How to Encrypt & Decrypt a File
The information age has led to large amounts of private information being stored on home computers. Protecting this information is vital to the security of anyone with an electronic presence. Something as innocent as selling your old computer online can result in your data becoming accessible to other people---even if you format your hard drive first. Fortunately, protecting against this danger is easy with the use of file encryption. Modern utilities make encryption quick and easy for home users.
Things You'll Need
- Computer with Internet access
Install the appropriate version of TrueCrypt, a popular encryption utility. Although there are a number of other solutions out there, TrueCrypt is widely used, is considered to be highly secure and is available for free. Windows, Linux and Mac OS X versions are available.
Create a TrueCrypt file container. This is a file that holds the files you wish to encrypt. To create a container, run TrueCrypt and select the "Create Volume" button. This will bring up a wizard to guide you through the process. Select the option to create an encrypted file container, click "Next" and then select the option to make a standard TrueCrypt volume. Next, specify the name of the container file. Click on the "Select File" button, select a location, name the file and click "Save." You may wish to give the file a discrete name to avoid drawing attention to it.TrueCrypt will ask you to select from a list of different encryption algorithms. If you are new to file encryption, don't worry about which algorithm to select---just press "Next." You will be prompted to enter a volume size. This needs to be big enough to accommodate all of the data you wish to secure. If you are just looking to encrypt a small file, 5 MB might be enough. However, if you need to encrypt large amounts of data, such as multimedia files, you will need much more space.Be sure to choose a strong password for your file container, as your password is the most important thing protecting your data. At the same time, however, make sure the password is something you will remember. Your data will be irrecoverable if you forget it.Finally, format the volume. You will want to move your mouse around randomly within the window to supply the computer with enough random data to make the encryption. Click "Format" after doing this for a few minutes.
Mount the newly created TrueCrypt partition and drag files into it to encrypt your data. From the main TrueCrypt window, select a slot and then click on the "Select File" button. Browse to the container you created and select it. Next press "Mount." You will be prompted for the password you selected earlier. Once you input the proper password, the TrueCrypt volume will be accessible just like a regular disk. You can open it the same way and drag files into it using your operating system's file browser. When you are finished working with these files, click the "Dismount" button in TrueCrypt to protect them.Decrypting the data works the same way---mount the container file using TrueCrypt and access its files as if they were regular, unencrypted files.
Download GnuPG, from either the GnuPG website or your favorite package repository. Like TrueCrypt, GnuPG is a popular free encryption utility. Although it is typically favored for encrypting documents such as emails, GnuPG has file encryption capabilities as well. You may prefer this particular utility if you prefer to use open source software.
Generate a GnuPG key pair. Although different operating systems use different graphical user interfaces for GnuPG, the process is the same. In Linux, the interface is called Seahorse and involves selecting "File," "New," "PGP Key" and "Continue." The Windows version is called "Gnu Privacy Assistant" and will automatically prompt you to create a new key. Regardless of which version you use, you will be prompted for your full name and email address. Enter these and advance to the next prompt, using either the "Create" or "Forward" button, as your version dictates. Next, you will be prompted for a password. Select a strong password involving capital letters, lowercase letters, numbers and symbols. (Make sure you do not lose this password or you will not be able to decrypt your data.) Once you have done this, your key pair will be generated.
Pull up a command prompt and navigate to the location of the file you would like to encrypt. On almost every system, this is achieved by using the "cd" command, followed by the directory of the file. Encrypting the file is achieved with the following command, where file.doc represents the name of your file, and email@example.com represents the email address associated with your key pair:gpg -ea -r firstname.lastname@example.org file.doc The encrypted document in the example above would be named file.doc.asc. Please note that the original file.doc remains unencrypted. Delete file.doc if you only want the encrypted version.To decrypt a file, use this command:gpg -d file.doc.asc >file.docEnter the password you chose earlier. You will notice that a new file with the name "file.doc" has been created. This contains your decrypted data.
Download an archive utility that can create ZIP or RAR files. Although these are not as secure as dedicated encryption tools, they have the advantage of being simple to use when you need encryption in a pinch.
Move all of the data you wish to encrypt into a single folder. In addition to allowing you to encrypt the data more easily, this will allow you to find each file after decrypting and extracting it.
Create an archive of the folder you created. Selecting a compression method to reduce the file size can add to security by helping you hide the data. Modern archiving software tends to have an option in the form of a check box, which allows you to require a password for the data. Select this option and choose a password to encrypt the data. To decrypt the data, extract the archive and enter the password when prompted.
Tips & Warnings
- Make sure you do not forget your password or you will no longer be able to access your data.