Gizmos Needs You

Gizmo's Freeware is Recruiting

 We are looking for people with skills or interest in the following areas:
 -  Mobile Platform App Reviews for Android and iOS
 -  Windows, Mac and Linux software reviews       Interested? Click here

                  

 

Best Free Drive Encryption Utility

In a Hurry?
  Go straight to the Quick Selection Guide
Introduction

Encryption is a process of encoding information so that it cannot be accessed by others unless they have the key needed to decode it. Encryption is usually used to protect highly sensitive documents, but it's also a good way to stop people from looking at your personal stuff.

Primary encryption utility categories

Why use categories here? To bring a little order to the large catalog of encryption utility reviews at this site. This particular review article is limited to "drive encryption" utilities. See related categories below.

  1. Encryption utilities that encrypt files/folders directly: These utilitiees encrypt discrete files and/or folders directly, in contrast to utilities that encrypt and store files in volumes (archives, i.e., container files). File-based utilities may operate in batch mode or in on-the-fly mode.
  2. Virtual-drive encryption utilities create volumes (encrypted containers/archives) which can be mounted in the file-system as virtual drives, complete with drive letters, e.g. "V:". These drives can contain both files and folders. The computer's file system can read, write and create documents in real time, directly in cleartext. Virtual-drive utilities operate in on-the-fly mode.
  3. Full-drive encryption utilities - the utilities reviewed in this article - encrypt entire storage devices, e.g., hard-drives, drive partitions and USB drives. Some of the utilities in this category can also encrypt the drive that the operating system itself is installed on.
  4. Client-side encryption utilities for the cloud: A newly emerged category. These utilities encrypt files before they are uploaded to cloud sync/storage locations. The files are encrypted in transit and while at rest in the cloud. Cloud encryption utilities employ various forms of virtualization to present cleartext client-side, and they operate in on-the-fly mode.

 Cautionary Notes

  1. Operating systems are messy: Echos of your personal data -- swap files, temp files, hibernation files, erased files, browser artifacts, etc -- are likely to remain on any computer that you use to access the data. It is a trivial task to extract those echos.
    For example, when you encrypt and compress files, clear-text versions that existed before you compress/encrypt the file or clear-text copies that are created after you decrypt/decompress it remain on your hard drive. Unless you purge -- not just delete -- those clear-text files. :-(
  2. The fact that an encryption program "works" does not mean that it is secure. New encryption utilities often appear after someone reads up on applied cryptography, selects or devises an algorithm - maybe even a reliable open source one - implements a user interface, tests the program to make sure it works, and thinks he's done. He's not. Such a program is almost certain to harbor fatal flaws.
          "Functionality does not equal quality, and no amount of beta testing will ever
          reveal a security flaw. Too many products are merely buzzword compliant; they
          use secure cryptography, but they are not secure." --Bruce Schneier,
          in Security Pitfalls in Cryptography
  3. Further advice about how to use encryption are discussed in Encryption is Not Enough, including what you need to do beyond encryption to be sure your private data is not lost or exposed.
Discussion

TrueCrypt screenshot

Updated: TrueCrypt once fully met my criteria for selecting encryption software. However, it appears that the developers of TrueCrypt just dropped a bombshell. TrueCrypt recently passed a preliminary independent audit, but this news changes everything. [best synopsis]

As of version 5.0, TrueCrypt can now encrypt Windows boot partitions or entire boot disks. It includes support for secure hibernation.

Newbies might find TrueCrypt a bit daunting at first. However, more experienced users who want serious full drive encryption will find it to be a solid program. Randy Jensen wrote an illustrated guide that will give you a good idea of how to encrypt your entire hard drive.

DiskCryptor is specially designed to encrypt hard-drives, partitions, and external storage devices including USB flash drives. It offers simplified operation and performance advantages over TrueCrypt.The extensive documentation, and discussion of encryption pitfalls are a good indication that the developers understand the challenges of designing this class of software. I found a surprising number of DiskCryptor reviews online, and while none of them were expert, they are uniformly positive. See comment 108839 for more discussion.

Compusec screenshotFREE CompuSec is specifically designed to protect desktops and notebooks, using pre-boot authentication and full hard disk encryption. Access control requires you to enter your userID and password before the system will boot up. Free CompuSec is free for both personal and business use.

