Desktop encryption software - help find
Desktop encryption software - help find
I have a lot of important documents (PDF, Excel, Word documents, and screen shots) in folders on my Windows desktop which I periodically add to by dragging into the folders. It is all nicely organized. I would like an easy way to encrypt and decrypt the entire folders whenever I acess and update. I don't know anything about encryption software. Any product recommendations?
Edited to add:
I forgot to mention that I don't need it stored in the cloud - just locally on desktop and flashdrives
Edited to add:
I forgot to mention that I don't need it stored in the cloud - just locally on desktop and flashdrives
Last edited by renter on Sun Oct 02, 2022 8:50 pm, edited 1 time in total.
-
- Posts: 45
- Joined: Sun Oct 18, 2015 9:48 pm
Re: Desktop encryption software - help find
You give Boxcryptor a try: https://www.boxcryptor.com/en/
-
- Posts: 16054
- Joined: Fri Nov 06, 2020 12:41 pm
Re: Desktop encryption software - help find
VeraCrypt: https://www.veracrypt.fr/en/Home.html
Just create an encrypted volume, mount it and put important documents inside.
Just create an encrypted volume, mount it and put important documents inside.
Re: Desktop encryption software - help find
I forgot to mention that I don't need it stored in the cloud - just locally on desktop and flashdrives.
Re: Desktop encryption software - help find
+1 I use VeraCryptMarseille07 wrote: ↑Sun Oct 02, 2022 8:46 pm VeraCrypt: https://www.veracrypt.fr/en/Home.html
Just create an encrypted volume, mount it and put important documents inside.
Re: Desktop encryption software - help find
Can you please share what threat / attack vector you are worried about that is taking you down this path?
The threat that is taking you down this path will change the approach.
The more expressive you can be with this explanation the better. I can guess what you might be worried about but guessing can be dangerous.
The simple encryption answer for full disk crypto is BitLocker which is built in to Windows. It does not have some of the behavior you articulate but depending upon the threat you are worried about it might be good enough.
The threat that is taking you down this path will change the approach.
The more expressive you can be with this explanation the better. I can guess what you might be worried about but guessing can be dangerous.
The simple encryption answer for full disk crypto is BitLocker which is built in to Windows. It does not have some of the behavior you articulate but depending upon the threat you are worried about it might be good enough.
- whodidntante
- Posts: 13114
- Joined: Thu Jan 21, 2016 10:11 pm
- Location: outside the echo chamber
Re: Desktop encryption software - help find
Not all software is designed in a secure way and may leak important information into the temp folder, or create a copy of the file while it is open. Use Bitlocker full disk encryption built into Windows. You might need to upgrade your Windows edition. Your disk might also support full disk encryption in hardware, which is also a valid option. I do that on my laptop because it has a lesser edition of Windows. I would take a good backup (encrypted) before messing with anything. I run backups to an external hard drive that is also full disk encrypted.
Re: Desktop encryption software - help find
+2. Better yet. Encrypt the entire volume. OP: If you are not computer savvy, just use bitlocker on your Windows machine if is the professional edition.hoofaman wrote: ↑Sun Oct 02, 2022 8:56 pm+1 I use VeraCryptMarseille07 wrote: ↑Sun Oct 02, 2022 8:46 pm VeraCrypt: https://www.veracrypt.fr/en/Home.html
Just create an encrypted volume, mount it and put important documents inside.
Re: Desktop encryption software - help find
I don't want to worry about the docs in the folder if my computer gets stolen.evestor wrote: ↑Sun Oct 02, 2022 8:56 pm Can you please share what threat / attack vector you are worried about that is taking you down this path?
The threat that is taking you down this path will change the approach.
The more expressive you can be with this explanation the better. I can guess what you might be worried about but guessing can be dangerous.
The simple encryption answer for full disk crypto is BitLocker which is built in to Windows. It does not have some of the behavior you articulate but depending upon the threat you are worried about it might be good enough.
