Password protection, Windows files/folders?

Discussion in 'Technical' started by ghrit, Nov 6, 2014.


  1. ghrit

    ghrit Ambulatory anachronism Administrator Founding Member

    For OPSEC reasons, I want to set up a password protected file folder in Windows if it is possible. According to the internet, there is no native way to do that in Windows other than by encryption, which also looks to be crackable by a chimpanzee. That said, there are ways to do it with third party software, free for the download. I mistrust 3rd party freebies, for what I have to say might be backdoors that might be hidden in the downloads.

    For (less?) obvious reasons, I'd prefer to not need to learn a new OS (like LINUX) or buy an Apple machine, if such a protected folder could be implemented in either of those systems.

    Possibly relevant, whatever it is should be compatible/functional with both Vista and W7 (and hopefully, with the next Windows OS.)

    Good ideas are needed; it's time to help a dummy if possible.
     
    sec_monkey likes this.
  2. sec_monkey

    sec_monkey SM Security Administrator

    Yep, the OS you mentioned can encrypt your whole drive and you can create encrypted files or containers on your encrypted drive which would provide more than one layer of encryption :) Layers are good.

    Dr M wrote a guide a while ago :)
     
  3. sec_monkey

    sec_monkey SM Security Administrator

    Not recommended on wind$$$ or apple
     
  4. sec_monkey

    sec_monkey SM Security Administrator

    A very popular free program that used to provide some encryption for wind$$$ was abruptly discontinued under very mysterious circumstances.
     
  5. Airtime

    Airtime Monkey+++ Site Supporter

    There are some USB jump drives with encryption and password access. No software or special OS and some of those drives are allegedly rather secure.
     
  6. sec_monkey

    sec_monkey SM Security Administrator

    The encryption on USB flash drives is sometimes very weak and the passwords or keys are sometimes easy to break.

    An external 3.5" eSATA or SATA hard drive would be the fastest option :) and cheapest per meg.

    While an external 2.5" eSATA or SATA SSD drive would be faster than a 3.5" HDD it would be more expensive and would wear out much faster.

    2.5" HDDs are slower than their 3.5" counterparts.
     
    Last edited: Nov 6, 2014
  7. Airtime

    Airtime Monkey+++ Site Supporter

    I concur the so called secure drive from Wal-mart probably isn't much, but I was personally thinking of I believe Kingston and similar versions. We used one of those for some proprietary documents at work that we sent to a client that as I recall claimed to have allegedly military grade encryption and we had to use a complex password. It was called the Traveler or Travels or something like that with a number like 5000 or something, not $10 cheap either. Are you saying even those lack good security? Were we just gullible regarding the claims of 256 bit AES encryption etc and it was just hype?
     
  8. sec_monkey

    sec_monkey SM Security Administrator

  9. AmericanRedoubt1776

    AmericanRedoubt1776 American Redoubt: Idaho-Montana-Oregon-Wyoming Site Supporter+

    Last edited by a moderator: Jan 25, 2015
  10. AmericanRedoubt1776

    AmericanRedoubt1776 American Redoubt: Idaho-Montana-Oregon-Wyoming Site Supporter+

    TrueCrypt, the working version, can still be obtained. Works great, no? Just discontinued abruptly as you said.
     
  11. Airtime

    Airtime Monkey+++ Site Supporter

    It was one of those or similar (just had our office assistant buy it). I recall it was Kingston and seems like it was 50-60 bucks for it and was maybe 4 gig. (not sure the docs were that sensitive, but the money wasnt that much and seemed like good PR that we took the client's IP concerns seriously.) Anyhow, I think there are reasonably secure jump drives that are easy to use.
     
  12. sec_monkey

    sec_monkey SM Security Administrator

    DataTraveler 5000
    • FIPS 140-2 Level 2 Certified
    • Secure: drive locks down after 10 intrusion attempts and encryption key is destroyed
      • Enforced complex pass protection: password is user set with minimum characteristics to prevent unauthorized access
      • Passwords never stored on device
      • Hardware designed and assembled in the U.S. [winkthumb] [winkthumb]
      • SPYRUS Suite B on Boardâ„¢
      • Elliptic curve cryptography
      • Secure channel communication
      • Digitally signed firmware updates using Suite B SHA-384 and ECDSA P-384
      • DT5000 can operate with AutoRun disabled
      • Enforces tamper-free AutoRun files
      • Fully customizable Malware scanning option(3)

    • Cryptography: Made in the U.S. [winkthumb] [winkthumb]
    • Full Privacy: 100 percent of stored data is protected by 256-bit Advanced Encryption Standard (AES) hardware-based encryption - master key recreated at logon
    • Customizable(3): preload content, full security policy customization, casing options
    • Tamper evident: tamper-evident coating/seal for physical security
    • Waterproof(4): protected against water damage
    • Guaranteed: five-year warranty with 24/7 customer support
    • Ruggedized: waterproof and titanium-coated stainless steel casing




    If this is accurate it looks great on paper. Still, you should not depend solely on "hardware" encryption.
     
  13. sec_monkey

    sec_monkey SM Security Administrator

    Yep it was abruptly discontinued. There is still debate as to what happened.

    The problem is finding something that is secure and still supports XP, vista, 7, 8, 10 and future versions which is what GH was looking for.

    8 and 10 are not supported by the discontinued version and it is unclear if any forks will support 8, 10 and any future versions.

    There are many other issues with the program and others like it.
     
survivalmonkey SSL seal        survivalmonkey.com warrant canary
17282WuJHksJ9798f34razfKbPATqTq9E7