So, what’s the best way to protect your data from stolen when you lost your computer? Yes, get the whole system encrypted. If your hard drive is completely encrypted by the highest method, even though it fell into the bad guy’s hands your data is still safe. Rest assured.
TrueCrypt is arguably the most popular free encryption software out there, the best as well if you may agree. Not only does it encrypt the files or storages, it also allows you to encrypt the whole system where Windows is installed. As a bonus, TrueCrypt also encrypts the Windows systems that runs as virtual machine.
This is the tutorial that shows you how to do it in step by step.
Step 1: Download and Install TrueCrypt program
You can download the program from this download page. Make sure you download the Windows version. The latest stable version as we speak is on 7.1.
Run the installation file and follow through the wizard with default options to install the program onto your computer. It asks you in the end whether you want to read the user guide if you are the first time user, click Yes if you want to. Or you can follow through this guide as well.
Before you move on, make sure the computer you are about to encrypt has a CD/DVD burner attached. The following process won’t complete without a recue disk being burnt.
Step 2: Start the encryption process
First, double click the TrueCrypt icon on your desktop to launch the program.
Click on Create Volume to open the Volume Creation wizard.
Select the last option Encrypt the system partition or entire system drive and go to Next.
Select Normal, and go to Next.
You now have the choice to only encrypt the system partition or the entire drive. Let’s go the latter and go to Next.
You now have to option whether to encrypt the hidden hosted area or not. Since this hidden area is often used by manufactures to store tools and recovery image file, it’s not necessary needed to be encrypted. So let’s say No, and move on.
In the next screen, choose Single-boot if you only have one system running, or choose Multi-boot. And then go to Next.
You now have the choices choosing encryption options. If you don’t have much knowledge as to what to choose, leave it default and go to Next. If that’s the case, AES will be chosen as the encryption algorithm, which is the industry standard cipher that protects your data up o the top secret level. Another words, you are safe with AES, so far.
Pick up a password, and move to Next. It’s very important that you choose a very good and strong password. The longer and the more complicated, the better. But since you will be typing in this password every time when you turn on your computer, you need to pick one that is also easy to remember. A good pass phase might work better in this case. Something like “I Love Windows 7” is considered a very good and strong one. If the password is too short, you will get a warning message confirming if that’s ok to move forward.
Now, let’s move your mouse as randomly as possible for a minute or two to generate the encryption keys. The longer you move the better. Once you feel it’s enough, go to Next. Click Yes, if a UAC window pops up.
Review the keys generated, and go to Next.
It’s time to save a rescue disk. Choose a place to save the rescue disk image file and go to Next
Windows Disc Image Burner program opens up automatically. Insert a blank DVD or CD into the burner, tick the Verify option and click on Burn button to start the burning process. You can also save the rescue disk image file in a safe place as a backup as well.
Back to the TrueCrypt wizard once the burning process is finished. Since it’s so important having a recue disk as a backup, you won’t be able to go past to the Next without successfully burning it. The wizard verifies the burnt disk to make sure you have it before letting you move to the Next.
Rescue Disk Verified, let’s move forward.
Pick up a Wipe Mode and go to Next. If you are encrypting a new system that doesn’t have much data on it, choose None to fasten the process. Otherwise, choose one of 3 other methods to make sure your data is wiped clean after being encrypted.
In next window, click on Test to start the pretest process before the encryption process kicks in. After you click Test, all necessary components will be installed and the computer will be restarted.
Click Yes, to restart the computer. When the TrueCrypt Boot Loader prompts up, type in the password you used earlier to continue on.
Once the system boots up, the TrueCrypt Volume Creation Wizard opens up with, if everything goes well, a message saying that Pretest Completed.
Click on Encrypt button to start the encryption process, which could take a few hours long depending on how big the hard drive is and how fast the computer is.
Once done, reboot your computer.
From this point on, you will be working on a highly secured system in which all data you are working on are encrypted before stored onto the hard drive. You will have to key in the password to start Windows boot process every time you restart your computer.
TrueCrypt is a completely free program under Open Source license. If you like the program and find it’s extremely useful to protect your data, please kindly consider making some donation to support their hard work. The people working on this Open Source project are awesome and have done a tremendous work to make TrueCrypt highly usable and reliable. A huge thank to them.
Why not just use BitLocker?
On Windows 7, you will need Windows 7 Premium to have BitLocker. Windows 7 Pro, which most of the organization uses, doesn’t have BitLocker enabled.
On Windows 8, I do recommend using BitLocker. It’s more intuitive and much more easy to use.