-
- Posts: 16054
- Joined: Fri Nov 06, 2020 12:41 pm
Re: Desktop encryption software - help find
I don't know if that's necessarily "better." If my encrypted volume is reasonably small, I can carry it around. If I encrypt a 5TB HDD, it's no longer portable.
Re: Desktop encryption software - help find
This is super helpful. Thanks.renter wrote: ↑Sun Oct 02, 2022 9:21 pmI don't want to worry about the docs in the folder if my computer gets stolen.evestor wrote: ↑Sun Oct 02, 2022 8:56 pm Can you please share what threat / attack vector you are worried about that is taking you down this path?
The threat that is taking you down this path will change the approach.
The more expressive you can be with this explanation the better. I can guess what you might be worried about but guessing can be dangerous.
The simple encryption answer for full disk crypto is BitLocker which is built in to Windows. It does not have some of the behavior you articulate but depending upon the threat you are worried about it might be good enough.
If it were me, I'd just use BitLocker on your device. And I would make sure the key is backed up so that you have a way in if you trip the security precautions that BitLocker affords you.
There are other scenarios to ponder here as well...data sync'd to the cloud and how that is protected, how you do offline backups, etc. These things are likely the larger risk surface area. It's worth spending energy on this problem. LOTS can be done (ex: yubikey + Google advanced acct protection).
Also please keep in mind that whatever you do needs to be usable by your next of kin (hopefully not something you have to deal with anytime soon!).
Good luck.
Re: Desktop encryption software - help find
https://portableapps.com/apps
use veracrypt as a portable app, and keep a copy with your backup encrypted data.
I have only tried it with encrypted volumes - not whole disks
use veracrypt as a portable app, and keep a copy with your backup encrypted data.
I have only tried it with encrypted volumes - not whole disks
Re: Desktop encryption software - help find
Excellent question, and thanks for the answer. As others have said, Bitlocker if you use Windows Pro. It'll take literally 20 seconds of you effort to turn on. It'll take a few minutes/hours to complete the initial encryption in the background. It'll protect you against what you want.renter wrote: ↑Sun Oct 02, 2022 9:21 pmI don't want to worry about the docs in the folder if my computer gets stolen.evestor wrote: ↑Sun Oct 02, 2022 8:56 pm Can you please share what threat / attack vector you are worried about that is taking you down this path?
The threat that is taking you down this path will change the approach.
The more expressive you can be with this explanation the better. I can guess what you might be worried about but guessing can be dangerous.
The simple encryption answer for full disk crypto is BitLocker which is built in to Windows. It does not have some of the behavior you articulate but depending upon the threat you are worried about it might be good enough.
If you're using Windows 10 Home, Bitlocker is not included, but you can use "Windows Device Encryption", which for your purposes will practically be the same (though you will need a microsoft.com account on your laptop).
Just hit the windows key and type "encryption", and you'll get either Bitlocker or WDE. The advantage over Veracrypt is, you won't have to separately type a password to mount your data each time Windows starts up; and you won't have to worry about separate software. My two cents.
Re: Desktop encryption software - help find
There may be some misunderstandings here. I think the original suggestion was to create an encrypted volume on the hard disk on the computer, that is, creating a virtual drive to "mount" on the computer I suggested it is better to encrypt the entire disk (I used the words entire volume instead but I think you understood my intention on this part.)Marseille07 wrote: ↑Mon Oct 03, 2022 12:44 amI don't know if that's necessarily "better." If my encrypted volume is reasonably small, I can carry it around. If I encrypt a 5TB HDD, it's no longer portable.
The standard usage of the term encrypted volume does not mean encrypting a thumb drive (which one can do). See https://it.cornell.edu/bitlocker-fileva ... n-overview
Why do I think entire disk encryption better? Sometime we save files in the wrong place, have draft in the recycle bin etc. With modern computers, the resource overhead is small. https://delightlylinux.wordpress.com/20 ... rformance/
Re: Desktop encryption software - help find
+1Marseille07 wrote: ↑Sun Oct 02, 2022 8:46 pm VeraCrypt: https://www.veracrypt.fr/en/Home.html
Just create an encrypted volume, mount it and put important documents inside.
Re: Desktop encryption software - help find
As others alluded to, it depends on what you want to protect from. For example if you are worried someone will steal a laptop you take on trips then full disk encryption is a good idea (and usually required by most businesses). Just remember that a full disk encryption system decrypts or unlocks the entire disk after you boot up/enter the password. So while you are online the entire disk and its contents could be read by malicious software. Maybe a very low risk but certainly a risk that would matter to some. In that case you need to encrypt files individually or some portion of a disk and only unlock it when you want to use a specific file or the set of files.
----------------------------- |
If you think something is important and it doesn't involve the health of someone, think again. Life goes too fast, enjoy it and be nice.
Re: Desktop encryption software - help find
This thread is now in the Personal Consumer Issues forum (software).
-
- Posts: 16054
- Joined: Fri Nov 06, 2020 12:41 pm
Re: Desktop encryption software - help find
I meant an encrypted volume as a Veracrypt container volume sitting on your hard drive somewhere. I like the portability aspect of it as mentioned. Since we are talking about important documents (PDFs, word files), not encrypting movies, I don't mind the container volume being relatively small.student wrote: ↑Mon Oct 03, 2022 7:11 am There may be some misunderstandings here. I think the original suggestion was to create an encrypted volume on the hard disk on the computer, that is, creating a virtual drive to "mount" on the computer I suggested it is better to encrypt the entire disk (I used the words entire volume instead but I think you understood my intention on this part.)
The standard usage of the term encrypted volume does not mean encrypting a thumb drive (which one can do). See https://it.cornell.edu/bitlocker-fileva ... n-overview
Why do I think entire disk encryption better? Sometime we save files in the wrong place, have draft in the recycle bin etc. With modern computers, the resource overhead is small. https://delightlylinux.wordpress.com/20 ... rformance/
As far as encrypting the entire disk, this would have implications as far as mounting properly when you boot the machine. For example, I don't want to have to enter a password during the boot process (though I haven't explored this route a whole lot).
Re: Desktop encryption software - help find
I use Veracrypt for the same reason. If I want to move from a Windows environment to Linux (or even MacOS) then that option is there. I don't know enough about the Bitlocker FDE to know if that locks one in to the Win environment. Perhaps someone with more knowledge of Bitlocker will chime in.Marseille07 wrote: ↑Mon Oct 03, 2022 12:42 pm I meant an encrypted volume as a Veracrypt container volume sitting on your hard drive somewhere. I like the portability aspect of it as mentioned. Since we are talking about important documents (PDFs, word files), not encrypting movies, I don't mind the container volume being relatively small.
As far as encrypting the entire disk, this would have implications as far as mounting properly when you boot the machine. For example, I don't want to have to enter a password during the boot process (though I haven't explored this route a whole lot).
There are some advantages to FDE. Various data in the profiles is encrypted. I have done some workaround on this by moving profiles for things like Thunderbird and my browsers into my Veracrypt volume. I'm sure there are things I did not catch which should be moved.
Don't trust me, look it up. https://www.irs.gov/forms-instructions-and-publications
Re: Desktop encryption software - help find
I use Veracrypt for this reason too. When I travel with my laptop I unmount the container for security reasons. I copy the container to USB drives and the cloud weekly. It's a really simple solution for important files.I use Veracrypt for the same reason. If I want to move from a Windows environment to Linux (or even MacOS) then that option is there.
