Does anyone have any experience with encrypting files or folders? I realised that while I backup my data to an external hard disk, I take that HD to work as off site back up, and it's all unencrypted. In theory, anyone could just plug it in and wipe it, or copy stuff off it.

What would be ideal would be some software that could encrypt a folder so I can drag and drop stuff in, once it's unlocked.

Anyone with any suggestions?

Encryption features are built in to business orientated versions of Windows (by that, I mean Windows XP Professional, also, I believe, Vista Business and Vista Ultimate). That can be an option - though you have to figure out how to manage the relevant EFS certificates.

With all encryption products, it's important to understand their limitations, especially if you're entrusting the only copy of important data to them (data recovery is essentially impossible of something goes wrong). Many need installing on the machine, which is no good if you need the data accessible anywhere.

Rather than one of the more complicated systems that allows you to have an encrypted disk partition, would a modern version of WinZip using AES encryption do? That software is inexpensive and pretty 'hard' cryptographically (unlike the legacy Zip 2.0 compression) - but beware of unencrypted temporary files being left lying around (or at least the remains of them, once they've been deleted).



David

I use http://www.truecrypt.org/

It's documented well on their site.

Another vote for TrueCrypt. Great piece of free software (although -as good as it is - I'm not sure I would entrust whole Gb's of data to an encryption program)

Bear in mind though that having a 500Gb drive encrypted still doesn't stop it being wiped or formatted. (or you dropping it for that matter!)

TJ

I didn't think of such possibility, but you have point. But nevertheless, be careful with these things. It might work perfectly fine today, but what about tomorrow? Microsoft is famous for not sticking with standards, so you might not be so happy tomorrow when you will realize there's no decryption program existing anymore. Of course same goes for pretty much every other program/company on world. Even if they stick to standards, in real world stuff can only be decrypted using same routines, and different programs use them different way, so normally things can't be used between different programs. And this might be tricky, if you look at this on long run.
So think if additional security is worth. As everything else, it has good and bad sides.

and dont forget to backup backup and backup

Probably not using a Mac, but if you are you can turn on OS X's File Vault, which is something like 128-bit encryption.

and dont forget to backup backup and backup

And write that password down in 3 or 4 or 5 or 10 places, maybe even your safe deposit box, if you have one.

and dont forget to backup backup and backup

...and... backup the backup of the backup! :D

And write that password down in 3 or 4 or 5 or 10 places, maybe even your safe deposit box, if you have one.

... doesn't that defeat the object of a password? :confused:

As far as passwords are concerned (getting slightly off the original track), I have a truecrypt area on my drive (which with truecrypt can be backed up by simply copying the file) in which I store all my login ID's and passwords, in itself, protected by a lengthy - but very easy (for me) to remember, password.

That way I really only have to remember one password. Details of any new login goes in this file for future reference.

TJ

The more you mess with the raw (no pun intended!) data the more difficult is will be to get it back when it goes wrong.

Put the HD under lock and key ;)

...I take that HD to work as off site back up, and it's all unencrypted. In theory, anyone could just plug it in and wipe it, or copy stuff off it.

And write that password down in 3 or 4 or 5 or 10 places, maybe even your safe deposit box, if you have one.

... doesn't that defeat the object of a password? :confused:

Well, if you forget it, the data are gone forever. Since he's concerned about a drive he takes to other places, keeping the password written down and secured is a good idea, if you ask me.

Well, if you forget it, the data are gone forever. Since he's concerned about a drive he takes to other places, keeping the password written down and secured is a good idea, if you ask me.

If you do write it down, I suggest keeping it in a safe deposit or your wallet.

I say your wallet because, it's less likely you'll lose it and I doubt you will give your wallet to anyone to have a look in