A Beginner’s Guide To Encryption: What It Is And How To Set It Up

A Beginner’s Guide To Encryption: What It Is And How To Set It Up

Keep on hearing about encryption but still not sure what it involves? Here’s a basic introduction to encryption, when you should use it, and how to set it up.

Images by Vector Icon (Shutterstock), Pixel Embargo (Shutterstock) and von_hedwig

What Is Encryption?

A Beginner’s Guide To Encryption: What It Is And How To Set It Up

Encryption is a method of protecting data from people you don’t want to see it. For example, when you use your credit card on Amazon, your computer encrypts that information so that others can’t steal your personal data as it is being transferred. Similarly, if you have a file on your computer you want to keep secret only for yourself, you can encrypt it so that no one can open that file without the password. It’s useful for everything from sending sensitive information to securing your email, keeping your cloud storage safe, and even hiding your entire operating system.

Encryption, at its core, is similar to those decoder rings you played with when you were younger. You have a message, you encode it using a secret cipher, and only other people with the cipher can read it. Anyone else just sees gibberish. Obviously, this is an incredibly simplified explanation. The encryption in your computer is far more complex — and there are different types of encryption that use multiple “decoder rings” — but that’s the basic idea.

There are also different levels of security when it comes to encryption. Some types, for example, are more secure but take longer to “decode”. Few, if any, encryption methods are 100 per cent foolproof. If you want a more detailed explainer on how encryption works, check out this article from the How-To Geek and this article from HowStuffWorks. They explain a few different kinds of encryption and how they keep you safe online.

Should I Encrypt My Files?

The short answer: yes. Things can be stolen even if you don’t share your computer. All someone needs is a few minutes in front of the keyboard to retrieve anything they want. A login password won’t protect you, either — breaking into a password-protected computer is insanely easy.

So should you encrypt your sensitive files? Yes. But there’s a bit more to it than that. You have two big choices when it comes to encryption: do you just encrypt the important files , or do you encrypt your entire drive? Each has pros and cons:

  • Encrypting a select group of files — such as the ones that contain personal information — keeps them safe without any extra complications. However, if someone had access to your computer, they could still break into it and view any non-encrypted files, access your browser, install malware, and so on.
  • Encrypting your entire drive makes it difficult for anyone to access any of your data or even boot up your computer without your password. However, if you experience any corruption on your drive, it’s much less likely that you’ll be able to retrieve that data.

We generally recommend against average users encrypting their entire drive. Unless you have sensitive files all over your computer, or have other reasons for encrypting the entire thing, it’s easier to encrypt the sensitive files and call it a day. Full disk encryption is more secure, but can also much more problematic if you don’t put in the work to keep everything backed up safely (and then encrypt those backups as well).

That said, we’ll show you how to do both in this guide. We’ll talk a bit more about each situation in their individual sections below.

How To Encrypt Individual Files Or Folders With TrueCrypt

A Beginner’s Guide To Encryption: What It Is And How To Set It Up

If you need to keep just a few files safe from prying eyes, you can encrypt them with the free, open-source, cross-platform TrueCrypt. These steps should work on Windows, Mac and Linux. Note that if you’re encrypting files to send them over the internet, you can also use this previously mentioned 7-Zip method.

Creating a TrueCrypt volume for your files is very easy — just follow TrueCrypt’s step-by-step wizard. Here’s an overview of what it entails:

  1. Start TrueCrypt and click the Create Volume button.
  2. On the first screen of the wizard, select “Create an encrypted file container”.
  3. On the next screen, choose “Standard TrueCrypt Volume”. If you want to create a hidden volume (to further obscure your data), read more about how it works here. We won’t cover it in this tutorial.
  4. On the Volume Location screen, click the Select File button and navigate to the folder in which you want to store your encrypted files. Do not select an existing file as this will delete it — instead, navigate to the folder, type the desired name of your encrypted volume in the “File Name” box, and click Save. We’ll add files to this TrueCrypt volume later.
  5. Choose your encryption algorithm on the next screen. AES should be fine for most users
  6. Choose the size of your volume. Make sure it has enough space to fit all your files, and any files you may want to add to it later.
  7. Choose a password to protect your files. Remember, the stronger your password, the safer your files will be. Make sure you remember your password, because if you lose it, your data will be inaccessible.
  8. On the next screen, follow the instructions and move your mouse around randomly for a bit. This will ensure TrueCrypt generates a strong, random key. Then click Next to continue with the wizard.
  9. Choose a filesystem for your encrypted volume. If you’re storing files over 4GB inside, you’ll need to choose NTFS. Click Format to create the volume.

To mount your volume, open up TrueCrypt and click the “Select File” button. Navigate to the file you just created. Then, select an open drive letter from the list and click the Mount button. Type in your password when prompted, and when you’re done, your encrypted volume should show up in Windows Explorer, as if it were a separate drive. You can drag files to it, move them around, or delete them just like you would any other folder. When you’re done working with it, just head back into TrueCrypt, select it from the list, and click Dismount. Your files should stay safely hidden away.

