Hi,
1) Should I create a File or Volume to store the 43GB file?
Completely up to you and how you feel you can best use the area. As
far as the size goes it can be either one. There doesn't appear to be
any system advantage to using the File or the Volume answer. Since you
appear to be unfamiliar with creating volumes, you might want to
choose the file option.
I installed the TrueCrypt program, and create both Volumes and Files
on my USB stick drive, my external hard drive and on my laptop. If I
were using it as you describe I would choose a file type, inside a
folder in the My Documents area, naming the file something mundane
such as 4thquarter.ppt
There is an option which does require a volume to be created (or an
external drive). This option is the Hidden Volume option, which on a
volume, creates a hidden area (not listed in the drive listing or as a
file of any type). This is a very interesting option and is described
in the Help Content of TrueCrypt.
What it would accomplish is after you create a 50 gig partition (using
Partition Magic: see your question below), you would then create using
TrueCrypt, this hidden volume area. From that point you could mount
and unmount this hidden volume, but the drive you created would always
appear empty, even though you have 43 gigs of information stored on
the drive volume.
2) The new File or Volume I create will be 50GB. Should this be a FAT
or NTFS file system?
TrueCrypt doesn't appear to care much, but there are options which
only work with FAT and not NTFS, so I would choose FAT32. Between the
two, FAT32 and NTFS in this capacity, there isn't a noticeable
difference.
3) If I create a Volume, do I need to partition my hard drive with a
product like Partition Magic and create a new Partition large enough
to store the TrueCrypt Volume? And if so, how large does the
Partition need to be to hold a 50GB Volume?
If you are going to create a volume on your main hard drive (Your C:
drive) then you are going to want to use Partition Magic. The
utilities on Windows are for use on secondary drives and new drives,
and require the drive to be formating (which of course erases all of
the information on the disk), not something you want to do on the main
drive.
4) How can I set this new File / Volume to Auto Mount upon boot up and
ask for the password?
I'm not quite sure what you are asking here. The Volume you created
would be listed on boot, but you would have to have Truecrypt running,
and mount the drive for use using Truecrypt anytime you wish to use
that area. Same goes for the file option. Either of these options
require Truecrypt to be running, and the passwords to be entered.
On the FAQ page for Truecrypt it does have this option :
Q: Can I configure TrueCrypt to start, prompt me for password(s), and
mount my volume(s) automatically whenever Windows starts?
A: Yes. To do so, follow these steps:
1. Mount the volume(s) and then select ?Volumes? -> ?Save Currently
Mounted Volumes as Favorite?.
2. Select ?Settings? -> ?Preferences?. In the 'Preferences' window in
the section 'Actions to perform upon log on to Windows' enable the
following options:
o 'Start TrueCrypt'
o 'Mount favorite volumes'
3. In the ?Preferences? window, click 'OK'.
Alternatively, if the volume(s) is/are partition/device-hosted and if
you do not need to mount it/them to particular drive letter(s) every
time, you may skip step 1 and in the 'Preferences' window in the
section 'Actions to perform upon log on to Windows' enable the option
'Mount all devices-hosted TrueCrypt volumes' (instead of 'Mount
favorite volumes').
http://www.truecrypt.org/faq.php
That worked very well on my system and was very easy to setup. Of
course you still have two log on screens to go through, the windows
login and then the Truecrypt login, but it is much better than going
through the whole process from start ... however, it is a dead give
away that 1) you have a encrypted area, and 2) you are using
Truecrypt, so it really takes away the advantages of the Hidden
Volume.
Walking through the setups for this program was very straight forward.
I don't believe you are going to have much problem with it, the
default options are enough. Something to be said about the passwords,
the program recommends that you use one that is more than 20
characters in length, and less than 64 characters. A pass phrase is
probably the best option here, since you will be typing it in on a
daily basis. Spaces are allowed, and I used something simple that I
knew I could remember "3ddi3 3ddi3 th3 cat", which I'm pretty sure no
one would guess off hand. A snatch of a song, and rhym that you like,
and change a letter to a number, such as using zero's for O's or 3's
for E's. While these are common replacements, it makes a pass phrase
like this near impossible to acquire by means of brute force.
For the encryption I would recommend the AES, as it is very good, and the default.
"In cryptography, the Advanced Encryption Standard (AES), also known
as Rijndael, is a block cipher adopted as an encryption standard by
the US government. It is expected to be used worldwide and analysed
extensively, as was the case with its predecessor, the Data Encryption
Standard (DES). AES was adopted by National Institute of Standards and
Technology (NIST) as US FIPS PUB 197 in November 2001 after a 5-year
standardization process..."
"The design and strength of all key lengths of the AES algorithm
(i.e., 128, 192 and 256) are sufficient to protect classified
information up to the SECRET level. TOP SECRET information will
require use of either the 192 or 256 key lengths. The implementation
of AES in products intended to protect national security systems
and/or information must be reviewed and certified by NSA prior to
their acquisition and use." ?
http://en.wikipedia.org/wiki/Advanced_Encryption_Standard
The last thing you want to keep in mind is that encrypted drives are
subject to corruption, and become unusable if formatted from outside
the Truecrypt program, or deleted (as files). There is no "Saving
through" other than the normal ones for deleting a file that is really
an encrypted drive area. So while this is the best way of traveling
with information you don't want others having access to on your
laptop, it is not a safe "main storage" area for files.
Working directly with the files on the encrypted drive area, is going
to be a bit slower than you are use to as well, since the files have
to be un-encrypted each time you access them and re-encrypted each
time you save or close them. Encrypted files are brought out into
RAM, so you'll want at the very least 1 Gig on that laptop. The more
the better.
Over all I found the program to be easy to use, and very easy to work with.
Thanks, and if you need some clarification on any of this, please
don't hesitate to ask.
webadept-ga |