Re: Desktop encryption software - help find
Right, encrypted volume as a Veracrypt container volume sitting on your hard drive somewhere. How is it portable unless you meant you can copy the container to a thumb drive if it is needed, in which case you are correct.Marseille07 wrote: ↑Mon Oct 03, 2022 12:42 pmI meant an encrypted volume as a Veracrypt container volume sitting on your hard drive somewhere. I like the portability aspect of it as mentioned. Since we are talking about important documents (PDFs, word files), not encrypting movies, I don't mind the container volume being relatively small.student wrote: ↑Mon Oct 03, 2022 7:11 am There may be some misunderstandings here. I think the original suggestion was to create an encrypted volume on the hard disk on the computer, that is, creating a virtual drive to "mount" on the computer I suggested it is better to encrypt the entire disk (I used the words entire volume instead but I think you understood my intention on this part.)
The standard usage of the term encrypted volume does not mean encrypting a thumb drive (which one can do). See https://it.cornell.edu/bitlocker-fileva ... n-overview
Why do I think entire disk encryption better? Sometime we save files in the wrong place, have draft in the recycle bin etc. With modern computers, the resource overhead is small. https://delightlylinux.wordpress.com/20 ... rformance/
As far as encrypting the entire disk, this would have implications as far as mounting properly when you boot the machine. For example, I don't want to have to enter a password during the boot process (though I haven't explored this route a whole lot).
As for entire disk encryption vs container volume, it really depends on OP's purpose. It is a trade-off. If this is a folder that the OP access daily, then entering a password during the boot process is not a big deal.
-
- Posts: 16054
- Joined: Fri Nov 06, 2020 12:41 pm
Re: Desktop encryption software - help find
You can do VeraCrypt FDE as well iiuc. While I haven't explored too much, you'd have to modify /etc/fstab and other places; and for portability, you pretty much have to carry the disk.jebmke wrote: ↑Mon Oct 03, 2022 12:48 pmI use Veracrypt for the same reason. If I want to move from a Windows environment to Linux (or even MacOS) then that option is there. I don't know enough about the Bitlocker FDE to know if that locks one in to the Win environment. Perhaps someone with more knowledge of Bitlocker will chime in.Marseille07 wrote: ↑Mon Oct 03, 2022 12:42 pm I meant an encrypted volume as a Veracrypt container volume sitting on your hard drive somewhere. I like the portability aspect of it as mentioned. Since we are talking about important documents (PDFs, word files), not encrypting movies, I don't mind the container volume being relatively small.
As far as encrypting the entire disk, this would have implications as far as mounting properly when you boot the machine. For example, I don't want to have to enter a password during the boot process (though I haven't explored this route a whole lot).
There are some advantages to FDE. Various data in the profiles is encrypted. I have done some workaround on this by moving profiles for things like Thunderbird and my browsers into my Veracrypt volume. I'm sure there are things I did not catch which should be moved.
I don't copy the volumes around a whole lot but I like that I can do so if I need to.
-
- Posts: 16054
- Joined: Fri Nov 06, 2020 12:41 pm
Re: Desktop encryption software - help find
You can use a USB stick or copy over the network and mount the volume on a different device using VeraCrypt. Not sure why you're asking the portability question.student wrote: ↑Mon Oct 03, 2022 12:56 pm Right, encrypted volume as a Veracrypt container volume sitting on your hard drive somewhere. How is it portable unless you meant you can copy the container to a thumb drive if it is needed, in which case you are correct.
As for entire disk encryption vs container volume, it really depends on OP's purpose. It is a trade-off. If this is a folder that the OP access daily, then entering a password during the boot process is not a big deal.
Re: Desktop encryption software - help find
In your original message, you said "If my encrypted volume is reasonably small, I can carry it around" and I did not understand what you were referring to. Now I do.Marseille07 wrote: ↑Mon Oct 03, 2022 12:58 pmYou can use a USB stick or copy over the network and mount the volume on a different device using VeraCrypt. Not sure why you're asking the portability question.student wrote: ↑Mon Oct 03, 2022 12:56 pm Right, encrypted volume as a Veracrypt container volume sitting on your hard drive somewhere. How is it portable unless you meant you can copy the container to a thumb drive if it is needed, in which case you are correct.
