How do I use TrueCrypt for on-the-fly encryption?

TrueCrypt creates an encrypted container that holds the file(s) you are working so that every file within the container is encrypted.

I am a big fan of encryption. For many reasons and uses, encryption is a part of my daily computing life. There are many ways to deal with encryption; you can create a file or directory of files and then encrypt the files when you are ready. But an easier way to handle this task is to do the encryption on the fly. One tool that allows you to do this easily is TrueCrypt.

TrueCrypt creates an encrypted container that holds the file(s) you are working on so that every file within the container is encrypted. You can even move preexisting files into the encrypted container so that they too will be encrypted.

TrueCrypt works with Windows 2000/XP/Vista, however, it does not yet work with Windows 7. (Editor's note: As of November 23, 2009, Windows 7 is supported.) Installing TrueCrypt is simple, and there are no other requirements for it to work. TrueCrypt is also open source, so it is free to use (but it is not released under the GPL).

This blog post is also available in PDF format in a free TechRepublic download.


  • Real-time encryption
  • Parallelization and pipelining allow data to be written as quickly as if it were not encrypted
  • AES-256, Serpent, and Twofish algorithms supported
  • Encrypts on hard drive or USB flash drive
  • Supports Windows, OS X, and Linux

Getting and installing

Installing TrueCrypt is simple. Go to the TrueCrypt download page and download the version right for your operating system. Once the file has downloaded, double-click on it to begin the installation. The installation of TrueCrypt will resemble the installation of any Windows application, so you should not have any problems installing.

Once the application is installed, you will find a clickable icon for TrueCrypt on your desktop.

Running TrueCrypt

When you open TrueCrypt, you will be welcomed by a simple main window (Figure A). In this window you will see a listing of volumes along with the Create Volume button. This button is where you begin. Click the Create Volume button to open the Volume Creation Wizard.

Figure A

The drives listed are not actual drives on your machine but drive letters available for you to associate with a container.

In the following example, we will create a new volume with an encrypted file container. This is the easiest method and allows you to place other files and directories into your container. So click the Create Volume button to open the Wizard.

When the Wizard opens it will, by default, select the Create an Encrypted File Container option. So at this window (Figure B), you need to click only Next.

Figure B

This option is the best option for new users.
The next window (Figure C) gives you the option of keeping the container visible or making it hidden. For the sake of simplicity, let's stick with the default and keep the container visible.

Figure C

The screen gives you a very obvious reason why you might want to create a hidden container file.
Click Next to move to the next window -- Volume Location. In this window (Figure D), you need to select the file that will be used for the container. Obviously, since this is the first run, there is no file already available for use. So when you click the Select File button you will not actually select a file but give the file a name.

Figure D

When you click the Select File button, the Explorer window will open where you will give your new container a name and click Save.
The next window (Figure E) asks you to select your encryption options. Here you will select which encryption algorithm you want to use (default being AES) as well as the hash-algorithm (default being RIPEMD-160).

Figure E

You can benchmark how each algorithm will affect the speed of encryption by clicking the Benchmark button. This is important if you are concerned about how the encryption will affect write speed on your machine.
Make your selections and click the Next button. In this next window (Figure F) you must define a size for your container. The size can be set in KB, MB, or GB. Make sure you give your container enough space to hold all the files you will need it to hold.

Figure F

This installation is set up on a Virtual Machine using VirtualBox, hence the pitiful amount of hard drive space remaining.
Once you have configured your necessary space, click Next. In this next window (Figure G), you need to set the password for your encrypted volume. In this window there are very detailed instructions on creating your password. This advice can be applied to creating any password on any system.

Figure G

You can also opt to use keyfiles instead of setting a password within the application.
If you do not have a keyfile already created, TrueCrypt can generate a random keyfile for you. To do this, select the Use Keyfiles checkbox and then click the Keyfiles button. When you click this button, a new window will open (Figure H) that is used to manage keyfiles.

In this window, there is a Generate Random Keyfile button. When you click the Generate button, random strings will begin generating in the window. At some point, click the Generate and Save Keyfile button. You will then be prompted to give the file a name and then click Save. Close that window and then click on the Add Files button, navigate to where you saved your random keyfile, select that file, and click Open.

Figure H

Take note of the warning when using keyfiles. If you choose this option, don't lose your keyfile!
In the next window (Figure I), you will see a random pool being generated. Move your mouse randomly within that window to generate as much of a random pool as possible and then click Format. The formatting will be quick, and you will have a working encrypted file container.

Figure I

The strength of the encryption is directly related to house much random mouse movement that occurs within this window.
With the process completed, it's time to go back to the main window. The first step is to click the Select File button, navigate to the container file you just created, and click Open. Now select a volume letter to mount the container to and click the Mount button, which will open a small window requiring you to enter the password associated with the container (Figure J).

Figure J

You can also select your keyfile for this container by clicking the Select Keyfiles button.

After you enter your password successfully, the container will be mounted to the drive letter you associated it with (in my example I used "R"). If you then go to My Computer, you will see that drive listed, ready for you to use.

Once you have saved all the necessary files to the encrypted container, you can go back to the main window and click the Dismount All button and the container will no longer be accessible. To use that same container, just go back to the mounting procedures and repeat the steps.

Final thoughts

TrueCrypt is a must-have for any fan of encryption. It makes for easy on-the-fly encryption of not only files but containers of files. It is reliable, safe, and ready to go.

Stay on top of the latest XP tips and tricks with TechRepublic's Windows XP newsletter, delivered every Thursday. Automatically sign up today!