Getting started with TrueCrypt
Turn your generic Flash drive into a secure data store
TrueCrypt is a free, open source application that allows you to create encrypted file stores and open them under Windows, Linux and Mac OS X. It's UI can appear daunting to the newcomer, but the app's actually very straightforward to use.
First, you need to download TrueCrypt for your preferred platform(s). We're using a Mac here, but there are versions for Linux and Windows, and they all interoperate. The latest version of the software can be downloaded from the TrueCrypt website.
The TrueCrypt UI
TrueCrypt makes encrypted volumes available as virtual drives. You can have up to 32 of these open at once. To make one, click the Create Volume button. This activates the program's Volume Creation Wizard:
Most folk will want the 'encrypted file container' option, which creates a file that you can use to contain your data in an encrypted form and which TrueCrypt can use to mount a virtual volume. On the next page, select the default Standard TrueCrypt Volume.
On the next page, click the Select File... button. Type in the name you want to give to the encrypted file and choose where you want TrueCrypt to save it:
The next screen lets you select how you want the file to be encrypted. The options are really only of interest to crypto wonks, but a rule of thumb perhaps is that the more ciphers the better. But AES is good enough for the US government's Top Secret documents, so we use that:
Next, choose how big you want your volume to be, in kilobytes (KB), megabytes (MB) or gigabytes (GB). Afterwards, you'll be asked for a password. The longer the better - though no more than 64 characters - and with a good mix of numbers and both upper- and lower-case letters. Equally, though, don't opt for something overly long that you'll have to write down in case you forget. TrueCrypt suggests you want at least 20 characters in there, but the size of your passwords should depend on whether you want to protect your data from casual peekers or hardcore hackers.
The Filesystem screen gives you the choice of FAT and Mac OS Extended. When TrueCrypt opens the encrypted file, it will present it to the host OS as volume. The OS has to be able to read that volume to show the contents, so choose your filesystem accordingly: FAT if it's to be read on different platforms, Mac OS Extended if you're only ever going to want to view the encrypted store's contents on a Mac. The Linux version offers a choice of FAT, Ext2 or Ext3.
TrueCrypt uses the mouse to help generate a block of numbers which it can use to create the encryption keys for your volume. It'll generate them anyway, but jiggling the mouse around creates blocks of numbers that are closer to truly random than the computer itself can come up with. The longer you can jiggle the better, but when you've had enough, click Format:
TrueCrypt will create the cipher keys from the random number block and use them to format the virtual volume and encrypt it. When the volume's created, click on the Exit button.
If you stored the file on your computer you can now copy it onto a Flash drive and get rid of the original. To open it up and add files, select one of the available drive slots in the main TrueCrypt window then click the Select File... button to find the file you just created.
Click Mount and you'll be prompted for the password. Entering it correctly will result in the virtual drive being 'connected' to your computer, allowing you to drag and drop files into it:
When you're done, click the Dismount All button in TrueCrypt to 'eject' the virtual disk, with its contents now sealed against almost all of the folk likely to come across the host drive. ®