Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.

Windows 7: TRUECRYPT - Encrypt Data Folders

TRUECRYPT - Encrypt Data Folders

How to Encrypt Data Folders with TrueCrypt in Windows
Published by Golden
19 Jul 2012
Published by

information   Information
TRUECRYPT is a free open source application that allows you to encrypt files, folders, partitions or even entire physical drives. It is a very useful alternative to Windows Bitlocker Drive Encryption, which is only available in Windows 7 Ultimate.

Truecrypt's basic mode of operation is to encrypt all data and free space within a nominated container/volume using well established encryption algorithms and user-defined passwords or key files. The container with the encrypted data is accessed by mounting the container as a drive using the Truecrypt service.

Update 29/05/2014 : the current status of Truecrypt Development is unknown. Please refer to this blog for some background : How to securely download TrueCrypt 7.1a

Truecrypt does not have a 'backdoor' so its vital to pick a password that is easily remembered.

Tip   Tip
If this is your first time working with encryption, then I strongly encourage you to create an unencrypted backup of your data prior to attempting this tutorial.

Click here to download Truecrypt.

Install Truecrypt to the location of your choice as you would any other application using the installation wizard. When prompted, choose the Install mode as shown below.
TRUECRYPT - Encrypt Data Folders-tc2.png
Ignore the donation screen and tutorial screen once installation is complete.

I've structured this tutorial to allow you to follow the practical steps I have implemented to:
  • Encrypt a folder and it's contents, and
  • Work (add/remove/modify files) with this encrypted folder on a daily basis.
Below is an image showing a folder that I wish to encrypt. The folder contains sub-folders and a mix of different file types including; .PDF documents, ASCII files and .XLSX MSExcel spreadsheet files.
TRUECRYPT - Encrypt Data Folders-z1.png
The goal is to encrypt the \Investments folder and it's contents.

Note   Note
Once a folder is encrypted, TRUECRYPT refers to this folder as a 'container' or 'volume'. This nomenclature is used to distinguish between an unencrypted folder, and one that has been encrypted, and I have kept with this nomenclature throughout this tutorial to avoid confusion:
  • Folder = unencrypted folder visible in Windows Explorer
  • Container/volume = encrypted folder visible via TRUECRYPT only

Step 1 - Creating an Encrypted Container
Open TRUECRYPT, and select Create Volume as shown below.
TRUECRYPT - Encrypt Data Folders-z2.png
The Volume Creation Wizard will open and display 3 choices - the Create an encrypted file container is the default choice, and the one used to encrypt data folders. Ensure the first option is selected and then click Next.

warning   Warning
The other two choices are used to encrypt entire system and non-system partitions. I recommend you steer clear of these as they are unforgiving if mistakes are made, or the encryption header information is corrupted. We have seen one case here of encryption headers being corrupted with the result that the entire partition has been permanently lost. You have been warned!

TRUECRYPT - Encrypt Data Folders-z3.png
Select Standard TrueCrypt volume from the Volume Type panel, and click Next.
TRUECRYPT - Encrypt Data Folders-z4.png
In the Volume Location panel, specify the name of the encrypted container you wish to create - you can use the Select file button to browse to an existing empty folder, or type the location and name of the container you want to create. In this example, I have nominated to create a container on my G: drive called Encrypted_Investments. Click Next to continue.

warning   Warning
Do not select an existing folder with your data files as TrueCrypt will over-write these files. Always create a new container, to which you will copy & paste your files you want to encrypt at a later stage. This is the safest method of creating an encrypted container.

TRUECRYPT - Encrypt Data Folders-z5.png
The Encryption Options panel will be opened, allowing you to select the Encryption Algorithm and HASH Algorithm. Both of these options are used to securely encrypt your data.

Note   Note
In layman's terms : the encryption algorithm is a cipher that determines how your your 'readable' data is transformed into an 'unreadable' format. The HASH algorithm is used to create a random key that authenticates any attempts at accessing the encrypted data container. A detailed discussion on encryption, ciphers and HASH algorithms is beyond the scope of this tutorial, but you can read more about this here.

