Solved

Name that app - what app will keep a folder private and lock it after lack of use?

Posted on 2014-01-28
26
530 Views
Last Modified: 2014-01-30
Can you help me figure out what app will do this:

On a windows 7 pro desktop, in a workgroup, not a domain.

several people use the machine.  the boss wants to have a folder that others can't get into.  I'm envisioning, a folder on desktop.  Click on the folder / shortcut / link and it prompts for a password.

Enter the correct password and you have access to all the files in that folder to add / change / delete / whatever you want to do.

After some amount of inactivity - say 10 minutes, the folder is locked / you can't open the files without being prompted for and entering the password.

But what about if the file is open in word or excel?  it'll still be viewable by others.  They have to make sure to close excel / other app with those files, right?  Can't protect people from themselves completely?  

If someone goes into recent in excel or other app, the file will be there but won't open without the password for the folder.

Doesn't excel and word keep temp copies of the spreadsheets / docs?  in the same folder so they'd be encrypted also?

And then for backing up - can the folder be backed up without the password?  Just an encrypted file in the backup, but can be re-opened on another machine if they have the right password.

Any recommendations on the app for this?  Freeware / cheap if possible?  Simple to use.
0
Comment
  • 9
  • 6
  • 4
  • +2
26 Comments
 
LVL 32

Expert Comment

by:_
Comment Utility
I haven't used it in years, but as I remember, Truecrypt should cover most of what you want. It should do anything from individual files, to whole disks.

http://www.truecrypt.org/docs/
0
 

Author Comment

by:BeGentleWithMe-INeedHelp
Comment Utility
That's the name I've heard over the years, but in trying it out, it's not as simple as I was hoping.

hopefully someone can answer if this is doable - a simple way to mount that encrypted drive (or at least be prompted for a password) when he clicks on the shortcut to the drive, or clicks on a file in a recent list in word or excel that is on the encrypted drive?

I set the timeout (unmount) and saw that it works - it locks the drive / or really the drive just goes away.  I'd like to get prompted for the password....
0
 
LVL 78

Expert Comment

by:David Johnson, CD, MVP
Comment Utility
the way truecrypt works is that you have to know that the 'file' is an encrypted folder and also know the password.. it is another form of hiding encrypted data
0
 

Author Comment

by:BeGentleWithMe-INeedHelp
Comment Utility
I'm not loyal the truecrypt.  I don't want to hide the folder.  Here it is - but if you don't know the password, you are SOL.
0
 
LVL 32

Expert Comment

by:_
Comment Utility
I don't recall Hidden being a requirement, and the docs show Standard and Hidden Options, when creating the encrypted volume.
And it talks about treating them as any other file, as far as moving, copying, etc. So it sounds to me like you have to be able to see them.
http://www.truecrypt.org/docs/tutorial#Y0

I will try to remember to dig into it a little better, tomorrow, when I get a few minutes.
0
 
LVL 78

Expert Comment

by:David Johnson, CD, MVP
Comment Utility
you can see the file but you cannot see the contents.. you can have a truecrypt volume within another truecryipt volume that CAN be hidden.. i.e. if forced to unencrypt a file you can give 1 password but not the second password..
0
 

Author Comment

by:BeGentleWithMe-INeedHelp
Comment Utility
not sure where this is going. can I have an icon / shortcut or something that when I click on it to access the encrypted folder / files, I get prompted for a password to unlock the folder?

rather than going to the truecrypt GUI, mount the volume then enter the password then close the gui.  a more transparent way to be prompted for the password / make it more user friendly?  maybe that icon is a batch file of the command line version of using the gui?
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
Comment Utility
I don't know if a single app will do all that you are asking, but certainly you can combine something like Hide Folders with a couple Windows features to accomplish what you want.

To protect against someone leaving a document open, why not just lock the computer after inactivity?  

As for backup, if you use the built-in Windows Backup it creates a full disk image, so anything on the disk is retrievable.

Jeff
TechSoEasy
0
 
LVL 32

Expert Comment

by:_
Comment Utility
>> ...can I have an icon / shortcut or something that when I click on it to access the encrypted folder / files, I get prompted for a password to unlock the folder?

This is possible. If it doesn't want to Auto Mount when you click the "container letter", use one of these:

Can a volume be automatically mounted whenever I log on to Windows?

Yes. To do so, follow these steps:

    Mount the volume (to the drive letter to which you want it to be mounted every time).
    Right-click the mounted volume in the drive list in the main TrueCrypt window and select 'Add to Favorites'.
    The Favorites Organizer window should appear now. In this window, enable the option 'Mount selected volume upon logon' and click OK.