As for entire disk encryption vs container volume, it really depends on OP's purpose. It is a trade-off. If this is a folder that the OP access daily, then entering a password during the boot process is not a big deal.
Re: Desktop encryption software - help find
A warning about BitLocker -- I have a friend who's laptop, which came BitLocker enabled. It had intermittent issues and had the motherboard was replaced under warrantee. After replacement, the system would not boot because of interaction of BitLocker to the new mother board. Since it had been factory enabled, he did have or could not find, the Bitlocker key. So the shop had to re-format the disk to start over, and yes, you guessed it, he did not have a decent backup of his data. If he had been told of this need, he could extracted the key and done a proper backup before it went to the shop.
He no longer uses BitLocker and on my recommendation has a 7ZIP encrypted store for his sensitive data. Plus he now has proper data and image backups.
He no longer uses BitLocker and on my recommendation has a 7ZIP encrypted store for his sensitive data. Plus he now has proper data and image backups.
-
- Posts: 16054
- Joined: Fri Nov 06, 2020 12:41 pm
Re: Desktop encryption software - help find
Did you encrypt your entire HDD / SSD using VeraCrypt? I'm more than happy to learn how that's done. Based on little I read, iirc it said that I have to provide some password during boot-up (for LUKS.service iirc) and to me that sounded like a turnoff at that time.
Re: Desktop encryption software - help find
No, you most certainly do want entire disk encryption with a password when the drive is mounted.
My laptop uses entire disk encryption with VeraCrypt. If the laptop is lost or stolen, a strong password before it boots the OS will turn it into a brick. Lost or stolen, I won't care because the data can't be recovered. The only thing a bad guy can do is format the drive.
In addition to passwords, Veracrypt allows key files to decrypt a volume.
My laptop uses entire disk encryption with VeraCrypt. If the laptop is lost or stolen, a strong password before it boots the OS will turn it into a brick. Lost or stolen, I won't care because the data can't be recovered. The only thing a bad guy can do is format the drive.
In addition to passwords, Veracrypt allows key files to decrypt a volume.
Re: Desktop encryption software - help find
Yes. I do use Veracrypt to encrypt HDD/SSD. When Windows 10 first came out, I think there was an issue about choosing certain legacy option in the boot manual. But I think it is fine now. I encountered no issues in 2020. I think I followed https://www.howtogeek.com/howto/6169/us ... your-data/Marseille07 wrote: ↑Mon Oct 03, 2022 2:53 pmDid you encrypt your entire HDD / SSD using VeraCrypt? I'm more than happy to learn how that's done. Based on little I read, iirc it said that I have to provide some password during boot-up (for LUKS.service iirc) and to me that sounded like a turnoff at that time.
-
- Posts: 16054
- Joined: Fri Nov 06, 2020 12:41 pm
Re: Desktop encryption software - help find
Password prompts aren't ideal but not a dealbreaker. The way it is set up on my end, I get prompted after logging into linux to mount a container volume.
If I encrypt the whole disk, the timing of prompt shifts to during booting, presumably from the LUKS.service.
I know keyfiles are available, but the thing is that you now have to manage them or else you can't decrypt your container yourself, kind of like the situation RetiredAL mentioned above.
If I encrypt the whole disk, the timing of prompt shifts to during booting, presumably from the LUKS.service.
I know keyfiles are available, but the thing is that you now have to manage them or else you can't decrypt your container yourself, kind of like the situation RetiredAL mentioned above.
Last edited by Marseille07 on Mon Oct 03, 2022 5:53 pm, edited 1 time in total.
-
- Posts: 16054
- Joined: Fri Nov 06, 2020 12:41 pm
Re: Desktop encryption software - help find
OK so it does sound like you do have to enter your volume password upon booting.student wrote: ↑Mon Oct 03, 2022 3:19 pm Yes. I do use Veracrypt to encrypt HDD/SSD. When Windows 10 first came out, I think there was an issue about choosing certain legacy option in the boot manual. But I think it is fine now. I encountered no issues in 2020. I think I followed https://www.howtogeek.com/howto/6169/us ... your-data/
If you used the keyfile option instead, do you have to stick a USB drive in or something when booting up?
