How do I encrypt things?

[Irving]

I know zero about encryption.

Is it possible for me to keep a file on my laptop with sensitive information, but have it encrypted? I've been keeping a spread sheet of important info on an external hard drive, but it's a pain to always go get it, and I'd like to have the info available all the time. I don't want to have this info on the cloud.

Is encrypting and password protecting a specific folder or file something I can do? If someone can point me in the correct direction I'm sure I can do some research on my own, but this is something I know nothing about. Please point me in the right direction.

Thank you.

P.S. Google Drive is convenient, but I just assume it isn't safe for sensitive stuff and don't use it. Is that correct?

[iego]

The problem with encrypting things, is that when you go to use it, by definition, it needs to be decrypted. So for convenience, you will keep it decrypted most of the time.

With that said, I use Microsoft Bitlocker on everything I own, so that if I am to lose a flash drive, or something, I can feel safe in the knowledge that it is encrypted.

Devices can be protected by encryption, but data, not so much, as like I say... you will probably have it decrypted for everyday usage.

-John

[Irving]

Are there options for what I want? I suppose I could get a thumb drive and keep it with me most of the time and just update everything frequently.

[iego]

Yes, you can use Microsoft Bitlocker to encrypt a thumb drive, and then keep your most important secrets there. If you lose the key, you will lose access to the information. When you go to use the information, you will be decrypting the drive/data, and if you have security vulnerabilities, they can get to your data then.

It will protect you from random data loss, and I highly recommend it.

-John

[Irving]

Hmmm, I think I'll have to do that. Then I can have all the important stuff I want on my external and have that encrypted. Then I'd have copies on thumb drives. I shouldn't need it all that often, but I suppose if I'm really worried, I can use the thumb drive in the field on a device that is not connected to the internet.

As far as decrypting, is that as simple as just entering a password?

What are your thoughts on cloud storage?

[iego]

I like Microsoft Bitlocker because decrypting is as simple as providing a password (among several authentication methods). You also (they) have a recovery key, which can be used to recover your data if you lose your password.

Anything and everything in the cloud can pretty much be considered compromised. Microsoft offers a "bring your own key" encryption for some of their services, but just in general, when your data is in the cloud, if it has not been specifically encrypted by yourself, using a method/key that you are sure of, for sure the Cloud Service Provider can read it, and therefore anyone that can hack them can read it, etc.

There used to be a product called TrueCrypt, which I liked. It offered plausible deniability because you could make a encrypted file, anywhere on your hard drive, which appeared normal, like random data, but was really an encrypted data store.

Today I don't really worry about plausible deniability, I just encrypt everything, and only store my really important things on devices which are not normally decrypted, like flash drives.

Passwords, I have started just keeping on paper. The only times they are digital are when I type them in (which is no good, but sheesh.)

-John

[DireWolf]

There used to be a product called TrueCrypt, which I liked. It offered plausible deniability because you could make a encrypted file, anywhere on your hard drive, which appeared normal, like random data, but was really an encrypted data store.

The new equivalent/successor to TrueCrypt is called VeraCrypt, which also works very well for its intended purposes. Definitely worth a look if TC was something you found useful.

Is encrypting and password protecting a specific folder or file something I can do? If someone can point me in the correct direction I'm sure I can do some research on my own, but this is something I know nothing about. Please point me in the right direction.

If you take a look at VeraCrypt and it doesn't really hit the mark, feel free to PM me and I'd be happy to provide a bit more assistance offline.

Normally I'd elaborate a bit more here, but I quite literally spent all day explaining to a roomful of application architects and developers how to build & integrate extremely high-volume crypto/key-mgt systems...

An iron key might do what you need

Also a good suggestion worth looking into - these have come a long way since originally released.

[Irving]

Thank you so far.

[feal]

An iron key might do what you need

[JohnnyEgo]

I am still using FreeOTFE, which is very similar to TrueCrypt, right down to being abandoned several years ago. But it still works and is relatively seamless. Mount your encrypted file or drive, do your business, dismount and move on. I am not a hacker or a security nerd, but I travel with a lot of data, including scans of medical documents and important papers that I wouldn't want randomly exposed to the world if I left my laptop behind in a plane or hotel. I also use Express VPN on the road since I spend a lot of time on sketchy hotel wireless connections. Seems secure, relatively painless to set up for a regular guy user.