Because you are never safe from loss or theft, it may be important to encrypt your USB key or external hard drive to prevent confidential data from falling into the hands of strangers. The Windows BitLocker tool allows to encrypt disks efficiently. But you can also opt for VeraCrypt, a free, cross-platform application to encrypt your storage media.
The BitLocker tool natively integrated into Windows since the Vista version of the system is quite popular. It allows to encrypt USB drives, HDDs and other storage media so that they are unreadable unless you have a password. But the utility is only available in Pro and higher versions of the system. And this is particularly the case for Windows 10.
If you are using a home version, then Bitlocker is not a feature available to you. Among the alternative solutions, we recommend the VeraCrypt tool which is available on Windows, Linux as well as on MacOS. We will show you how to protect a USB drive with this cross-platform tool and accessible to everyone.
A few years ago, many users trusted TrueCrypt, an open source application that made it possible to encrypt any USB key or hard drive by turning it into a digital safe. But unfortunately, its maintenance was suddenly stopped in 2014.
Members of the community then decided to take up the torch with a new app called VeraCrypt. This is based on version 7.a of TrueCrypt and is still maintained to this day. There are several reasons for choosing VeraCrypt. First of all, it is more accessible, being free and multiplatform (Windows, MacOS, Linux).
In addition, it supports three powerful encryption algorithms: AES, Serpent and Twofish. It is an Open Source tool, constantly improved and whose source code is accessible to everyone. This is an important argument for those who seek transparency and who fear possible backdoors as one might suspect with opaque tools.
How to encrypt a USB stick or hard drive with VeraCrypt?
The advantage of the application is that it allows you to have an encrypted safe inside a medium. It is also possible to encrypt the latter in full. But in our example, we are going to create an encrypted and therefore impenetrable space on part of a USB key.
This secure space may contain sensitive files that can only be decrypted with a password, a bit like with compression tools such as 7-zip or WinRar. The difference here is that the space will be accessible just like any physical drive.
- Download, install and launch VeraCrypt
- By default, the application is in English, but you can change the language by going to settings> language> French
- Click on Create Volume> Create Encrypted Container File. This is the secure container that will contain confidential data. But if you prefer to encrypt the whole USB drive or a partition, choose the second option. (Encrypt non-system partition / disk).
- In the next window, check the box VeraCrypt Standard Volume. The “hidden” option allows you to create a hidden container inside an existing VeraCrypt volume
- Choose the location of the volume by clicking File> Your USB Drive. Give the container a name (“Secure space” in our example) and save
- In the next window, you will be able to choose the encryption and hashing algorithms. Unless you know the properties of each algorithm in order to make the choice that suits you, leave the default options, namely AES and SHA-512
- Choose the size of the container. This can be 5, 10, 20 GB or any size you want, as long as the available space allows it.
- In the following window, enter your password. You will have to choose one that is very complex because the level of protection also depends on the complexity of the password. Never overlook brute force attack attempts
- Choose a file system (the same one in which your key is currently formatted). VeraCrypt will maintain it even if you choose a different one. Then move the mouse cursor incessantly in the application window until the bottom gauge turns green. Click on “Format”NB: the process will take place without any loss of data. But if you’re the circumspect type, you can always do a backup first.
Access your files in the secure space
To access the encrypted key, it will have to be mounted in another volume which will open separately after entering the password, as if you were inserting a new USB key. To do this :
- Open VeraCrypt, and choose a free volume name from those listed. Then click on “File” and select the encrypted container created. Finally, click on the “Mount” button.
- In the window that opens, enter your password. Wait a moment, while the container is mounted in the volume.
- This is now accessible in devices and drives as a separate physical drive. You can copy files there and remove them whenever you want each time the volume is mounted.
- To unmount the encrypted container, simply go back to VeraCrypt, select the volume and click “unmount”.
Use VeraCrypt in portable mode
To access the encrypted safe of your USB drive on a computer, VeraCrypt will need to be installed on the computer. But if you plan to open the space elsewhere than on your PC, it is fortunately possible to use the software in portable mode. To do this, you will have to install VeraCrypt on the key.
- Click again on VeraCrypt setup
- Instead of choosing the first option (Install / Repair), choose “Extract” instead
Select your key, create a “VeraCrypt” folder on it by entering the name of the folder after the volume identifier. This will prevent all application files from being extracted to the root of the USB drive. Then click on “Extract”.
VeraCrypt will be available on the stick in portable mode. You can run it from any computer to easily encrypt your USB keys.