Need to password protect external hard-drive
August 31, 2009 12:25 PM Subscribe
Need to password protect external hard-drive
So I have a hard-drive containing my life's creative work and it's rather important to me -- I have the contents backed up on a second external hard-drive, but I would really like to have the contents of both drives password encrypted/protected... so that if they were stolen, no one could access the contents.
What's the best program for this? Free or very cheap would be great.
Thanks!
So I have a hard-drive containing my life's creative work and it's rather important to me -- I have the contents backed up on a second external hard-drive, but I would really like to have the contents of both drives password encrypted/protected... so that if they were stolen, no one could access the contents.
What's the best program for this? Free or very cheap would be great.
Thanks!
Another option is to use a service like Amazon Web Service and setup your buckets as encrypted.
Don't have to worry about backups, broken drives, or other malarkey.
posted by jimmy0x52 at 12:33 PM on August 31, 2009
Don't have to worry about backups, broken drives, or other malarkey.
posted by jimmy0x52 at 12:33 PM on August 31, 2009
Truecrypt.... again.
Note you want encryption NOT just a password on an external hard drive. Generally once someone has physical access to a drive, getting around a password is trivial.
Getting around encryption is still possible but much harder.
posted by bitdamaged at 12:33 PM on August 31, 2009
Note you want encryption NOT just a password on an external hard drive. Generally once someone has physical access to a drive, getting around a password is trivial.
Getting around encryption is still possible but much harder.
posted by bitdamaged at 12:33 PM on August 31, 2009
ninja'd.
But it is open-source, and will run on Mac OS, windos or Linux. It also allows you to create a hidden volume
posted by James Scott-Brown at 12:35 PM on August 31, 2009
But it is open-source, and will run on Mac OS, windos or Linux. It also allows you to create a hidden volume
posted by James Scott-Brown at 12:35 PM on August 31, 2009
If Windows, Truecrypt. If Mac, passworded disk images (built-in to the OS) which work the same way as Truecrypt and have the advantage of native support.
Back up (again) first, because you're talking about very low-level changes here, and it's quite possible to lose your data while setting it up.
And seconding to forget about terms like "password-protected", since there are hundreds of cheesy ways to do that that are all easily defeated. You need real volume encryption to have any reasonable level of protection.
And your "password" will be the encryption key or passphrase. You know that encryption is what you want because if you forget your passphrase... your data is lost forever. That's a good thing.
posted by rokusan at 12:55 PM on August 31, 2009
Back up (again) first, because you're talking about very low-level changes here, and it's quite possible to lose your data while setting it up.
And seconding to forget about terms like "password-protected", since there are hundreds of cheesy ways to do that that are all easily defeated. You need real volume encryption to have any reasonable level of protection.
And your "password" will be the encryption key or passphrase. You know that encryption is what you want because if you forget your passphrase... your data is lost forever. That's a good thing.
posted by rokusan at 12:55 PM on August 31, 2009
N'thing truecrypt - it's very good and has very strong encryption - which can be set variable ways - you can even triple-encrypt with three algorithms if you're willing to pay the speed penalty (You aren't... that's silly)
Works on windows/osx/linux
My advice is don't try the device encryption or the hiddden volume stuff unless you really want it - just make a container file on whatever device you want and go for it. This makes it easy to manage and to copy between devices at a later date.
Don't forget the passphrase or you are totally screwed.
posted by TravellingDen at 1:16 PM on August 31, 2009
Works on windows/osx/linux
My advice is don't try the device encryption or the hiddden volume stuff unless you really want it - just make a container file on whatever device you want and go for it. This makes it easy to manage and to copy between devices at a later date.
Don't forget the passphrase or you are totally screwed.
posted by TravellingDen at 1:16 PM on August 31, 2009
Just n'thing the point that with TrueCrypt, if you forget your password, you are screwed. Completely, utterly, CIA-can't-help-you (probably) screwed.
If you do go the way of strong volume encryption, I'd recommend at the very least keeping a plaintext copy of everything in a safe deposit vault in a bank somewhere. I think it's much more likely for you to forget the password than to have a hard drive stolen.
posted by katrielalex at 1:48 PM on August 31, 2009
If you do go the way of strong volume encryption, I'd recommend at the very least keeping a plaintext copy of everything in a safe deposit vault in a bank somewhere. I think it's much more likely for you to forget the password than to have a hard drive stolen.
posted by katrielalex at 1:48 PM on August 31, 2009
For a password that I'm liable to forget, I write down some place where it's not obvious what it is, or put it in the safe deposit box. Another alternative is secret sharing , which means that two of three friends can reconstruct your password. Requires semi-reliable friends.
posted by a robot made out of meat at 4:37 PM on August 31, 2009
posted by a robot made out of meat at 4:37 PM on August 31, 2009
Another vote for TrueCrypt.
I have been known to obfuscate my long passphrase (even just reversing a series of random characters that is your password) and emailing it to myself via gmail with a subject heading that really only makes sense to me.
But yes, make a container file out of the portion of the drive you need encrypted, or encrypt the whole thing, or even encrypt the whole thing with a partially hidden volume for your super secret-plausible-deniability-stash.
It's fairly trivial to create a .bat to automount the drive for you, or at least popup when you plug it in and ask you for your phrase.
posted by TomMelee at 4:56 AM on September 1, 2009
I have been known to obfuscate my long passphrase (even just reversing a series of random characters that is your password) and emailing it to myself via gmail with a subject heading that really only makes sense to me.
But yes, make a container file out of the portion of the drive you need encrypted, or encrypt the whole thing, or even encrypt the whole thing with a partially hidden volume for your super secret-plausible-deniability-stash.
It's fairly trivial to create a .bat to automount the drive for you, or at least popup when you plug it in and ask you for your phrase.
posted by TomMelee at 4:56 AM on September 1, 2009
This thread is closed to new comments.
posted by Balonious Assault at 12:31 PM on August 31, 2009