Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Can I encrypt my user directory transparently?

22 Oct 2010   #1
acidburn

7 ultimate 64-bit
 
 
Can I encrypt my user directory transparently?

hi all, i need to secure my user directory transparently, here is my scenario:

using windows_7 64-bit;

i have very important development files on this pc, i want to secure these files under my user directory so that they cannot be read in case of physical access / stolen hardware.

this hardware does not have tpm so i cannot use bitlocker, not that i would anyway since the only thing it gives is a false sense of security.

an option is to create a truecrypt container, however this will be limited to a fixed size, and the nature of development i cannot safely guess the size of the container for the next year or two. i also cant do full partition encryption cos i cant reinstall this work pc. lets just say the company does not give a shit about securing the dev files :/

going into the folder properties > general tab > advances attributes we can check the "encrypt contents to secure data" option, i can't find any details on what encryption is used or how secure it is. on top of that, file descriptors are _not_ encrypted, only contents. so booting with a live cd you can still see the file structure of individual files. much more exposed than im comfortable with.

i want this to be transparent, ie i log in with my domain account and my user data is decrypted, i log out and the data is secured again. i don't want to mess around with a) mounting separate encrypted volumes or b) enter multiple passwords to log in and decrypt, and also c) not expose the file structure, but rather a blob of encrypted data, less vectors of attack if you know what i mean.

so, the question is... what can i do to secure my user directory, transparently?


My System SpecsSystem Spec
.
22 Oct 2010   #2
mckillwashere

Windows 7 x86/x64, Server 2008r2, Web Server 2008
 
 

I am going to suggest TrueCrypt - Free Open-Source On-The-Fly Disk Encryption Software for Windows 7/Vista/XP, Mac OS X and Linux This program is great you can make a seemingly usual file maybe a .iso file (maybe what I use, cause iso's can get quite large). and have everything encrypt to inside that file :)
My System SpecsSystem Spec
02 Nov 2010   #3
acidburn

7 ultimate 64-bit
 
 

Quote   Quote: Originally Posted by mckillwashere View Post
I am going to suggest TrueCrypt
As I said above I can't reliably predict the size of the container for the next 2 years, but I guess it's just one of those things. i won't be securing this data after all, their lack of insight isn't my problem any longer :)
My System SpecsSystem Spec
.

02 Nov 2010   #4
mckillwashere

Windows 7 x86/x64, Server 2008r2, Web Server 2008
 
 

With truecrypt you can set it for an UNGODLY size 500 GB to 500PetaBytes and have it grow dynamically9It doesn't allocate all at once)
My System SpecsSystem Spec
02 Jun 2018   #5
cincinnatiman

windows 7
 
 
qusition was ask can u encript drive and be trasparent

i am admaize that no one can awaser this, that most people dont understand what is out on market
yes u can encript a drive and no one can get the keys, how, well takes 4 things, good workstation
a workstation has tpm on it, and all firmware fully upgraded
now for what u need, seagate ed sed harddrives, these are self encripting hard drives,
how they work seams no one look at seagate even knows, but tpm must be turn on
bad part is u cant tell drive is ack encripted, one these drives cant be put in raid
doing so disables encription, so we got tpm turn on we booted in what windows 7
ok turn on bitlocker, do not get on the internet doing this time i cant stress this enouf and dont lose back up key
and i cant stess that hard enouf, throw bitlocker is microsoft is dose work with the drives
how i understand all this works, is harddrives makes very small parttion that no one can find, this partion is back up
in event one gets damage the keys keep here and it is highly encripted now yes bitlocker key will unlock the drive
but this just for software drive checks for it own keys, if drive is remove from pc put into another will never work
can data be stolen wile online well all encription software has a probem they dont do file by file encription decription
and doing this would use grate deal cpu power so we must find way deal this, now we got probems with domains and remote access wich all can be done very easy, just nsa wont alow this never be done, nsa wants access to all computes wich they have and not being able read files well no one wants fight goverment to make this work, i beleave busness able to do this but being stop, with ileagle presher from the goverment but when goverment can cost u millions do u really wish to fight them
well me i would in heart beat, i told seagle how fix each of all there probems but they will never ever use it, it would make pc hack proof and nsa proof, but u must understand to do this u must have very powerfull pc, some the big ones is hp z800 z820 and i shure there is others, each cpu has it own memory, so it can muiltytask but need code to do it,
there is no code currently as 2018 that alows a pc to multy task in right way in other words send one thread to one cpu, now we need montor to find out how much cpu power dose take to use this program and would set the number cpus base on needs, and as needs change so will this on the fly, short this there is no current program will keep file lock so it cant be stolen, need more safe gards, and better firewalls that look for servers with no mac address, or servers has no busness on pc,even if the pc ask for it, if owner did not ask for it it all should be block but currently best firewall is ipfire, my 2 cents on that, it dose have its own probems, and i hope that they fix them in short as 2018 this kind encritpion is not being done so who will buld new firmware to alow seagate drives to do this
My System SpecsSystem Spec
Reply

 Can I encrypt my user directory transparently?




Thread Tools




Similar help and support threads
Thread Forum
copying contents of user directory
Hi, all - I have a system with two drives, one with Windows 7 and the other with Linux. Recently, my Windows installation failed to boot. I was able to copy the contents of my user drive by mounting the Windows drive while booted in Linux. I've since rebuilt the Windows drive, and am ready to...
General Discussion
What's the short name for the user directory
By that i mean like %appdata% but for the current user directory... or maybe the documents directory?
General Discussion
Padlock symbol on user name in User directory
I am using Windows Home Premium 64 bit SP1. My user directory under c:/...Users shows a padlock symbol on the folder for user "kevin". I believe that this is the reason this directory will not back up to my cloud drive provider. What does the padlock mean, and how do I remove it?
Software
Windows Directory shows USER not NAME
This is a minor nuisance but still it wasn't an issue in XP or even Vista. My Windows 7 Pro still shows the name as USER if looking in the folder "C:\". For example, there are 2 user accounts, both Administrators. When Windows 7 boots, you have a choice to log into SAM or JOY. However,...
General Discussion
Active Directory User and Computers
Active Directory User and Computers "MMC could not create the snap-in" Anybody get this working? I've googled to no avail I've tried the Vista fix, registering a bunch of DLLs, but that didn't fix it.
General Discussion


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 14:46.
Twitter Facebook Google+