Need to encrypt your files? Let AxCrypt or TrueCrypt do the job for you.

File encryption is a tricky business. We all have some files that we would like to keep encrypted so they are kept out the reach of others. Yet, there are so many encryption software out there. Which one should we use? Which ones can we trust? (After all, we don’t want to ensure the security of our files just to anybody.) Which ones will sufficiently help protect our files without giving is a headache? Simply put, AxCrypt and/or TrueCrypt will.

AxCrypt and TrueCrypt are both free, open source encryption tools that have not only been time tested, but are trusted as authorities in the encryption software genre. They use the best techniques when it comes to encryption, so your files are safe. Yet, they are not so overly complicated that you will want to pull your hair our learning how to use them. (Okay, TrueCrypt is a little bit complicated, but spending the time to learn it pays off.)

The reason I mention both AxCrypt and TrueCrypt in this article is because they provide two different types of protection. AxCrypt provides single-file-encryption capabilities. In other words, you will use AxCrypt to encrypt files individually; you can encrypt multiple files at once but each file is encrypted separately so when decrypting you need to decrypt each file (you can decrypt multiple files at once). TrueCrypt, on the other hand, does not provide the encrypt-single-file ability. Rather, TrueCrypt allows you to perform “group” encryption. In other words, TrueCrypt takes multiple files and puts them into an “encrypted container”; each encrypted container can hold as many files as you want, and you can create as many encrypted containers as you want. Decrypting the container gives access to all the files; you don’t need to decrypt each file individually. The differences between AxCrypt and TrueCrypt, then, is AxCrypt is intended for users that need or want to encrypt files individually and TrueCrypt is intended for those that need or want to encrypt a large number of files, such as multiple files together, whole hard drives or partitions, or even portable devices.

To put it in an analogy, think of AxCrypt vs TrueCrypt like this. Lets say you live in an apartment building. One day a crazy rabid, um, donkey escapes from the local zoo. To protect yourselves from this rabid donkey you and everyone in the apartment building have two choices. You can either go inside your individual apartments and lock the door; or you can lock the door to the apartment building. (For the purposes of this analogy lets assume the donkey cannot break down the doors nor can it get in any other way.) Either course of action will result in you all being saved from the donkey. Similarly, AxCrypt – which is analogous to locking each individual apartment door – and TrueCrypt – which is analogous to locking the apartment building door – both provide you with protection; they just go about it in different ways.

[Note: Once you encrypt file with AxCrypt or TrueCrypt, you can put the encrypted files anywhere you want, including on USB flash drives, CDs, DVDs, external hard drives, etc. Both programs can even have modes that allow you to create encrypted files that can be decrypted without having to have AxCrypt or TrueCrypt installed, making them ideal for use of encrypting files you want to take with you on the go. If you need burning software to help you put encrypted files on CD/DVD, see our review on Best Free CD/DVD/Blu-ray Burning Programs for Windows.]

[Note: Portable version of TrueCrypt requires administrator access to run. If you don’t have admin access or foresee using TrueCrypt on a computer without admin access, check out SafeHouse Explorer instead.]

AxCrypt

Since AxCrypt is designed for single-file-encryption, it primarily works out of the right-click context menu. When you want to encrypt a file select that file, right-click, go to “AxCrypt” and select how you want to encrypt the file:

(NOTE: “Key-File” is optional.)

“Encrypt” encrypts the file in question. “Encrypt a copy” makes a copy of the file in question and encrypts that copy (the original file is not encrypted). “Encrypt copy to .EXE” makes a copy of the file in question and makes an encrypted .EXE file of that copy (the original file is not encrypted). The main difference between the “Encrypt”/”Encrypt a copy” and “Encrypt a copy to .EXE” is that “Encrypt”/”Encrypt a copy” create .AXX encrypted files; you need AxCrypt installed to decrypt .AXX files; on the other hand “Encrypt a copy to .EXE” creates .EXE encrypted files; you do not need AxCrypt installed to decrypt .EXE encrypted files. (An encrypted .EXE makes it easier to share the file with other people who may not have AxCrypt installed; keep in mind, though, most e-mail services block the sending of .EXE files as attachments.)