Re: Desktop encryption software - help find
Yes. I do have to enter password upon booting. I have never tried the keyfile option.Marseille07 wrote: ↑Mon Oct 03, 2022 4:10 pmOK so it does sound like you do have to enter your volume password upon booting.student wrote: ↑Mon Oct 03, 2022 3:19 pm Yes. I do use Veracrypt to encrypt HDD/SSD. When Windows 10 first came out, I think there was an issue about choosing certain legacy option in the boot manual. But I think it is fine now. I encountered no issues in 2020. I think I followed https://www.howtogeek.com/howto/6169/us ... your-data/
If you used the keyfile option instead, do you have to stick a USB drive in or something when booting up?
-
- Posts: 936
- Joined: Tue Jan 17, 2017 7:46 pm
Re: Desktop encryption software - help find
This does not sound like a warning about BitLocker. It sounds like a warning about not having a backup.RetiredAL wrote: ↑Mon Oct 03, 2022 1:32 pm A warning about BitLocker -- I have a friend who's laptop, which came BitLocker enabled. It had intermittent issues and had the motherboard was replaced under warrantee. After replacement, the system would not boot because of interaction of BitLocker to the new mother board. Since it had been factory enabled, he did have or could not find, the Bitlocker key. So the shop had to re-format the disk to start over, and yes, you guessed it, he did not have a decent backup of his data. If he had been told of this need, he could extracted the key and done a proper backup before it went to the shop.
He no longer uses BitLocker and on my recommendation has a 7ZIP encrypted store for his sensitive data. Plus he now has proper data and image backups.
Re: Desktop encryption software - help find
By default, I think bitlocker is setup attached to your microsoft account and it is possible to do a recovery from Microsoft. If it is set up without the account, then I don't think there is a way.RetiredAL wrote: ↑Mon Oct 03, 2022 1:32 pm A warning about BitLocker -- I have a friend who's laptop, which came BitLocker enabled. It had intermittent issues and had the motherboard was replaced under warrantee. After replacement, the system would not boot because of interaction of BitLocker to the new mother board. Since it had been factory enabled, he did have or could not find, the Bitlocker key. So the shop had to re-format the disk to start over, and yes, you guessed it, he did not have a decent backup of his data. If he had been told of this need, he could extracted the key and done a proper backup before it went to the shop.
He no longer uses BitLocker and on my recommendation has a 7ZIP encrypted store for his sensitive data. Plus he now has proper data and image backups.
-
- Posts: 936
- Joined: Tue Jan 17, 2017 7:46 pm
Re: Desktop encryption software - help find
I use Bitlocker for full disk encryption, for encrypted volumes and for all external disks that contain backups. Full disk protects against the whole computer being stolen, and encrypted volumes guard against prying eyes who may sometimes use my computer. I've used Veracrypt in the past, and had no problems with it, but when writing my document on how to run things when I'm no longer here, I realized that the Veracrypt part was overly complicated for my heirs. With Bitlocker you are using standard Windows software, and it's going to work whatever OS upgrades happen. Also, I thought it was a lot easier to open an encrypted volume or external drive.
-
- Posts: 936
- Joined: Tue Jan 17, 2017 7:46 pm
Re: Desktop encryption software - help find
You have an option of generating a "recovery key". I encrypt these as well (they are in small files), and also keep them on a thumb drive. In 10 years I've never had to use one. If things go south (mostly you forgot your password), Bitlocker asks you for the recovery key, giving you a small portion of it so you can identify the key in your big pile of recovery keys. But in the previous post it sounded like whoever did the initial install didn't provide the end user with the recovery key. Veracrypt has the exact same functionality.
