Recommendations for encryption software
-
- SilverLounger
- Posts: 2370
- Joined: 28 Mar 2010, 01:49
Recommendations for encryption software
Can anyone recommend encryption software for a laptop running Windows 10?
Some online articles suggest that BitLocker comes with some versions of Windows (see, for example, this article: https://docs.microsoft.com/en-us/window ... r-overview" onclick="window.open(this.href);return false;), but it appears that my version of Windows 10 Home does not come with Bitlocker or other encryption software.
Some online articles suggest that BitLocker comes with some versions of Windows (see, for example, this article: https://docs.microsoft.com/en-us/window ... r-overview" onclick="window.open(this.href);return false;), but it appears that my version of Windows 10 Home does not come with Bitlocker or other encryption software.
Regards,
JMT
JMT
-
- Administrator
- Posts: 78229
- Joined: 16 Jan 2010, 00:14
- Status: Microsoft MVP
- Location: Wageningen, The Netherlands
Re: Recommendations for encryption software
Indeed, Windows 10 Home does not come with BitLocker, only the Pro and Enterprise editions do.
VeraCrypt is a free open source disk encryption software.
VeraCrypt is a free open source disk encryption software.
Best wishes,
Hans
Hans
-
- Administrator
- Posts: 12577
- Joined: 16 Jan 2010, 15:49
- Location: London, Europe
Re: Recommendations for encryption software
I have used Veracrypt for some years now. I used to just use it for my data partition, but I have now started using it for the system partition too. It works very well and has never given me any problems.
StuartR
-
- SilverLounger
- Posts: 2370
- Joined: 28 Mar 2010, 01:49
Re: Recommendations for encryption software
I heard Veracrypt was so powerful that it causes a noticeable slowdown. Is this true?
Regards,
JMT
JMT
-
- Administrator
- Posts: 12577
- Joined: 16 Jan 2010, 15:49
- Location: London, Europe
Re: Recommendations for encryption software
This is not true. During normal running Veracrypt has no noticeable performance impact. When you mount an encrypted volume there is a delay that can feel quite long, but this is an intentional part of the Veracrypt design to prevent someone from trying different keys very fast.jmt356 wrote:I heard Veracrypt was so powerful that it causes a noticeable slowdown. Is this true?
StuartR
-
- SilverLounger
- Posts: 2370
- Joined: 28 Mar 2010, 01:49
Re: Recommendations for encryption software
If you move files to an encrypted Veracrypt drive and then back up those files on an external drive using ShadowProtect, will you be able to access them on the external drive backup using ShadowProtect? Or will you lose access to them on the external drive backup once they are encrypted?
Can Outlook PST and OST files be stored to VeraCrypt volumes or will doing so interfere with their functionality?
How does the encryption of the entire hard drive work? Is the only difference that I will notice that I have to enter a password upon first starting up the laptop and before entering the Windows log-in page? Are there any other differences I will notice?
Can Outlook PST and OST files be stored to VeraCrypt volumes or will doing so interfere with their functionality?
How does the encryption of the entire hard drive work? Is the only difference that I will notice that I have to enter a password upon first starting up the laptop and before entering the Windows log-in page? Are there any other differences I will notice?
Regards,
JMT
JMT
-
- Administrator
- Posts: 12577
- Joined: 16 Jan 2010, 15:49
- Location: London, Europe
Re: Recommendations for encryption software
When the encrypted partition is mounted it behaves EXACTLY like any other partition. You can move files freely to and from other locations as if they were never encrypted. You can store any file that you would normally store, including PST and OST files.
It is easiest if you encrypt the entire system drive, and then you just have to enter your password very early in the boot sequence.
I did notice one small difference. If you have an encrypted partition which is NOT automatically mounted during system startup, then Windows Search may have difficulty indexing it. I run a scheduled task that stops and restarts the wsearch service to deal with this.
It is easiest if you encrypt the entire system drive, and then you just have to enter your password very early in the boot sequence.
I did notice one small difference. If you have an encrypted partition which is NOT automatically mounted during system startup, then Windows Search may have difficulty indexing it. I run a scheduled task that stops and restarts the wsearch service to deal with this.
StuartR
-
- SilverLounger
- Posts: 2370
- Joined: 28 Mar 2010, 01:49
Re: Recommendations for encryption software
Suppose the encrypted partition is not mounted and it contains my Outlook PSTs and OSTs. Will these be unreadable unless I first mount the encrypted partitions? In other words, do I need to mount the encrypted partitions that contain my Outlook files every time I launch Outlook?
Regards,
JMT
JMT
-
- Administrator
- Posts: 78229
- Joined: 16 Jan 2010, 00:14
- Status: Microsoft MVP
- Location: Wageningen, The Netherlands
Re: Recommendations for encryption software
Yes, if that partition hasn't been mounted, you won't be able to use Outlook.
Best wishes,
Hans
Hans
-
- SilverLounger
- Posts: 2048
- Joined: 25 Jan 2010, 02:12
Re: Recommendations for encryption software
If a partition is unmounted it is unusable regardless of encryption.