FREE CompuSec includes several other encryption utilities: Voice encryption, encryption of individual files, removable media -- CDs, DVDs, USB thumb drives, and "Container" encryption (similar to TrueCrypt volumes).

The Pre-boot Authentication module is automatically installed on the drive to which the OS boots, but you don't actually have to apply Whole Disk Encryption to any drive if you don't want to.

Related Products and Links

Related products:

  • SafeHouse Explorer is a simple, free program that is small enough to use on a USB flash memory drive. You'll find excellent tutorial videos and the users manual at the website, and a screenshot-rich tutorial here.
  • Rohos Mini Drive is a "portable" program that creates a hidden, encrypted partition on USB flash drives.
  • BitLocker, part of  Windows 7 and Vista - Enterprise and Ultimate versions (only) - allows users to encrypt their entire Windows disk/partition as well as other disks or partions. While it's a solid solution, it may not be easy for you to deploy. Update: BitLocker is also available on Windows 8 Pro.

Related Articles:

Quick Selection Guide

TrueCrypt
5
 
Gizmo's Freeware award as the best product in its class!

Runs as a stand-alone program on a user's computer
A seasoned, widely-used encyption program. Use TrueCrypt to either encrypt the Windows boot partition or the entire boot disk. TrueCrypt's open source status allows the all-important peer review of the source code required for a trustworthy encryption program.
It takes some time to learn how to use TrueCrypt if you've never used any sort of encryption program before.
http://www.truecrypt.org/
7.1
3.0 MB
32 and 64 bit versions available
Open source freeware
A portable version of this product is available from the developer.
Windows 2000/2003/XP/Vista/7 Runs on Windows 8, but may not be compatible for full disk encryption; Mac OS X; Linux
FREE CompuSec
4
 
Runs as a stand-alone program on a user's computer
Pre boot access control. Encryption in hibernation mode. Includes optional utilities for encryption of files, "containers", voice, thumb drives. Free Compusec is free for both personal and business use.
You won't be able to use standard methods for double-booting if you install this software.
5.3.0.0
20.3 MB
Unrestricted freeware
There is no portable version of this product available.
Supports all Windows OS with 32-bit editions (Windows Vista, Windows XP, Window 2003, Window XP Tablet Edition & Windows 2000). Linux version available too
DiskCryptor
3.5
 
Runs as a stand-alone program on a user's computer
DiskCryptor offers encryption of any and all disk partitions, including the system partition. It is intended for full drive encryption only. DiskCryptor offers simplified operation and performance advantages over TrueCrypt. It has a simple, intuitive user interface. The documentation for DiskCryptor is clear and complete.
1.0.757.115 as of 2013.01.03
575 KB
32 bit but 64 bit compatible
Open source freeware
There is no portable version of this product available.
Windows XP / Server 2003 / Vista / Server 2008 / 7 , and maybe Windows 8

I encountered a fatal error reboot when trying DiskCryptor on Windows Developer Preview of Windows 8, but that's ancient history. The FAQ states "DiskCryptor supports any Microsoft operation system since Windows 2000. Windows 2000 support will cease with the release of DiskCryptor 1.0 which will require Windows XP or newer." The "Supported OS" section of the product description does not list Windows 8. There's also the question of support for UEFI, which virtually all Windows 8 computers use.

Tags
free encrypt software, best encryption software, encrypt drive, encrypt disk, encrypt partition, encrypt file.

Back to the top of the article

 

Share this
4.04
Average: 4 (25 votes)
Your rating: None

Comments

by Anonymous on 16. April 2008 - 9:39  (14)

A worthy alternative to TrueCrypt is Free Compusec, a product from German security specialist CE Infosys.
Free Compusec is a complete security suite including drive encryption,file encryption, secure VOIP and more. It is the full product and is completeley free (even for business use!). Only support and global deployment and administration software (for companies) is not free.

http://www.ce-infosys.com/english/downloads/free_compusec/index.html

by Anonymous on 20. April 2008 - 0:57  (174)

My main objection to CompuSec is its statement that you can't use other boot loaders or partitioning software with it. Otherwise, its ability to encrypt the entire system disk is indeed attractive (especially for a laptop).

