?
Solved

Encrypted files!!!

Posted on 2006-06-21
13
Medium Priority
?
1,141 Views
Last Modified: 2010-04-11
Hi,

I am looking for a program or windows utility that I can use to encrypt and password protect certain files or a folder, I am looking for a level of security that would make the files completly unreadable to anybody even if my pc was hacked accross a network or the hardware physically stolen.

I remember seeing some software a long ago that did this job, but would like to know what the most secure option is at the moment?

I use windows XP SP2

Thanks for any help.

HR1
0
Comment
Question by:HighRoller1
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
13 Comments
 
LVL 32

Expert Comment

by:r-k
ID: 16956303
The Encryption feature that is included with Win/XP should do the job.

Take a look at: http://www.microsoft.com/technet/prodtechnol/winxppro/deploy/cryptfs.mspx

Just be sure to read the sections on data recovery very carefully.

If you want another option, people on this list have been recommending:

 http://www.truecrypt.org/

0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 16958719
0
 
LVL 5

Accepted Solution

by:
kevinf40 earned 1200 total points
ID: 16958942
Additionally, a selection of free encryption software of various types can be found here:

http://www.thefreecountry.com/security/encryption.shtml

Also for ease of use, has various options to encrypt some files, or whole disk encryption, and nice integration with email clients such as outlook (I know you specified file encryption, but I thought I'd mention this additional feature) you may consider the commercial version of pgp which is fairly inexpensive:
http://www.pgp.com/

cheers

Kevin
0
Get real performance insights from real users

Key features:
- Total Pages Views and Load times
- Top Pages Viewed and Load Times
- Real Time Site Page Build Performance
- Users’ Browser and Platform Performance
- Geographic User Breakdown
- And more

 

Author Comment

by:HighRoller1
ID: 16959136
I am trying to use the windows method following these steps:

To encrypt a file for multiple users

1.
 Open Windows Explorer and select the file you want to encrypt
 
2.
 Right-click the chosen file and select Properties from the context menu.
 
3.
 Select the Advanced button to enable EFS.
 
4.
 Encrypt the file by selecting the Encrypt contents to secure data check box as shown in Figure 2 below. Click OK.
 

But the check box is in grey and cannot be selected? what should I do?
0
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 16959781
Files and folders that are compressed cannot be encrypted using M$ EFS... it's encryption and compression are "mutually exclusive"
http://www.microsoft.com/windowsxp/using/security/expert/sharefilesefs.mspx
XP Home also does not allow you to encrypt data using EFS, EFS is inactive in home addtion. I'd suggest TrueCrypt instead http://www.truecrypt.org/
Sounds like you may have xp home additon, not xp pro?
-rich
0
 

Author Comment

by:HighRoller1
ID: 16959833
thats correct its XP home
0
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 16960173
You cannot use M$ EFS then...
http://www.microsoft.com/technet/prodtechnol/winxppro/reskit/z04d621675.mspx#ELC
Corporate Security
Features such as Encrypting File System (EFS) and computer domain account support add complexity that is primarily for business use and therefore is not supported in Windows XP Home Edition.

I'd recommend TrueCrypt instead.
-rich
0
 
LVL 4

Expert Comment

by:MalleusMaleficarum
ID: 16963666
On the commercial side, I've used a product called BestCrypt from Jetico Software.  They use standard 256-bit encryption algorithms and I like it because I can create a "container" and dump stuff into it and mount it and dismount it as I see fit.

(Website marketing blurb)
BestCrypt software keeps your confidential data in a strongly encrypted form on your disk and provides you with transparent access to it from any application. Keep your letters, databases, private information in an encrypted form on your hard disks, removable media, magneto-optical devices, CD ROMs, floppies or network disks - all within a standard operating environment. Read more about our Standard Edition and Corporate Edition.

For data erasure, Jetico also makes BCWipe which is their erasure tool.  I particularly like this tool because it has many levels of wiping (# of passes, 1's, 0's, random characters)  I also like that it will wipe the wiindows page file.  If you use the "Hibernate" feature (which stores a snapshot of RAM to a file) it will even wipe the hiberfil.sys file.

