Instructions for using TrueCrypt Encryption

Tips

The TrueCrypt program must be available to mount the encrypted volumes.  You do not have to copy the TrueCrypt folder to a USB device, disk, CD or DVD to protect the files in your secure folder.  However, to open that folder on a machine, you must have TrueCrypt installed so you can click on the icon to open the TrueCrypt console.  If the folder is on a USB device, you can open the console from there.

When encrypting a flash/thumb drive use caution.  You can either create a secure folder (volume) as described in these instructions or you may select the entire device.  To select the entire device, instead of selecting a file, you would select the flash drive device.  HOWEVER, if you choose to encrypt the whole device, everything that is currently on the flash drive will be lost, because the drive must be formatted.  It is recommended you do not use device encryption AND JUST CREATE A SECURE FOLDER INSTEAD.

DO NOT LOSE PASSWORDS, they cannot be recovered.

Instructions for using TrueCrypt

True5

On the desktop you will see an icon like the one above.  Double click this icon to open the TrueCrypt console.

True6

This is the main console window for TrueCrypt.  From here you can create virtual drives, encrypt whole drives or partitions (not recommended) and mount and dismount virtual drives.  To create a new secure file (virtual drive), click on Create Volume.  The following screen will appear.

True7

On this screen you select the type of volume you wish to create.  We will be creating a standard volume, so you can leave the defaults and click on Next.

True8

Here you select what you are going to encrypt.  For creating a standard volume, click on Select File. 

True9

Navigate to the place you want to store the secure file (volume) and type in a name for the file.  Use a name that makes sense to you.  It is recommended you don't use spaces to make sure there are no compatibility problems if the file is moved to a CD or DVD.  Once you have typed in a file name, click on Save to continue.

True10

Leave the checkbox next to Never save history checked and click Next to continue.

True11

On this screen you choose the type of encryption algorithms you want to use.  It is suggested you use the ones in the picture above so you will need to change the Hash Algorithm.  Once you have selected the encryption options, click on Next to continue.

True12

Next you must choose how big you want your volume to be.  If you plan on moving the files to CD later, make the file size 700.  You can create more than one volume if you need more space.  After you have entered the volume size, click Next.

True13

Here you need to choose the password you will use to mount the volume.  We recommend you use one of the password strategies listed at the end of this document so we can help you remember it if it is forgotten even though it is not as rigorous as TrueCrypt recommends. Remember the encryption is only as good as the password used to mount the volume.  Do not use words or simple names.  Choose passwords with Upper and Lower case, numbers and special characters.  TrueCrypt recommends passwords greater than 20 characters, but there is no minimum.  If you choose something shorter than 20 characters, there will be a warning that pops up. If you are satisfied with your password, Click Next to continue.

True14

Click Yes to continue.

True15

Once the volume is created, it must be formatted.  For Filesystem, you can choose FAT or NTFS.  The only limitation is that if you choose NTFS and move the file to DVD, it cannot be mounted as a Read Only drive.  So it is suggested you choose FAT as the Filesystem type. Click Format to format the new volume.

True16

True17

Once the volume is formatted, click OK.

True18

The new volume is created and ready for use.  To create another volume, click Next and follow the same procedures as above.  If you don't want to create another volume, click Exit (you can create additional volumes at any time).

True19

To actually use the secure folder (volume) you need to mount the volume to make it available to store files.  Under Volume, select the drive letter you wish to use for your new volume.  Then click on Select File and navigate to and select your secure folder (volume).  Finally, click Mount.

True20

You will now be prompted for the password you selected earlier.  Enter the password and click OK.

True21

You will now see your secure folder’s name next to the drive letter when it is mounted. Once you have mounted all your volumes you want to use, click Exit to close the console window.  You can reopen this window from the Start Menu or by clicking on the little icon on the lower right hand of your screen.

True23

If you click My Computer, you will see the mounted drive appear just as any local drive.  In the example above it is drive S. You can double click on the drive to open it.  Files that are saved or moved to that drive are automatically encrypted and secure.  Files moved from this drive are automatically unencrypted.  It works just like any USB storage device or folder.