- bill

by scribbler on 22. April 2008 - 0:50  (220)

While I agree TrueCrypt is a great bit of kit to have on your PC/USB, I found another one recently which is so simply and easy to use, as well as small in size, that I really am impressed by it no end!  It comes from "Jetico", who's stable includes the following..

..all of which have been around for some time, and come in various different versions.  But the program I want to bring to your attention here is called "BestCrypt Traveller"..which is a small freeware version of it's big brother.  It comes in a single small .exe file, that will allow you to store it on a USB or your PC/LapTop and, once there, it can be used to set up and use a virtual drive, complete with drive letter, which is password protected and holds any number of files, folders..or both, as long as their total combined size is not greater than the size of the drive you originally created.

The program, when in use, sits in your system tray in the form of a little icon that, when clicked on, offers a pop-up menu from which you creat/mount/dismount the drive in question.  When not in use, the drive and the files/folders it containes, like all virtual drives, still resides on your system or USB, but is invisible to both you and other parties until it is mounted..at which time it appears in the lists of drives on your system.

Overall..for design, ease of use and usefulness, I give it "10 out of 10"

 

by Anonymous on 17. May 2008 - 18:34  (703)

It's an elegant little program but it should not be named "Traveller" because you can only mount the encrypted container if you have administrator privilege on the host computer. The only truly portable encryption program that I have found is Remora USB Guard, but it encrypts and decrypts on a file-by-file basis (even if you choose to encrypt a whole folder) and is too painfully slow to use as protection for a whole USB flash drive.

If anyone knows of a utility like BC Traveller or Portable Vault that doesn't require administrator privilege on the host, I would love to know about it.

by Anonymous on 18. May 2008 - 17:20  (742)

You can use TrueCypt in combination with TCExplorer.
http://www.codeproject.com/KB/files/TCExplorer.aspx
It will allow you to mount truecrypt volums (fat formated) without administrator privileges.

by Anonymous on 6. June 2008 - 20:40  (1683)

This objection is only valid for system drive encryption. The same goes for all the other programs (including Truecrypt), as the encryption/decryption program must start before the OS, i.e. in the bootloader part of the hard drive. That's why you cannot have both system drive encryption and third-party bootlader. They would use same place on the hard drive...

by Anonymous on 17. June 2008 - 19:26  (2276)

I would agree that Compusec is is quite worthy of mention... while I have been a TrueCrypt user for a while I wanted something that would encrypt my system drive as well. It does mean that I can't multiboot from my laptop drive but if [or possibly when] it gets ripped off I will have little concern for the "unwanted recovery" of any data that is on it.

by adamwright66 on 27. September 2008 - 14:09  (8356)

hi,

i use both truecrypt and freeOTFE by sarah dean . i think freeOTFE has more options to work with , and is more flexible than truecrypt.

i wish someone expert evaluate these good programs.

www.sdean12.org
www.freeOTFE.org

www.truecrypt.org

regards . adam

by Anonymous on 6. October 2008 - 21:52  (8786)

According to the TrueCrypt website, 64 bit OS's are supported.

TrueCrypt can currently encrypt the following operating systems:
Windows Vista
Windows Vista x64 (64-bit) Edition
Windows XP
Windows XP x64 (64-bit) Edition
Windows Server 2008
Windows Server 2008 x64 (64-bit)
Windows Server 2003
Windows Server 2003 x64 (64-bit)

by philip on 7. October 2008 - 14:36  (8819)

Thanks for the update Anon.

by Anonymous on 12. October 2008 - 5:11  (9069)

I think the latest version of TC can encrypt the Windows system partition: http://www.truecrypt.org/docs/?s=system-encryption

by Anonymous on 11. December 2008 - 22:09  (11788)

Truecrypt 6.1a is out and starting with version 6 TC gives you the ability to create a hidden system volume with it's own operating system (the ability to create a hidden volume in non-system volumes was present even before version 6, but the ability to create a hidden system volume enhances the utility of TC even more.

by Anonymous on 23. December 2008 - 13:35  (12334)

With TrueCrypt you can encrypt your Windows partition and still have the option of booting to a Linux partition.

by philip on 24. December 2008 - 5:38  (12380)

