog to specify a file name for my encrypted container based on what is inside. You may have more stuff than just personal documents such as field manuals, first aid guides, etc. Long story short, create a folder for your encrypted containers and pick an appropriate file name. Click Next
The following dialog will allow you to choose your desired encryption and hash algorithms. I could write a book about the possibilities but for simplicity and good security, choose AES
then click Next
You will then need to specify the size for your container. Realize that this is a fixed size. The container will not grow or shrink based on what is inside. A few images may only take a few megabytes. In the interest of scalability, I would go with a few hundred for each container you make. This will obviously depend on the total amount of space available on your USB stick. Enter your desired size and click Next
.5. Set a password for your volume and shake your mouse a lot
Next, create a password that will protect your volume. This needs to be STRONG. It should consist of a mixture of numbers, symbols, lower and uppercase letters. It should be at a minimum, 12 characters long. TrueCrypt will recommend at least 20 characters. Remember, the space bar counts as a symbol so you can use an entire sentence if you like. Again, volumes can be written about password strength and if you need guidance, check Google
. Oh and, don't write it down or share it, this would defeat the whole process we are undertaking. Don't worry about the keyfiles option. Choose a good password, verify it, then smash the Next
The following dialog is the most fun part. You get to randomly shake your mouse around thus increasing the cryptographic strength of your volume. Don't sit there all night but do move the mouse randomly for a minute or so. You can select the format and cluster size although the default settings will do just fine. When finished, depress the button labeled Format. Depending on the speed of your computer, this step may take a few moments to complete. Click Exit
on the following dialog.6. Mount your TrueCrypt volume and fill it with porn, I mean, important information
If you look at your USB stick in Windows Explorer, you will find your newly created, encrypted volume.
Double-click this file. When the TrueCrypt screen pops up, choose a free drive letter from the list (I picked Z) and click Mount
. You will be prompted for your password. Enter it and click OK
Your encrypted volume is now mounted as a new drive in Windows and ready to have information added to it. Treat it just like any drive. The stuff you copy to it will be contained and secured inside the .tc file in the location you have specified on your USB stick. When you're finished accessing the container, click Dismount
.7. Daily usage
Step six is the basic outline for how to use this volume when you need to read or modify the files within. In short, insert your USB stick, browse to the .tc file of your choice, double-click to open in TrueCrypt and mount the file as a drive letter. Dismount when finished.Appendix A
Otay, otay, at this point you should be able to secure your data but you may still be wondering about the install versus extract thing from step one. The installation file you downloaded will allow you to install TrueCrypt on the computer. This is what we did so far. The other option will allow you to run TrueCrypt from your memory stick directly.
First, double click the setup file as previously described. Agree to the license terms and then select the Extract option instead of Install. It will then ask where to extract and you will want to type in or browse to your memory stick. To keep things clean, specify a new folder name and click Extract. This will install a standalone version of TrueCrypt onto your USB stick and prevent you from needing to install it on the PC you are using.
You will need to run TrueCrypt from the memory stick first and then double click your .tc file as usual.
In summary, putting scans of your personal stuff on a portable device is a great way to keep it with you at all times. Of course, if you lose it your information could be compromised. Employing strong encryption will ensure your data will not be read by unauthorized persons. Realize that TrueCrypt is not the only software tool for achieving this goal but after trying many, it is my choice.