 

Password Strategies

 

If you use one of the following rubrics to create your password, it will be hard for someone to guess or to hack if the portable device gets lost.  At the same time, we could remind you of this rubrics so you could figure out your password if you forget it.  These are all items you should know by heart but would be hard for someone else to know or to even find easily on the Internet.  They also would be hard for the hacking programs to figure out easily.

 

FOR ALL PASSWORDS:  Start them with the capital letter A.  Every few months when it is time to change passwords, you can update it by going to the next letter in the alphabet

 

  1. Mother’s middle name spelled backwards, 2-digit month and 2 digit year of her birthday.  (Example only -- remember to start it with the letter A to make changing it later easier:  Martha born Nov. 16 – would become as a password AahtraM1116).  If the middle name is less than 5 letters, duplicate the first letter of her name to make it at least 5 letters long, including the capital A used to start the password.  (Example only:  Mae born Dec. 4 – would become as a password AeaMM12040.

 

If you want this to be even more secure, add one of the following punctuation marks to the end of your password:  ! or $ or &  

 

  1. Father’s middle name spelled backwards, 2-digit month and 2 digit year of his birthday.  (Example only -- remember to start it with the letter A to make changing it later easier:  Charles born Feb. 8 – would become as a password AselrahC0208).  If the middle name is less than 5 letters, duplicate the first letter of her name to make it at least 5 letters long, including the capital A used to start the password.  (Example only:  Sam born Oct. 14 – would become as a password AmaSS1014.

 

  1. Make of your first car (spelled backwards), 2-digit year of the car plus one of the punctuation marks ! or $ or &.

 

  1. The initials (first, middle, last) of the children in your family from youngest to oldest from when you were growing up), 2-digit month and 2-digit day of your mother’s birthday (Example only:  Emily Ann Smith, George Randall Smith, and Paul Alexander Smith, Jr. (you) with a mother whose birth date was April 25 – would become the password that starts with an A as above  AEASGRSPAS0425).

 

If you want this to be even more secure, add the punctuation mark (! or $ or &) at the end of your password.

 

  1. The initials (first, middle, last) of the children in your family from youngest to oldest from when you were growing up), 2-digit month and 2-digit day of your mother’s birthday (Example only:  Emily Ann Smith, George Randall Smith, and Paul Alexander Smith, Jr. (you) with a father whose birth date was Sept. 14 – would become the password that starts with an A as above  AEASGRSPAS0914).

 

If you want this to be even more secure, add the punctuation mark (! or $ or &) at the end of your password.

 

How to create a shortcut

 

Once you have created your encrypted volume, you can create a shortcut on your desktop to automatically mount and open your encrypted volume.

 

To create a shortcut on your desktop, right click an open area of the desktop and choose New then Shortcut.

The Create Shortcut dialog box will appear. In the box labeled “Type the location of the item:” you will be entering the location of the TrueCrypt executable along with the options for automatically mounting and opening your encrypted volume.

In this example, you first point to the location of the TrueCrypt executable (use quotes as in the example below).  Next the /v switch tells it where the volume is to be mounted, in this case c:\myvolume, where my volume is the actual name of the volume, replace myvolume with whatever name you gave your volume.  The next switch, /l t: tells it which drive letter to use to mount the drive, use any free drive letter you want.  The next switch /q tells TrueCrypt to work in quiet mode (the TrueCrypt window will not open).  Next the /e switch opens the mounted drive in an explorer window.

Enter this entire line, replacing your volume name and drive letter.

"C:\Program Files\TrueCrypt\TrueCrypt.exe" /v c:\myvolume /l t: /q /e

 

Next you will give your shortcut a name.  Use any name that makes sense to you, then click Finish.

 

 

Now you will have a shortcut on your desktop similar to the picture below.

 

 

Double click on the shortcut and you will be prompted to enter your password.  After entering your password and clicking OK, the box will close and an explorer window will open.