(Website marketing blurb)
BCWipe software is designed to securely delete files from disks and other media. Standard file deletion leaves the contents of the "deleted" file on your disk. Unless it has been overwritten by files saved afterwards, it can be recovered easily using standard disk utilities. BCWipe is fully integrated into the Windows Shell and efficiently shreds file data so that recovery by any means is impossible.

I am a gov. contractor and I use this product daily at work and at home.  With all the press of stolen gov. laptops lately here in the US, it only makes sense to adopt some kind of product like this.
0
 
LVL 25

Expert Comment

by:Ron Malmstead
ID: 16988655
Upgrade to xp pro.
0
 

Author Comment

by:HighRoller1
ID: 16988947
I am looking at www.pgp.com and the whole disk encryption feature looks like a good idea, does anybody know if I would be able to deploy this pgp desktop function on a disc that already contains data (200GB used of a 250GB hdd for example) or will I have to reformat the drive first ? will it slow the use of the pc very much ?

I have downloaded a free trial of  Steganos safe 8, it has two modes LOCKED or UNLOCKED, when it is in the unlocked mode is the data potentially visable to anybody across a network ar a hacker across the internet? or is it always encrypted and just unlocked?

...........and just to expand the scope of the question a little, If I lose the passphrase would there be any way whatsoever of me being able to recover the data (any type of backdoor for example)?  even if I had a team of experts-exchange experts working on it for a month or two? :)
0
 
LVL 38

Assisted Solution

by:Rich Rumble
Rich Rumble earned 800 total points
ID: 16989371
I also support steganos as it is a great utility, cheap and secure as well. I've not tested to see if the data is unlocked to everyone once it's unlocked, I believe it is, to those that have access to the drive or share, unless someone from the internet has access to that PC's drive/share it's not visible to them. There is no back door to these products, PGP, Steganos or TrueCrypt. TrueCrypt only stores the unencrypted data in ram, and unless someone has the passphrase or one of the many keys you can assign, the data is always encrypted on the disk, and only unencrypted in ram, so if the pc was turned off all of a sudden, it's never in a plain-text state other than in ram.
http://www.truecrypt.org/faq.php

If the passphrase is of significant length, and not easily found in a dictionary, there is no hope for recovery in our lifetime. M$ EFS, unfortunatly has many vectors for recovery. PGP whole disk makes it possible for you to encrypt the enrire disk, including the files needed to boot windows, requiring boot-time authentication. boot-time auth means a password, and a usb or similar token, and if the user losses his/her USB/token, an administrator can use theirs along with their password. TrueCrypt has something similar with it's "key Files" http://www.truecrypt.org/user-guide/
TrueCrypt should not be used to encrypt the contents of M$'s system folders, however it can encrypt the many other files/folder on windows, as well as encrypting other partitions fully or other drives and disc's like cd-roms,DVD's and USB devices.
http://download.pgp.com/pdfs/whitepapers/Full-Disk-Encryption_Buyers-Guide_060619_F.pdf
You shouldn't have to format a drive or anything, but perhaps move the data off the drive, create a new "drive" or partition, then copy the files back into that. I/O on the PC shouldn't be very much with a transparent solution like TrueCrypt or PGP, steganos isn't transparent.
-rich
0
 

Expert Comment

by:LoneWolfwfk
ID: 16991090
Personally, I like using Cryptainer LE (it's free yet extremely robust).  This application allows you to create multiple 25MB encrypted "vaults" on your local/networked harddrive with 128 bit encryption.  I find it very easy to use and extremely secure.  Refer to the following link for more details:  http://www.cypherix.com/cryptainerle/index.htm
0
 

Author Comment

by:HighRoller1
ID: 17039503
Thanks for the answers, I am going to try www.pgp.com
0

Featured Post

Cyber Threats to Small Businesses (Part 2)

The evolving cybersecurity landscape presents SMBs with a host of new threats to their clients, their data, and their bottom line. In part 2 of this blog series, learn three quick processes Webroot’s CISO, Gary Hayslip, recommends to help small businesses beat modern threats.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The conference as a whole was very interesting, although if one has to make a choice between this one and some others, you may want to check out the others.  This conference is aimed mainly at government agencies.  So it addresses the various compli…
Ever wonder what it's like to get hit by ransomware? "Tom" gives you all the dirty details first-hand – and conveys the hard lessons his company learned in the aftermath.
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
Suggested Courses

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question