Then, when you log on to Windows, you will be asked for the volume password (and/or keyfiles) and if it is correct, the volume will be mounted.

Alternatively, if the volumes are partition/device-hosted and if you do not need to mount them to particular drive letters every time, you can follow these steps:

    Select Settings > Preferences. The Preferences window should appear now.
    In the section 'Actions to perform upon logon to Windows', enable the option 'Mount all devices-hosted TrueCrypt volumes' and click OK.

Note: TrueCrypt will not prompt you for a password if you have enabled caching of the pre-boot authentication password (Settings > 'System Encryption') and the volumes use the same password as the system partition/drive.


Can a volume be automatically mounted whenever its host device gets connected to the computer?

Yes. For example, if you have a TrueCrypt container on a USB flash drive and you want TrueCrypt to mount it automatically when you insert the USB flash drive into the USB port, follow these steps:

    Mount the volume (to the drive letter to which you want it to be mounted every time).
    Right-click the mounted volume in the drive list in the main TrueCrypt window and select 'Add to Favorites'.
    The Favorites Organizer window should appear now. In this window, enable the option 'Mount selected volume when its host device gets connected' and click OK.

Then, when you insert the USB flash drive into the USB port, you will be asked for the volume password (and/or keyfiles) (unless it is cached) and if it is correct, the volume will be mounted.

Note: TrueCrypt will not prompt you for a password if you have enabled caching of the pre-boot authentication password (Settings > 'System Encryption') and the volume uses the same password as the system partition/drive.


http://www.truecrypt.org/faq
0
 

Author Comment

by:BeGentleWithMe-INeedHelp
Comment Utility
to complete mounting, you need the password, right?  So if the person booting up the machine isn't the boss, they won't have the password, the folder won't be accessible.  and even if it was the boss and he unlocks it, the folder will lock after x minutes. and then how does he reopen the locked folder?
0
 

Author Comment

by:BeGentleWithMe-INeedHelp
Comment Utility
Jeff:  I don't know if a single app will do all that you are asking

really : (

you'd know but damn, that's disappointing.  it seems so simple - click on a folder / prompt for a password.  you enter the password and get the files.  No password, no files.  And if you don't use that folder for x minutes, it locks the folder.  

Clcik on a link to a file in that folder, it knows to prompt for a password.

like accessing a shared drive - sometimes you get prompted for credentials?  But that won't break the connection after x minutes natively. I suppose you can schedule a task to do that?
0
 
LVL 53

Expert Comment

by:McKnife
Comment Utility
Hi.

Wouldn't it be time for the whole story?
Who is protecting what against whom (doing what) and why?
Why would you need the lock-after-idle?
0
 

Author Comment

by:BeGentleWithMe-INeedHelp
Comment Utility
whole story?  shared computer in the office of a small business.  Boss wants a way to keep some files inaccessible to others.

protecting files from others using the computer

Lock after idle if he gets busy with something else and steps away from the pc.

now that you have that, have any recommendation?
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
Comment Utility
"And if you don't use that folder for x minutes, it locks the folder.  "

The problem is that it would need to close the document before locking the folder.  Otherwise, you may have a modified document sitting open which cannot be saved because the folder is now locked.

But now that we have the full story, my suggestion makes even more sense.

Your scenario is not unique and Windows is designed to handle this.

When you share a computer, that doesn't mean that users log on with the same account.  Each user should log on with their own credentials, and when they are done they log off or lock the computer (WINDOWS KEY + L) if they don't want to close out of work in progress.

Next person comes along and logs in with their own credentials.  This puts them into a separate profile (desktop) which will not allow them to access any files owned by the first user.

No need for encryption.  NTFS permissions will keep anyone out of the files as long as they are not in the Local or Domain Administrators groups.

Adding the group policy to automatically lock the workstation after a short period of inactivity will address the issue you raised about the first user just walking away without locking the computer.  

Instructions on how to create that policy are located here:
http://technet.microsoft.com/en-us/library/ee617164(v=ws.10).aspx

Jeff
0
 
LVL 78

Expert Comment

by:David Johnson, CD, MVP
Comment Utility
adjust the screensaver options
0
 

Author Comment

by:BeGentleWithMe-INeedHelp
Comment Utility
separate user names just isn't something they are going to do. 99% of the time they are working on shared data and on for a minute or 2 at a time. They do not want to deal with logging in each time they need the machine.

thanks anyway. So jeff - no one answered the question.  How do I close this out? For everyone's effort, I'd split the points.  You all tried to help.
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
Comment Utility
So, the thing is that you can definitely LOCK the folder from other users.  