There are several choices of encryption algorithm available, including AES, Serpent, Twofish and combinations of the three. The choice of algorithm dicatates the speed at which encryption occurs - the image below shows the benchmarks for each algorithm for a 1GB container:
TRUECRYPT - Encrypt Data Folders-encryption_benchmark.jpg
For this example, I have used AES encryption (robust, widely used, fast and low memory overhead) and Whirlpool HASH algorithms - select these options, and then click Next.
TRUECRYPT - Encrypt Data Folders-z7.png
In the Volume Size panel that opens, you need to specify the size of the encrypted container you wish to create. My \Investments folder is 29MB in size, so I have opted to create my \Encrypted_Investment container (volume) 50MB in size. After specifying the appropriate values, click Next.
TRUECRYPT - Encrypt Data Folders-z8.png
In the Volume Password panel, specify a password and then click Next.
TRUECRYPT - Encrypt Data Folders-z9.png
warning   Warning
Be sure to use an easily remembered password - Truecrypt has no 'backdoor' functionality, so if you forget the password then you will NOT be able to decrypt the encrypted data.It will be as good as lost - permanently.

In the Format Volume panel, you need to specify the format of the encrypted volume (in my case I used NTFS and left the Cluster size as a default). This panel is also where the HASH algorithm you selected is used to randomise the encryption.

You do this by moving your mouse in a random pattern across the panel (shown as the red trace in the image below). As you do this, the Random Pool values on the panel change. The longer and more random the mouse movements, the stronger the encryption. Once you have finished that, click Format to create the encrypted container/volume.
TRUECRYPT - Encrypt Data Folders-z10a.png
Tip   Tip
If your encrypted data is likely to grow in size as you use it then you should also select 'Dynamic' and nominate a container/volume size large enough for future additions. This option will use the minimum amount of physical disk space required for the current contents of the container. The physical size of the container can only increase up to the maximum value that is specified by the user during the volume creation process.

Progress of the encryption will be displayed, and once complete you will need to allow TRUECRYPT to write the changes by clicking Yes on the Windows UAC pop-up panel.
TRUECRYPT - Encrypt Data Folders-z11.png
A confirmation message will be displayed as shown below.
TRUECRYPT - Encrypt Data Folders-z12.png
The encrypted container/volume appears in my G: drive as shown below. Windows treats this container as it would any normal file - it can be deleted, copied, backed-up and moved around just like any other file.
TRUECRYPT - Encrypt Data Folders-z13.png
Click Next to create another encrypted volume, or Exit to return to the main TRUECRYPT panel.

Step 2 - Working with the Encrypted Container
Working with an encrypted containers/volumes requires you to mount the encrypted container/volume that you created previously.

From the main TRUECRYPT panel, select an available drive letter, then use Select File to browse and pick the container you created in step 1. Click on Mount, as shown below as shown below.
TRUECRYPT - Encrypt Data Folders-z14.png
Now enter the password you used to create the encrypted container in step 1, and click OK.
TRUECRYPT - Encrypt Data Folders-z15.png
The main TRUECRYPT panel will now show the mounted container/volume, size and encryption algorithm used.
TRUECRYPT - Encrypt Data Folders-z16.png
Tip   Tip
Use the Favorites menu bar to add your mounter volumes to the favorites list. When you next decide to mount volumes, they are then easily accessible from the Favorites menu as shown below.
TRUECRYPT - Encrypt Data Folders-z18.png
The mounted volume will also now be visible in Windows Explorer, although at this stage it is empty because there have been no files copied into it yet. Once you drag files into the mounted container/volume, it looks like this.
TRUECRYPT - Encrypt Data Folders-z17.png
You can now work with these files as you normal would. If you no longer require the encrypted data to be mounted, highlight the mounted volume, and then select Dismount.
TRUECRYPT - Encrypt Data Folders-z19.png
A smarter way to work with TRUECRYPT, is to have it automatically start the TRUECRYPT service. To do this, select Settings > Preferences from the main TRUECRYPT panel, as shown below.
TRUECRYPT - Encrypt Data Folders-z21.png
Now place check marks in the Truecrypt background task items as shown below.
TRUECRYPT - Encrypt Data Folders-z20.png
Each time you boot your computer to Windows, the TRUECRYPT service will start and a Truecrypt icon will be placed in your task bar. You can access all the TRUECRYPT functionality, and mount/dismount volumes far more easily, as shown below.
TRUECRYPT - Encrypt Data Folders-z22.pngTRUECRYPT - Encrypt Data Folders-z23.png
Tip   Tip
When no encrypted containers are mounted, the TRUECRYPT icon is blue. When an encrypted container/volume is mounted, the icon is brown.