Joe
-
- BronzeLounger
- Posts: 1545
- Joined: 26 Jan 2010, 11:36
- Location: Melbourne, Australia
Re: Recommendations for encryption software
Stuart,
With your extensive experience, it seems it might be worthwhile for you to write a sticky "How To" post on using Veracrypt. ... if you get the time of course.
There seem to be quite a few "tips & tricks" involved, that are not so obvious from the outset.
Alan
With your extensive experience, it seems it might be worthwhile for you to write a sticky "How To" post on using Veracrypt. ... if you get the time of course.
There seem to be quite a few "tips & tricks" involved, that are not so obvious from the outset.
Alan
-
- Administrator
- Posts: 12577
- Joined: 16 Jan 2010, 15:49
- Location: London, Europe
Re: Recommendations for encryption software
Good idea Alan. I will try to find time to do this.
StuartR
-
- SilverLounger
- Posts: 2370
- Joined: 28 Mar 2010, 01:49
Re: Recommendations for encryption software
If I have an online cloud service set to synchronize the files in My Documents, but I have some files in My Documents in an unmounted encrypted Veracrypt drive, will the cloud service be unable to read these files and synchronize changes made to their counterparts on the cloud? In other words, do I always have to have my Veracrypt drives mounted to ensure that my cloud service is properly able to read and backup my files?
Regards,
JMT
JMT
-
- Administrator
- Posts: 78229
- Joined: 16 Jan 2010, 00:14
- Status: Microsoft MVP
- Location: Wageningen, The Netherlands
Re: Recommendations for encryption software
Any drive/partition that you want to use has to be mounted, whether it is encrypted or not. An unmounted drive is not accessible - not to you, not to your applications, not to your cloud service.
Best wishes,
Hans
Hans
-
- SilverLounger
- Posts: 2370
- Joined: 28 Mar 2010, 01:49
Re: Recommendations for encryption software
Creating and encrypting a File Container in Veracrypt appears to be impractical as it always requires having the File Container mounted in order to use the files in any way.
I believe encrypting the entire hard disk is less cumbersome as it mounts everything on the drive upon start-up, while also securing data on the hard drive.
I tried encrypting the entire hard drive and received this message:
Before you can proceed, you must have at least 32 kilobytes of free space at the beginning of the system drive (the VeraCrypt Boot Loader needs to be stored in that area). You must repartition the disk and leave the first 32 kilobytes of the disk free (in most cases, you must delete and recreate the first partition).
Can you recommend a program to repartition the disk to leave the first 32 kb free? My current set up has the following partitions:
- C drive
- HP Tools
- MBR and Track0
I believe I need to wipe the entire hard drive and repartition it as follows:
- VeraCrypt
- C drive
- HP Tools
- MBR and Track0
What is the best way to achieve this? Is ShadowProtect acceptable software? If so, do I need the recovery disk to do this?
I believe encrypting the entire hard disk is less cumbersome as it mounts everything on the drive upon start-up, while also securing data on the hard drive.
I tried encrypting the entire hard drive and received this message:
Before you can proceed, you must have at least 32 kilobytes of free space at the beginning of the system drive (the VeraCrypt Boot Loader needs to be stored in that area). You must repartition the disk and leave the first 32 kilobytes of the disk free (in most cases, you must delete and recreate the first partition).
Can you recommend a program to repartition the disk to leave the first 32 kb free? My current set up has the following partitions:
- C drive
- HP Tools
- MBR and Track0
I believe I need to wipe the entire hard drive and repartition it as follows:
- VeraCrypt
- C drive
- HP Tools
- MBR and Track0
What is the best way to achieve this? Is ShadowProtect acceptable software? If so, do I need the recovery disk to do this?
Regards,
JMT
JMT
-
- Administrator
- Posts: 12577
- Joined: 16 Jan 2010, 15:49
- Location: London, Europe
Re: Recommendations for encryption software
Is there something unusual about how your hard drive was created? Do you have more than one operating system on this drive?
StuartR
-
- SilverLounger
- Posts: 2370
- Joined: 28 Mar 2010, 01:49
Re: Recommendations for encryption software
I believe my hard drive setup is standard. It only runs Windows 10.
Regards,
JMT
JMT
-
- Administrator
- Posts: 12577
- Joined: 16 Jan 2010, 15:49
- Location: London, Europe
Re: Recommendations for encryption software
That's strange. I haven't seen this issue and I've used VeraCrypt on a few system drives.
StuartR
-
- SilverLounger
- Posts: 2370
- Joined: 28 Mar 2010, 01:49
Re: Recommendations for encryption software
Don't you have the VeraCrypt Boot Loader stored at the beginning of your hard disk?
Regards,
JMT
JMT
-
- Administrator
- Posts: 12577
- Joined: 16 Jan 2010, 15:49
- Location: London, Europe
Re: Recommendations for encryption software
Here is what disk manager shows for the partitions on the only disk drive on this laptop.
The system partition is encrypted by VeraCrypt, and this is mounted as the system is booting.
The large RAW partition is another VeraCrypt encrypted partition that I mount manually to access my data.
The system partition is encrypted by VeraCrypt, and this is mounted as the system is booting.
The large RAW partition is another VeraCrypt encrypted partition that I mount manually to access my data.
You do not have the required permissions to view the files attached to this post.
StuartR