You never know when thieves, looters, hackers, officials, an ex, or whomever might get a hold of your computer which could have sensitive information on it. So, the best thing you could do is encrypt your files.
Two basic ways of doing this is to encrypt only your sensitive files (this article), or encrypt your whole hard drive so everything is encrypted (another article).
I don’t like big company encrypting software, because of the whole NSA/FBI getting companies to install backdoors (ie. Microsoft BitLocker, FBI got Microsoft to add a backdoor in 2005). Who knows if it’s true or not, but I just don’t trust them. So, I use free open source software where anyone can take a look at the code, do a security audit and see if such backdoors exist.
My software of choice is VeraCrypt. It took over after TrueCrypt closed it’s doors due to them (TrueCrypt) saying it isn’t safe. A security audit was done on TrueCrypt’s code and Phase I & II found the code to have no backdoors or insecurities in “most” cases. VeraCrypt took TrueCrypt’s code and corrected these rare occurrence flaws and made other security improvements. Plus, VeraCrypt is super easy to use, “on the fly”.
Luckily it works on not just Windows but OS X and Linux as well. However, for this I am using Windows and I don’t know how much this varies from OS to OS.
How file encryption works in VeraCrypt is you have what is called a file container, and within that container you put your files that you want encrypted. You decrypt the file container and place your files in it or take them out. Then when done, you encrypt the container again, making your files secure and out of reach from others.
First you will want to download VeraCrypt and run it. It should look similar to this:
Go ahead and click “Create Volume” which should take you to this screen:
Make sure “Create an encrypted file container” is selected and click “Next”
Make sure “Standard VeraCrypt volume” is selected and click “Next”
Click “Select File…”
Here is where you select the location of where you want to save your container AND the name you would like to call it, then hit “Save”.
***WARNING: IF YOU SELECT AN EXISTING FILE IT WILL OVERWRITE IT***
Brings you back to this screen, but now filled in, click “Next”
The encryption algorithms automatically populated are sufficient, just click “Next”
Choose a size you want your volume to be. This all depends on the size of files you want to put in your encrypted container. I’ll use this container for backups of scanned receipts, so 50MB should be enough. If later I find it isn’t big enough, I will go through this procedure again and create a larger container. Then just transfer the contents of one into the other and delete the old empty container. Once you have entered a size, click “Next”.
Time to enter a password for your encrypted container. I would recommend doing what they suggest, using over 20 characters (64 is max) including upper and lower case letters, numbers, special characters (ie. @#&$!) with it all being random. They don’t recommend dictionary words as these can be brute forced easier.
Select the file system you would like to use. If you’re not familiar with file systems, select NTFS if transferring files larger than 4GB, otherwise FAT should be fine. This may seem strange but now you want to move your mouse as much as you can within the “Volume Format” window. The longer you do, the stronger your encryption keys’ cryptographic strength will be. Once you think that you’ve moved it around enough, click “Format”.
Your file container (sometimes called volume), is now created!! Click “Ok”, then click “Exit”
You should now be back to this screen (if not and you closed the program, just re-open VeraCrypt)
To open your newly created encrypted file container, click one of the lettered drives on the left (I have selected drive N:), and click “Select File…”.
Go to the location where you saved your container, select it, and click “Open”
Now click “Mount”
Enter your long random password
At this point it’ll say it might take awhile, and depending on the size of your container, it just might take awhile. So be patient…..
Once finished it’ll look like this. Double click the mounted drive to open your container.
Your container will be empty. Now you can put whatever files you want encrypted in your container. Once done, you can close that window and you will be brought back to the original screen.
Your container isn’t encrypted and safe until you click and highlight the drive (in my case N:), then click “Dismount”
When it is not mounted, your file container is just like any other file. You can move it, copy it, delete it etc. That means you can store it on a USB drive or on your favorite cloud service.
Congratulations! You just created an encrypted container to store sensitive files in!!