Re: Desktop encryption software - help find
It's a warning that: 1) Hardware changes can cause BitLocker to not allow booting without re-entering the key. 2) That users may not even realize that their system came with BitLocker enabled, thus the importance of having the key available if needed.michaelingp wrote: ↑Mon Oct 03, 2022 6:36 pmThis does not sound like a warning about BitLocker. It sounds like a warning about not having a backup.RetiredAL wrote: ↑Mon Oct 03, 2022 1:32 pm A warning about BitLocker -- I have a friend who's laptop, which came BitLocker enabled. It had intermittent issues and had the motherboard was replaced under warrantee. After replacement, the system would not boot because of interaction of BitLocker to the new mother board. Since it had been factory enabled, he did have or could not find, the Bitlocker key. So the shop had to re-format the disk to start over, and yes, you guessed it, he did not have a decent backup of his data. If he had been told of this need, he could extracted the key and done a proper backup before it went to the shop.
He no longer uses BitLocker and on my recommendation has a 7ZIP encrypted store for his sensitive data. Plus he now has proper data and image backups.
The user was concerned losing data when it went out repair. The factory authorized repair center/tech was not trained to check for BitLocker before they disassembled the machine.
Yes, he now knows better.
Re: Desktop encryption software - help find
I did not not know bitlocker has the option of generating a recovery key if it is attached to an microsoft account. (Actually I am not even sure that one can turn on bitlocker without a microsoft account.) I never used a recovery key for bitlocker as I only use it for work laptops on a limited basis. For my own computers, I use veracrypt for windows, and the encryption that come with Linux and Mac.michaelingp wrote: ↑Mon Oct 03, 2022 6:52 pmYou have an option of generating a "recovery key". I encrypt these as well (they are in small files), and also keep them on a thumb drive. In 10 years I've never had to use one. If things go south (mostly you forgot your password), Bitlocker asks you for the recovery key, giving you a small portion of it so you can identify the key in your big pile of recovery keys. But in the previous post it sounded like whoever did the initial install didn't provide the end user with the recovery key. Veracrypt has the exact same functionality.
Re: Desktop encryption software - help find
I also use Veracrypt, and I don't recommend it.
It should be easier to just use an app to encrypt your data locally.
There are too few safety rails between the user having an `oops` and losing access to all their data.
There is no one to call if you have even a minor technical issue- you could have the right password, and the right file, but forget to check one of the boxes and remain locked out of the volume.
The end user shouldn't need to make decisions about which encryption algo they need to choose to be `strong enough`.
The workflow to resize to a larger volume is bad and scary every time I have to do it.
It should be easier to just use an app to encrypt your data locally.
There are too few safety rails between the user having an `oops` and losing access to all their data.
There is no one to call if you have even a minor technical issue- you could have the right password, and the right file, but forget to check one of the boxes and remain locked out of the volume.
The end user shouldn't need to make decisions about which encryption algo they need to choose to be `strong enough`.
The workflow to resize to a larger volume is bad and scary every time I have to do it.
-
- Posts: 16054
- Joined: Fri Nov 06, 2020 12:41 pm
Re: Desktop encryption software - help find
What do you recommend though? There's a real need to encrypt certain files / folders.bzcat wrote: ↑Tue Oct 04, 2022 7:03 am I also use Veracrypt, and I don't recommend it.
It should be easier to just use an app to encrypt your data locally.
There are too few safety rails between the user having an `oops` and losing access to all their data.
There is no one to call if you have even a minor technical issue- you could have the right password, and the right file, but forget to check one of the boxes and remain locked out of the volume.
The end user shouldn't need to make decisions about which encryption algo they need to choose to be `strong enough`.
The workflow to resize to a larger volume is bad and scary every time I have to do it.
I don't resize, I simply create a new bigger volume and move stuff there.
Re: Desktop encryption software - help find
Isn't this more of an issue with no backup than the encryption software?bzcat wrote: ↑Tue Oct 04, 2022 7:03 am I also use Veracrypt, and I don't recommend it.
It should be easier to just use an app to encrypt your data locally.
There are too few safety rails between the user having an `oops` and losing access to all their data.