Just compress the folder into a .zip file and add a password to it.  You'll need something like 7-Zip to do this.

That will keep everyone out of the folder that doesn't have the PW.

It will NOT, however, protect a document that has been left open.  There is really no way to automatically do this without just locking the desktop.

It will also not protect anything if the folder itself is left open.  So a user should make sure to close the folder after retrieving the intended document.

Jeff
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
Comment Utility
0
 

Author Comment

by:BeGentleWithMe-INeedHelp
Comment Utility
I know how to split points. but in another question I posted, I gave points out to people for answering but you took issue with the fact that I didn't use their answers. Same here.  lots of comments / good ideas, but don't answer the question looking for the name of an app that meets the criteria I was describing.

So do I reward people for trying / putting in the time or bother a moderator to close the question without rewarding points? or some other resolution?
0
 

Author Comment

by:BeGentleWithMe-INeedHelp
Comment Utility
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
Comment Utility
http://support.experts-exchange.com/customer/portal/articles/755964-the-experts-told-me-%E2%80%9Cyou-can%E2%80%99t-do-that%E2%80%9D-what-do-i-do-now-

This is a different situation than your other question because the answer ended up being, "You can't do that".

(although, I do believe that I was finally able to provide you with a way to at least lock the folder).

Jeff
0
 
LVL 32

Expert Comment

by:_
Comment Utility
Sorry, got swamped today, and didn't get a chance to play with TrueCrypt.
If you want to wait until tomorrow, I will see if it will do the one-click part.

Otherwise, post a Q in CS, and ask them to Delete this Question, with the reason no viable answer was given.
Don't forget to include a link to this Q.

http://www.experts-exchange.com/Community_Support/General/
0
 
LVL 53

Expert Comment

by:McKnife
Comment Utility
Shared logins render all measures useless. What if a person starts a keylogger right in your shared profile that records the keystrokes? Get away from shared logins, that is the best thing you could do. Before you do, measures like this are mere wishful thinking.
0
 
LVL 74

Accepted Solution

by:
Jeffrey Kane - TechSoEasy earned 500 total points
Comment Utility
There is no reason to delete this question.  Because there WAS an answer given.

Based on the original question, the answer is "you can't do that".  Because there is no way to "lock" an OPEN document.

FYI, you CAN actually add a VB MACRO to every document which will automatically save and close it after a certain period of idle time.  (See:  http://rdsrc.us/Q9eHTC).  However, you need to be aware that it could cause unwanted changes to be saved -- therefore be sure that "Previous Versions" is enabled on the drive where the folder resides in order to be able to revert to one if necessary.

Furthermore, I provided a very simple method to password lock a folder on a computer that has multiple people using the same user profile.  

I believe I have now satisfied all requirements of the original goal of this question.

Jeff
0
 
LVL 53

Expert Comment

by:McKnife
Comment Utility
I urge you to think about a new concept, shared logins are a no-go, security-wise. That cryptofolder concept does not change anything, as said before, the password can be keylogged with a small effort.
0
 
LVL 78

Expert Comment

by:David Johnson, CD, MVP
Comment Utility
all you need are 2 accounts .... boss and employees   the boss account is the only one that needs a password and use the power options/ screensaver options to lock the computer when idle ... as long as the employee account is a standard account it cannot access the boss's personal files .. he could also use the built in EFS (encrypting file system) to further secure the files (all within windows)
0

Featured Post

Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

Join & Write a Comment

As a financial services provider, your business is impacted by two of the strictest federal regulations on record: the Sarbanes-Oxley Act and the Gramm-Leach-Bliley Act. Correctly implementing faxing into your organization to provide secure, real-ti…
Many companies are looking to get out of the datacenter business and to services like Microsoft Azure to provide Infrastructure as a Service (IaaS) solutions for legacy client server workloads, rather than continuing to make capital investments in h…
This Micro Tutorial will teach you how to change your appearance and customize your Windows 7 interface to your unique preference. This will be demonstrated using Windows 7 operating system.
This Micro Tutorial will give you a basic overview of Windows Live Photo Gallery and show you various editing filters and touches to photos you can apply. This will be demonstrated using Windows Live Photo Gallery on Windows 7 operating system.

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

6 Experts available now in Live!

Get 1:1 Help Now