LOGO

Portable File Encryption Tool - Secure Your Private Files

September 5, 2011
Topics:InstallationFilesControl Panel
Portable File Encryption Tool - Secure Your Private Files

Protecting Your Data with FreeOTFE: A Portable Encryption Solution

If you frequently work across multiple computers, transporting data via a USB flash drive is a common practice. Wouldn't a convenient, portable method for securely storing and accessing your private files be beneficial?

Previously, we explored using TrueCrypt for data protection on USB drives. However, TrueCrypt’s Traveler Disk mode necessitates administrator privileges on the host computer.

Introducing FreeOTFE: An Alternative

We’ve identified another program, FreeOTFE, capable of creating encrypted volumes comparable to those generated by TrueCrypt. Like TrueCrypt, FreeOTFE offers a portable mode that temporarily installs necessary drivers, requiring administrator rights for initial execution. However, a key advantage of FreeOTFE lies in its FreeOTFE Explorer program, which functions without administrator privileges.

FreeOTFE Explorer doesn’t install any drivers and provides a limited interface for accessing files within your .vol file. It doesn’t assign a drive letter to the volume, meaning files must be extracted before they can be opened.

This article focuses on utilizing the main FreeOTFE program. The FreeOTFE Explorer is relatively intuitive. Both versions are interchangeable, and .vol files created for storage are compatible with both FreeOTFE and FreeOTFE Explorer.

Downloading and Initial Setup

Download both FreeOTFE and FreeOTFE Explorer from freeotfe.org.

Running FreeOTFE requires administrator rights. Right-click the FreeOTFE.exe file and select "Run as administrator" from the context menu.

Important Note: If you lack administrator rights, utilize the FreeOTFE Explorer program instead.

If the User Account Control dialog appears, click Yes to proceed.

Note: The appearance of this dialog box depends on your User Account Control settings.

FreeOTFE temporarily installs drivers to function. Confirm the driver installation by clicking Yes on the subsequent dialog box.

Note: Upon exiting the program, you'll be prompted to uninstall these drivers. No permanent system changes are made.

Choosing not to run in portable mode will display a dialog box indicating where to find instructions for manual driver installation. FreeOTFE requires these drivers to operate (FreeOTFE Explorer does not).

If you didn't launch FreeOTFE with administrator privileges, a dialog box will appear. The program will open, but functionality will be limited. Exit and relaunch using the "Run as administrator" command.

Creating a New Encrypted Volume

Once FreeOTFE is open, click "New" to create a new volume file for secure storage.

The Volume Creation Wizard will guide you through the process. Click "Next" to continue.

Select "Volume file" to create a portable volume, or choose to encrypt a partition or entire disk. For this example, we're creating a Volume file. Click "Next".

To specify a name for your volume file, click "Browse".

Navigate to your desired save location, enter a filename, and click "Save". We recommend storing the volume file within a "Volumes" folder alongside the FreeOTFE program for easy portability on a USB drive.

The full path to the volume file will be displayed. Click "Next".

Enter the desired volume size and select the appropriate unit (bytes, KB, MB, GB, or TB).

The next screen presents security options. Accepting the default settings is generally sufficient for most users. Click "Next".

FreeOTFE uses random data during volume creation. Microsoft CryptoAPI is selected by default. For enhanced security, consider selecting "Mouse movement" to generate additional random data. While this adds time, it strengthens security. Click "Next".

If you chose mouse movement, a screen will appear prompting you to move your mouse within the designated area until the required random bits are generated. Click "Next" when complete.

Enter your desired password in both the "Password" and "Confirm password" boxes. Avoid pressing Enter, as it may be included in the password. Click "Next".

A summary of your settings will be displayed. Select "Mount volume after creation" for immediate access. You can also specify a drive letter under "Advanced".

Clicking "Advanced" allows you to select a specific drive letter. Choosing a less commonly used letter can ensure consistency across different computers. Click "OK".

Return to the summary screen and click "Finish" to create your new volume.

A dialog box will advise you to format the volume and overwrite free space. Click "OK".

To format the volume, select it in FreeOTFE and choose "Format" from the "Tools" menu.

Accept the default formatting options, enter a volume label, and click "Start".

A warning will appear indicating data loss. Since the volume is new, this is acceptable. Click "OK".

Click "Close" on the formatting completion dialog.

To overwrite free space, select "Overwrite free space" from the "Tools" menu.

Choose the type of random data. We recommend the more secure "Encrypted data" option with AES (256 bit XTS) encryption. Click "OK".

If you selected "Encrypted data", a random data generation screen will appear. Move your mouse within the box until the required bits are generated. Click "OK".

A confirmation dialog will warn you about the time required for overwriting. Click "Yes".

A progress dialog will display the remaining time.

Click "OK" on the completion dialog.

If you chose to mount the volume, it will appear in the FreeOTFE window and in Windows Explorer.

Note: FreeOTFE Explorer does not mount volumes with drive letters; mounting occurs within the Explorer program itself.

You can now copy, paste, open, and edit files within the encrypted volume.

Note: When using FreeOTFE Explorer, files must be extracted before opening and securely deleted after re-importing changes.

Dismounting and Advanced Options

To dismount the volume and secure your files, click "Dismount". Ensure all files and windows accessing the volume are closed. Forcing a dismount is generally safe if this is done.

To change the password or volume details, select "Change volume/keyfile password/details" from the "Tools" menu.

Customize FreeOTFE's behavior through the "Options" menu (View > Options). Saving these settings to a file ensures portability.

The Options dialog allows associating .vol files with FreeOTFE, but this feature may not function reliably. We recommend using the "Mount file" button within FreeOTFE.

Use the "Open" option to locate and mount your .vol file.

Enter your password in the "Key Entry" dialog. You can also use a keyfile. Click "OK".

Confirm the drive letter assignment.

To copy FreeOTFE to your USB drive, select "Copy FreeOTFE to USB drive" from the "Tools" menu.

Note: Storing volumes in the FreeOTFE directory simplifies portability.

Select your USB drive and choose whether to set up autorun. Click "OK".

To exit FreeOTFE, select "Exit" from the "File" menu.

You'll be prompted to shutdown portable mode, uninstalling the temporary drivers. Click "Yes".

With both FreeOTFE and FreeOTFE Explorer, you can securely transport and access your private files on any Windows computer, regardless of administrator privileges. Refer to the PDF manuals for detailed information on advanced features.

#file encryption#portable security#data protection#private files#secure storage