Step 3 - Disaster Recovery
There are steps you can take to mitigate against losing the information within the encrypted container/volume:

  1. Use an easily remember password - if you forget the password, then it is impossible to decrypt the contents of the container.
  2. Backup the unmounted container just like any other data file, using the backup strategy of your choice.
  3. Create a backup of the volume header information - this backup header allows you to mount and recover the encrypted data if the original header information of the encrypted container becomes corrupted.
To create a backup of the volume header information, do the following:

1. Dismount any encrypted containers/volumes, and from the main TRUECRYPT panel, use the Select File button to browse to the encrypted container, and then select the Volume Tools option, as shown below.
TRUECRYPT - Encrypt Data Folders-z24.png
2. From the Volume Tools context menu, select Backup volume header. Note the information panel and click OK. You will be prompted to enter your password that you used when you created the encrypted container/volume. You will now be prompted to confirm whether your encrypted container/volume contains a hidden volume. The answer is NO, so you should select the middle option as shown below.
TRUECRYPT - Encrypt Data Folders-z25.png
3. Click Yes on the confirmation panel pop-up. In the Explorer Windows that opens, specify a location and name for the header backup file and click Save, as shown below.
TRUECRYPT - Encrypt Data Folders-z26.png
4. Within the Random Pool Enrichment window that opens, move your mouse in random patterns within the window to encrypt the contents of the backup header file, and click Continue.
TRUECRYPT - Encrypt Data Folders-z27.png
5. Once the volume header backup confirmation panel has been displayed, click OK.

The header backup file has now been created - you should also backup this file using your usual backing up procedures.

To recover a corrupted TRUECRYPT container, please refer this tutorial:
TrueCrypt - Recover Corrupt Container

There you have it : a basic introduction to data encryption using TRUECRYPT.

Note   Note
Special thanks to Derek who tested this tutorial for me.


19 Jul 2012   #1


Great work

My System SpecsSystem Spec
19 Jul 2012   #2

Windows 7 pro 64-bit

My System SpecsSystem Spec
20 Jul 2012   #3

Windows 8 Professional 64bit

Thank you, this is exactly what I have been looking for!
My System SpecsSystem Spec

4 Weeks Ago   #4
Lady Fitzgerald

Win 7 Ultimate 64 bit

Truecrypt has not been supported since 2014 and is no longer as secure as it used to be.
My System SpecsSystem Spec
4 Weeks Ago   #5
Microsoft MVP

Windows 7 Ult. x64

Quote   Quote: Originally Posted by Lady Fitzgerald View Post
Truecrypt has not been supported since 2014 and is no longer as secure as it used to be.
It depends on what source of information you trust. Steve Gibson of GRC has an excellent track record when it comes to security, and he has made a compelling article as to why 7.1a is still completely safe to use.

My System SpecsSystem Spec
4 Weeks Ago   #6

Win7 Pro 32bit

VeraCrypt is the regularly-updated fork of TrueCrypt.
VeraCrypt - Free Open source disk encryption with strong security for the Paranoid
My System SpecsSystem Spec
4 Weeks Ago   #7
Lady Fitzgerald

Win 7 Ultimate 64 bit

Quote   Quote: Originally Posted by Golden View Post
It depends on what source of information you trust. Steve Gibson of GRC has an excellent track record when it comes to security, and he has made a compelling article as to why 7.1a is still completely safe to use.

That article is over two years old. One of the developers of TruCrypt has developed a fork called VeraCypt that is basically TrueCrypt only it is being kept up to date.
My System SpecsSystem Spec

 TRUECRYPT - Encrypt Data Folders

Thread Tools

Similar help and support threads
Thread Forum
Encrypt emails and data
In the light of the concern/debate re the privacy issues in Windows 10 which is something I am not entirely happy with I am wondering if there is a way of encrypting one's emails and data so that it is not available to anyone including Microsoft. I realise that any recipient of one's mail would...
General Discussion
Unique situation: Win7 MBR unable to encrypt using TrueCrypt
SOLUTION FOUND: You have to delete the 100MB Partition and it will work perfectly. Link on how to do this: edit: Summary of problem-- I get stuck on the part where TC asks you to restart in order to test the...
General Discussion
Can TrueCrypt encrypt just folders?
I want to encrypt my Dropbox folder. Thanks.
Which folders to encrypt with EFS
Are there any folders that should be encrypted, for example temp folder and such?
System Security

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 01:22.
Twitter Facebook Google+ Seven Forums iOS App Seven Forums Android App