Encrypting a USB drive using TrueCrypt (Windows users)

This section explains how to create an encrypted TrueCrypt volume on a USB flash drive or hard drive. It is assumed that TrueCrypt is installed and that the USB drive is already recognised by Windows and assigned a drive letter. It should also be empty. If you have files already on the USB drive that you want to encrypt, you should copy them elsewhere now, delete them from the USB drive and then copy them to back to the USB drive after this process.

  1. Run TrueCrypt and click on Create Volume.
truecrypt1

2. Click Next to create a file container.

truecrypt2

3. Click Next to create a standard TrueCrypt volume.

truecrypt3

4. Click Select File.

truecrypt4

5. Browse to your USB drive and provide a name for the encrypted file. If you give the file a .tc extension it will be automatically recognised by Windows as a TrueCrypt file (recommended). Click Save and then Next .

truecrypt5

6. On the next screen you can choose which encryption algorithm and hash algorithm. All of these options offer strong encryption. Click Next to accept the default settings.

truecrypt6

7. Choose the size of the TrueCrypt volume. Do not use all the free space on the drive, as some space will be needed later for TrueCrypt files. It is recommended to use 8MB less than the total space.

truecrypt7

8. Choose a password for the TrueCrypt volume.

truecrypt8

9. On the next screen, move your mouse around the window randomly before clicking Format . This provides random information to help generate the encryption keys.

truecrypt9

10. Click Next and then Cancel to complete the process. From the main TrueCrypt windows, click Tools and then Traveller Disk Setup . This will allow you to automatically mount your TrueCrypt volume when you connect the USB drive.

truecrypt10

11. Click Browse in the File Settings section and select the root of your USB drive in the Browse for Folder window. In the lower section, select Auto-mount TrueCrypt volume , click Browse, and select the TrueCrypt volume you just created. Choose a drive letter to mount the volume as (T: in this example). Click Create .

truecrypt11

12. Next time you connect the USB drive, you will be prompted what to do. Click OK to mount the TrueCrypt volume. You will then be prompted for the password for this volume.

truecrypt12

13. The window that appears shows the contents of the encrypted container. It will have been assigned the drive letter you chose in 11. Any files saved to this drive letter will be automatically encrypted.

truecrypt13

14. Note that the USB drive now has two drive letters assigned, and these should not be confused. In the screenshot below, TrueCrypt Traveller Disk (E:) is the USB drive itself, which contains TrueCrypt files and the encrypted volume. You should not normally save files to this location. Removable Disk (T:) is the encrypted volume itself and this is where you should save your files.

truecrypt14

15. Before physically disconnecting the USB drive, you should first go to My Computer, right-click the TrueCrypt Traveller Disk and click Dismount all TrueCrypt Volumes

truecrypt15

16. Then right-click the TrueCrypt Traveller Disk again and click Eject .  You can now safely remove the drive without any risk of losing data.

truecrypt16

Page last modified on 05 jul 13 14:25