MyTechBlog

How to Encrypt your Windows Computer

A basic Windows password offers zero protection to your data even to the most unskilled computer hacker. On the other hand, encrypting your computer’s data, theoretically, protects the data. A number of different encryption algorithms and software are available with Microsoft’s BitLocker hard drive encryption utility installed in Ultimate and Enterprise versions of Windows 7 and Vista. This is obviously limiting and so this tutorial will use a free Open Source utility called TrueCrypt. It provides on-the-fly encryption and works in the background and allows you to continue using everything you normally would.

The first step of this tutorial is to download and install TrueCypt.

The installation is straightforward and I would recommend that you select the option to create a system restore point. It is highly unlikely that you will run into any serious problems but even making a full system image is probably a good idea. (Remember that this system image will be unencrypted).

TrueCrypt Installation

Once the installation is complete open TrueCrypt.

TrueCrypt Mainscreen

Click ‘Create Volume’, which gives you the following set of options.

TrueCrypt Options

At this point you have a number of different options, depending on your situation.

Create an encrypted drive

I will cover this option in a later tutorial.

Encrypt the entire system drive

This encrypts the entire system drive where Windows is installed and offers the maximum type of security. Before anyone can gain access to the system they must enter the correct password before Windows boots.

TrueCrpyt PasswordSelect the third option to ‘Encrypt the entire system drive’ and click ‘next’.

TrueCrypt Volume Type

Select ‘Standard TrueCrypt Volume’ and click ‘next’.

TrueCrypt Area to Encypt Options

Select ‘Encrypt the whole drive’ and click ‘next’.

 TrueCrypt Protected AreaThe answer to this question will vary depending on your situation. Many computer manufacturers include a protected area of the hard drive to store system recovery or even RAID utilities. It is therefore safest to answer ‘no’ to this question to avoid any problems.

 TrueCrypt Single BootIn my situation I only have one operating system installed so I selected ‘Single-boot’.

 TrueCyrpt AlgorithmThe next set of options allow you to specify the level of encryption you would like to use. All the algorithms have their good and bad points. I would recommend that you just stick with the ‘AES’ algorithm unless you have a specific need to use an alternative.

 TrueCrypt PasswordEnter the password (the stronger the better).

You will then see a screen with some strange hex numbers. Basically they change based on your mouse movement to create unique key.

TrueCrypt Collecting Random Data

Once you have clicked next, you will see the generated keys.

 TrueCrypt Keys GeneratedBefore your computer can be encrypted you must create a rescue disk. This can be used if Windows gets damaged and will be a lifesaver if it is needed. For this reason you must create the rescue disk, you won’t be allowed to continue without it.

 TrueCrypt Rescue DiskClick ‘next’ and follow through the Windows Disk Image Burner wizard to create the disk. You will obviously need a blank CD/DVD.  [alert message=”You won’t be able to continue without the rescue disk.”]

TrueCrypt Rescue Disk Verified

Click ‘next’.

 TrueCrypt Wipe ModeDon’t be confused by the word ‘wipe’. Basically, when TrueCrypt first encrypts the data, using advanced digital forensic techniques, it may be possible to recover the original data. TrueCrypt can prevent, or make it extremely difficult, to recover the unencrypted data by wiping it. This can take a long time depending on the number of times the data is overwritten (passes). In this tutorial I will be select the Wipe Mode as ‘None’.

 TrueCrypt Encryption PretestSelect ‘test’ to restart your computer and allow TrueCrypt to make sure everything will work correctly. On the restart you will be prompted to enter the password you entered earlier.

TrueCrpyt Password

Once the computer has restarted you should see the following pretest successful message.

 

TrueCrypt Pretest Completed

If you are 100% happy, click ‘Encrypt’.  

Note: It can take a long, long time to initially encrypt.

In this tutorial I encrypted a clean install of Windows 7 installed on a SSD with an Intel I7 processor and it took over 15 minutes.

TrueCrypt Encrypting

Once the encrypting has finished you will have successfully encrypted your Windows computer. If you run into any problems, leave a comment below.

Tags:
Security

I am the executive editor of MyTechBlog and founder of Wheal Media Limited. I’m studying MEng Computer Engineering at the University of Portsmouth and am currently on a years industrial placement working as a Systems Engineer.

http://www.johnwheal.co.uk
John Wheal
Get the best tutorials delivered to your inbox

Powered by MailChimp

Comments
1 comments
deadlywill
deadlywill

Thanks John - A well laid out how to that worked exactly as your directions stated. I'm on an older Dell Inspiron 1525 Intel Core2Duo CPU T6400@ 2.00GHz, 3.0GB RAM, Mobile Intel 965 Express Chipset Family  Windows 8.1 - and the required time to encrypt is 3 hrs. You are able to minimize the encryption window and carry on with whatever you are doing. Cheers mate - Far North Queensland Australia