Scrambled Bits – Part Two: BitLocker To Go

by Scott Roche on December 6, 2010 · 0 comments

in Windows

Previously on “Scrambled Bits” I told you about how to encrypt your computer’s hard drive using a Windows tool called Bit Locker. It’s fairly straightforward and better yet it’s free. Even more important than encrypting a PC’s hard drive, is encrypting the ubiquitous USB drives that so many people carry in their pockets. It’s easy enough to misplace them and without encryption any stranger can plug one into any PC and read its contents.

Windows 7, in the Enterprise and Ultimate Editions, offers that level of encryption with BitLocker To Go. There are certainly encryption tools independent of any operating systems, as I will talk about in a future installment, but if you do have Windows 7 then using Bit Locker To Go is a good place to start.

Enabling it is as easy as right clicking on the drive you wish to encrypt, choosing to enable it, and following the prompts to create a password and a recovery key. Creating a strong password of at least eight to ten characters using a combination of letters, numbers, and special characters is recommended.

As with Bit Locker, you should be careful to put the recovery key in a secure location, preferably not on your own home PC. If you lose the key and forget the password then the data will be unreadable. A couple of excellent websites to use to store the key off site include Dropbox and Evernote. Strong passwords (stronger than the sites recommend) are encouraged for any website you use as well.

As a side note, it is this geek’s opinion that when it comes to USB drives, even more so than regular hard drives, if the data is important enough to encrypt it is important enough for you to back up. I would never store my only copy of any vital information on a flash drive as they are prone to corruption and data loss.

So, since Bit Locker To Go is a Windows 7 only product, does that mean only Windows 7 computers will be able to read it? Not at all. When you set up a drive it installs a reader on an unencrypted part of the drive. This reader will work on any Windows XP or Vista machine. You will only be able to read any of the files though. Making changes or adding files to the drive in an older OS is not possible.

One last thing about using Bit Locker to Go. When you plug the drive in a computer you will have the option to show the password characters as you type them and the option to automatically unlock the drive on that particular computer from then on. It may seem an excess of caution, but I don’t recommend using either of those options. The show password option may be fine at home, but “shoulder surfing” for passwords in public areas is one of many free tools in a hacker’s bag of tricks. As for letting the computer remember your password, it’s good to get in the habit of you remembering your own password. In addition, public computers are prone to key loggers and other spy ware that can make a record of any data input on the PC. Even on your home PC, the password would be stored without being encrypted.

So those are the tools in Windows that will let you take the next step in keeping your data safe. What happens if you don’t have a PC or your machine isn’t new enough to take advantage of BitLocker? In the next and final installment I’ll show you a tool that will let you do the same things for the same low, low price of free and it works in any operating system.

Previous post:

Next post: