Encrypting Your Files Using TrueCrypt These instructions describe how to encrypt individual files, groups of files, or the entire hard drive on your Windows XP or higher computer using the TrueCrypt encryption software. What is TrueCrypt? TrueCrypt is a free open-source disk encryption software package available for Windows 7/Vista/XP, Mac OS X, and Linux. TrueCrypt is a software system for establishing and maintaining an on-the-fly-encrypted volume (data storage device). On-the-fly encryption means that data is automatically encrypted or decrypted right before it is loaded or saved, without any user intervention. No data stored on an encrypted volume can be read (decrypted) without using the correct password/keyfile(s) or correct encryption keys.1 Why Do You Need TrueCrypt? If you travel with your laptop, carry your laptop with you, or are just concerned with protecting the information on your computer, TrueCrypt will give you an extra layer of security should your laptop ever be stolen. Your files will be protected and inaccessible unless someone has access to your passphrase. Warning If you lose, forget, or misplace the password you used for encrypting your files you will be permanently unable to recover the contents of these files. Please be sure to store your password in a secure location. Notes Before Installing The installation of TrueCrypt requires administrative privileges on your computer. Page | 1 Installing TrueCrypt To install TrueCrypt follow these steps: 1. Visit the TrueCrypt download page (http://www.truecrypt.org/downloads) and select the latest stable version. 2. Run the TrueCrypt installer. Follow the on screen instructions to complete installation. Creating a TrueCrypt Volume To create an encrypted TrueCrypt volume to store your sensitive files, follow these steps: 1. From the Start menu, select All Programs, then select TrueCrypt and then TrueCrypt. 2. Click the Create Volume button. Page | 2 3. Ensure Create an encrypted file container is selected and click Next. If you want to encrypt your entire partition or hard drive, select the third option Encrypt the system partition or entire system drive. 4. Select Standard TrueCrypt volume and click Next. 5. On the Volume Location screen, click the Select File... button. o Navigate to a directory of your choosing (for example "My Documents"). o In the File name dialog box, enter a name for your volume (for example "My Volume") Note: Be sure not to choose an existing file, as doing so will not encrypt the file but overwrite it causing data loss. o Click Save. 6. Click Next. Page | 3 7. Choose an Encryption Algorithm and a Hash Algorithm (if you are unsure, choose AES and SHA-512) and click Next. 8. Specify a volume size. Ensure that the size is large enough to accommodate the files you wish to encrypt. Page | 4 Warning If you lose, forget, or misplace the password you used for encrypting your files you will be permanently unable to recover the contents of these files. Please be sure to store your password in a secure location. 9. Choose a very strong password and be sure to store the password in a safe location, and click Next. TrueCrypt recommends the following regarding password complexity: It is very important that you choose a good password. You should avoid choosing one that contains only a single word that can be found in a dictionary (or a combination of 2, 3, or 4 such words). It should not contain any names or dates of birth. It should not be easy to guess. A good password is a random combination of upper and lower case letters, numbers, and special characters, such as @ ^ = $ * + etc. We recommend choosing a password consisting of more than 20 characters (the longer, the better). The maximum possible length is 64 characters. 10. Move your mouse as randomly as possible within the Volume Creation Wizard window for at least 30 seconds. This significantly increases the cryptographic strength of the encryption keys. 11. Click Format. 12. When prompted that "The TrueCrypt volume has been successfully created" click OK. Page | 5 13. Click Exit. Mounting Your TrueCrypt Volume In order to use your TrueCrypt volume to encrypt data or read data that has already been encrypted, you must first mount the TrueCrypt volume. 1. From the Start menu, select All Programs, then select TrueCrypt and then TrueCrypt. 2. Select a drive letter where you want to mount the TrueCrypt volume. 3. Click the Select File button. 4. Navigate to your volume file, select it, and click Open. 5. Click Mount. 6. Enter your volume password and click OK. Encrypting Your Data To encrypt your data on a mounted TrueCrypt volume, follow these steps: 1. Open your mounted secure volume. 2. Move (cut and paste) your file to this volume. 3. Your file is now encrypted. For More Help If you have questions regarding more advanced configurations or need help, please visit the TrueCrypt documentation page: http://www.truecrypt.org/docs/ 1 http://www.truecrypt.org/docs/ Page | 6