Good to know Anon. That probably means that along with GRUB or LILO, other boot managers can multi-boot multiple operating systems under TrueCrypt, even though the Windows boot-system can't. Some boot managers might even handle more than one Windows partition, in addition to Linux. :-)

Cheers

by Anonymous on 25. April 2009 - 8:31  (20494)

I use FreeOTFE to create a 1.5 GB volume. When I transfer around 1 GB files to the volume, it takes me more than 3 hours! I take the default options to create volume. If anyone konws there are some options to transfer files quickly, I would love to know.

by philip on 25. April 2009 - 14:23  (20505)

I've used TrueCrypt to create 4 GB volumes and transferred 700 MB to them at one time without experiencing long transfer times.

Cheers

by JonathanT on 14. May 2009 - 10:56  (21550)

Truecrypt 6.2 has been released.
http://www.truecrypt.org/news

by Anonymous on 14. May 2009 - 12:06  (21552)

FREE CompuSec is an outstanding product for the average user, especially for laptop owners.

http://www.ce-infosys.com/english/downloads/free_compusec/

by Anonymous on 14. May 2009 - 12:42  (21558)

That's weird, I didn't supply a link!?

by peter on 14. May 2009 - 15:09  (21566)

The magic of moderation!

by Anonymous on 14. May 2009 - 17:57  (21574)

Hmm.. maybe such "moderation" would be better served by updating some of these articles; and making their recommendations less skewed towards the advanced, rather than the average user? ;-)

by peter on 14. May 2009 - 18:14  (21578)

We are very conscious of the update problem, and have just recruited a whole slew of new Editors in an effort to improve the situation. You could help by applying to be one.
I'm afraid we'll always disagree about the categorization of "average" and "advanced". We aim to help ALL users. Our Forum provides speedy individual help to any user.

by Anonymous on 15. May 2009 - 9:50  (21624)

Must be something wrong with your setup - it does it in a fraction of the time on all of the systems I use it on.

by Bob on 15. May 2009 - 15:24  (21641)

I found this companion article helpful (also linked above):

Encryption is Not Enough, http://www.techsupportalert.com/content/encryption-not-enough.htm

It's extremely clearly written.

by Anonymous on 26. May 2009 - 22:43  (22404)

I would suggest using only peer reviewed open source encryption software eg, FreeOTFE, TrueCrypt etc. Some might remember the Swiss encryption company scandal wherein it was belatedly discovered that backdoors had been written into their closed source proprietary software.

by Anonymous on 9. February 2010 - 11:21  (43154)

would like to nominate Safehouse Explorer. It has a free for personal use application.

www.safehousesoftware.com/SafeHouseExplorer.aspx

After it has been installed on a PC the files can, simply, be copied to a USB pen drive to make a password protected, encrypted device.

Very easy to use and completely standalone.

by philip on 9. February 2010 - 15:48  (43166)

Thanks, SafeHouse Explorer is a useful program. It fits better in the Best Free File Encryption Utility and Best Free Encryption Utility for Personal Use categories though. You'll find reviews of SafeHouse Explorer in those categories.

Cheers

by Anonymous on 10. February 2010 - 21:50  (43314)

Optionally Run Stand-Alone without Installing

SafeHouse Explorer can optionally be run as a stand-alone executable file without needing to be installed, meaning that it can be run directly from USB memory devices or even the Internet; thereby making it possible for you to now access your protected files from public access PCs found in schools and libraries.

by Arrow1234 on 15. February 2010 - 21:48  (43699)

A warning to all out there about TrueCrypt. Installed the program a week ago on my laptop (vista premium 32 bit) PC (windows xp 32 bit) and was just about to install it on my PC Quad Core (vista Ultimate 64 bit). After i rebooted both my laptop and Windows xp machine it did not recognise my password on reboot on both machines. Password incorrect. The password was correct on all occasions as i had used it over the past 7 days. AS u maybe well aware its virtually impossible to get any of the machines to boot without the correct password once the system drives are encypted. Over the pass day or so an update of some sort has caused the problem as both machines have the same software on them. Checked the Truecrypt forums others have had the same problem. Lucky i Imaged both computers before I encypted them.

by MidnightCowboy on 15. February 2010 - 21:57  (43703)

Thanks for the heads-up. Much appreciated.