How To Encrypt Your Entire Hard Drive On Windows With TrueCrypt

A Beginner’s Guide To Encryption: What It Is And How To Set It Up

The process of encrypting your entire hard drive isn’t that different from encrypting individual files and folders (though TrueCrypt can only do this in Windows). Once again, the process is quite simple thanks to TrueCrypt’s step-by-step wizard. Here’s what you need to do:

  1. Start TrueCrypt and click the Create Volume button.
  2. On the first screen of the wizard, select “Encrypt the System Partition or Entire System Drive”.
  3. On the next screen, choose “Normal”. If you want to create a hidden operating system (to further obscure your data), read more about how it works here. We won’t cover it in this tutorial.
  4. Next, choose “Encrypt the Whole Drive”. This should work for most people, though if you have other partitions on your drive that you don’t want encrypted, you may want to choose the first option instead.
  5. When asked to encrypt the Host Protected Area, we recommend choosing No, unless you have a specific reason to do this.
  6. If you only have one operating system installed on your computer, choose “Single-Boot” at this next prompt. If you aren’t sure, you’re probably using a single-boot setup. If you’re dual booting (say, with Linux or another version of Windows), choose “Multi-Boot”.
  7. Choose your encryption algorithm on the next screen. AES should be fine for most users.
  8. Choose a password to protect your files. Remember, the stronger your password, the safer your files will be. Make sure you remember your password, because if you lose it, your computer will be unbootable and your data will be lost.
  9. On the next screen, follow the instructions and move your mouse around randomly for a bit. This will ensure TrueCrypt generates a strong, random key. Then click Next to continue with the wizard.
  10. Next, select a location for a TrueCrypt Rescue Disk, which will help you save your data if the bootloader, master key, or other important data gets corrupted. Give it a file name and save it.
  11. Once you’ve saved the file (in ISO format), you’ll have the option to burn it to a CD or DVD. Do this now (using either Windows’ built-in tools or a program like ImgBurn) before you continue. Click Next when you’ve finished burning the disc (and keep the disc in a safe place!).
  12. Choose a Wipe Mode for your data. “None” is the fastest, but if you want to ensure that your data is as secure as possible, choose one of the other options (3- or 7-pass is probably fine).
  13. Run the System Encryption Pretest on the next screen. You’ll need to restart your computer and enter your new TrueCrypt password when prompted.
  14. If the test runs successfully, you’ll see the option to begin encrypting your drive. Let it run — it will probably take a while (especially if you have a large drive).

That’s it. From now on, when you start up your computer, you’ll need to enter your TrueCrypt password before you boot into Windows. Make sure you don’t forget your password or lose that recovery disc — if you do and something goes wrong, you won’t be able to boot into your computer and you’ll lose all your data.

How To Encrypt Your Entire Hard Drive On OS X With FileVault

A Beginner’s Guide To Encryption: What It Is And How To Set It Up

OS X has a built-in encryption tool called FileVault, and it’s incredibly easy to set up. All you need to do is:

  1. Head to System Preferences > Security & Privacy > FileVault.
  2. Click the lock in the bottom left-hand corner of the window to make changes. Type in your password when prompted.
  3. Click the Turn on FileVault button. Copy down your recovery key and store it in a safe place (preferably not on your computer — somewhere physically secure like a safe). We don’t recommend storing it with Apple.
  4. Restart your computer when prompted.

When you boot back up, OS X will begin encrypting your disk, and your computer will probably run a little slowly while it goes. It could take an hour or more, depending on how big your hard drive is.

Alternative Tools

TrueCrypt has long been one of the most popular encryption tools out there, and it’s one of the easiest to set up. It isn’t the only option, however. As we mentioned earlier, 7-Zip is also a great way to encrypt your files, as is BitLocker, which comes with the Pro version of Windows 8 (or the Enterprise and Ultimate versions of Windows 7). Check out our Hive Five on encryption tools for a comparison of some of the more popular alternatives if you want to try them out.

Final Words

As we mentioned at the beginning, encryption is not 100 per cent foolproof, but it’s better than leaving your files out in the open. Remember what encryption can’t do — it can’t secure your drive if it’s infected with malware, if you leave it turned on in public spaces, or if you’re using a weak password. Even if you put your computer to sleep, it’s possible an experienced hacker could recover sensitive data from your computer’s RAM. Don’t let encryption lure you into a false sense of security: it’s just one layer of the security process.

Lastly, remember that this is just a beginner’s guide to what encryption is and how it works. There’s a lot more beyond basic encryption of files and folders, like transferring encrypted data to your friends, securing your email with PGP, encrypting your Dropbox, or creating a decoy operating system to further obscure your information. Now that you know the very basics, don’t be afraid to branch out and learn more about encryption and what you can do to secure your data. Good luck!

Lifehacker 101 is a weekly feature covering fundamental techniques that Lifehacker constantly refers to, explaining them step-by-step. Hey, we were all newbies once, right?


The Cheapest NBN 50 Plans

Here are the cheapest plans available for Australia’s most popular NBN speed tier.

At Lifehacker, we independently select and write about stuff we love and think you'll like too. We have affiliate and advertising partnerships, which means we may collect a share of sales or other compensation from the links on this page. BTW – prices are accurate and items in stock at the time of posting.

Comments