There is no one to call if you have even a minor technical issue- you could have the right password, and the right file, but forget to check one of the boxes and remain locked out of the volume.
The end user shouldn't need to make decisions about which encryption algo they need to choose to be `strong enough`.
The workflow to resize to a larger volume is bad and scary every time I have to do it.
-
- Posts: 16054
- Joined: Fri Nov 06, 2020 12:41 pm
Re: Desktop encryption software - help find
One can use Bitlocker without a Microsoft account, and one can generate a Bitlocker recovery key without a Microsoft account.
Re: Desktop encryption software - help find
Re: Desktop encryption software - help find
I think it is LUKS https://linuxconfig.org/ubuntu-22-04-en ... encryption I never look too much into it, I just enable it during installation.Marseille07 wrote: ↑Tue Oct 04, 2022 6:30 pmWhich encryption comes with Linux? Are you talking about the LUKS.service? I know VeraCrypt can do something with LUKS, but I'm not an expert.
-
- Posts: 16054
- Joined: Fri Nov 06, 2020 12:41 pm
Re: Desktop encryption software - help find
Makes sense. It was a turnoff for me because it required LVM.student wrote: ↑Tue Oct 04, 2022 6:47 pmI think it is LUKS https://linuxconfig.org/ubuntu-22-04-en ... encryption I never look too much into it, I just enable it during installation.Marseille07 wrote: ↑Tue Oct 04, 2022 6:30 pmWhich encryption comes with Linux? Are you talking about the LUKS.service? I know VeraCrypt can do something with LUKS, but I'm not an expert.
Re: Desktop encryption software - help find
Windows has the capability built-in, right?renter wrote: ↑Sun Oct 02, 2022 8:40 pm I have a lot of important documents (PDF, Excel, Word documents, and screen shots) in folders on my Windows desktop which I periodically add to by dragging into the folders. It is all nicely organized. I would like an easy way to encrypt and decrypt the entire folders whenever I acess and update. I don't know anything about encryption software. Any product recommendations?
Edited to add:
I forgot to mention that I don't need it stored in the cloud - just locally on desktop and flashdrives
https://www.comparitech.com/blog/vpn-pr ... ows-files/
Re: Desktop encryption software - help find
I use an old one called AES Crypt. Right click on a file, or files, in Windows Explorer, and it puts them into an encrypted, password protected file. It's also available for Mac and Linux. It doesn't destroy the originals. You can delete them yourself. Either way, you should keep redundant backups of important files. One backup is almost the same as no backup. Found that out the hard way.
Re: Desktop encryption software - help find
I keep all of my docs on my Synology. You can encrypt the shared drives on that device. But don't expose it to the Internet.
Re: Desktop encryption software - help find
You can use gpg with BSD or Linux.Marseille07 wrote: ↑Tue Oct 04, 2022 6:30 pmWhich encryption comes with Linux? Are you talking about the LUKS.service? I know VeraCrypt can do something with LUKS, but I'm not an expert.
https://gnupg.org/
https://www.nas.nasa.gov/hecc/support/k ... a_242.html
But it doesn't really make much difference if you're ultimately encrypting with AES256 anyway.
I recently migrated all of my keys to ed25519. It's amazing how much this stuff changes. Maybe we'll see a quantum computer in our lifetime.
Last edited by rockstar on Tue Oct 04, 2022 8:11 pm, edited 1 time in total.
Re: Desktop encryption software - help find
How do you take encrypted backup on external drive?whodidntante wrote: ↑Sun Oct 02, 2022 9:02 pm Not all software is designed in a secure way and may leak important information into the temp folder, or create a copy of the file while it is open. Use Bitlocker full disk encryption built into Windows. You might need to upgrade your Windows edition. Your disk might also support full disk encryption in hardware, which is also a valid option. I do that on my laptop because it has a lesser edition of Windows. I would take a good backup (encrypted) before messing with anything. I run backups to an external hard drive that is also full disk encrypted.