While AxCrypt is an individual-file-encryption tool, AxCrypt still allows you to encrypt multiple files at once. To do this, just select multiple files or select a whole folders (in which case all files in the folders will be encrypted) instead of selecting a single file. If you do select multiple files/folders, keep in mind that the same password will be used to encrypt each individual file.

Once a file has been encrypted by AxCrypt, the file looks something like this:

If you want to view an .AXX encrypted file, but not decrypt it, all you need to do double-click on the file to view it; you will be asked to enter the password:

If you enter the right password, you will be able to view the file. Once you are done viewing the file and you close it, the file is automatically re-encrypted.

If you want to decrypt an .AXX encrypted file,  you can do that too; just right-click it and select “Decrypt”:

You will, of course, be prompted to enter a password and if you get it right the file will be decrypted.

Similar to how you can encrypt multiple files/folders at one time, you can also decrypt multiple files and folders at one time. If the files were encrypted with the same password you will only have to enter the password once and all the files will be decrypted one at a time; if the files were encrypted with different passwords, you will be prompted to enter the password for each file.

Decrypting an .EXE encrypted file, on the hand hand, works a bit differently. For an encrypted .EXE file, you never decrypt the actual encrypted .EXE file. Rather, when you go to decrypt an encrypted .EXE, you create a decrypted copy of the file – the original encrypted .EXE file stays put. To decrypt an .EXE all you need to do is double click on it, enter the password…

…select where you want to save the decrypted file, and viola.

In terms of security, AxCrypt uses 128-bit AES for all encryption, so it is very secure. In addition, it securely shreds and deletes all files after they have encrypted/re-encrypted to make sure no one is able to get their hands on the decrypted files that you were viewing; you also have the ability to manually securely shred and delete files as you can see from the screenshots I presented above. (Admittedly, though, the developer of AxCrypt does not really specify what algorithm is being used to securely shred and delete files.)

Last but not the least, the AxCrypt is also comes in a portable, standalone version (you need to download the installer .EXE and during the installation you will be given the option to extract the portable, standalone version). However, this portable, standalone version is in the Alpha stages, so I would not recommend you use it just yet.

TrueCrypt

TrueCrypt is a bit more involved and complicated than AxCrypt, but in return it also offers a lot more complexity and flexibility than AxCrypt. Like already mentioned, TrueCrypt works with encrypted containers as opposed to encrypted files. So, to get started with TrueCrypt you must first create a TrueCrypt volume. To do that you need to run TrueCrypt and click “Create Volume” from the main program window. You then need to decide what you want to encrypt:

As you can see from the above screenshot, you have three basic options. You can create a simple encrypted file container, encrypt a whole non-system partition/drive (including portable devices like flash drives), or encrypt the whole system partition/drive. For the purposes of this article, I will only go over the basic features of TrueCrypt (however I will provide a link to an extensive tutorial which you can read to learn about all the nooks and corners of TrueCrypt); the most basic option is the encrypted file container so I will discuss how to create and use that.

Once you select the “Create an encrypted file container” and click “Next”, you need to select if you want to create a standard TrueCrypt volume, or a hidden one:

Again I am only discussing the basic features of TrueCrypt so I will talk about the standard volume. After you select the standard volume and click “Next” you are asked to pick where you want to save the volume:

After you have select the location to save the volume and clicked “Next”, you are given the option to select which encryption and hash algorithms you want to use to protect your volume:

For encryption algorithm you can select from AES, Serpent, Twofish, AES-Twofish, AES-Twofish-Serpent, Serpent-AES, Serpent-AES-Twofish, or Twofish-Serpent. For has algorithm you can select from RIPEMD-160, SHA-512, or Whirlpool. For most people the default AES and RIPEMD-160 will do just fine.

After you have select the algorithms and clicked “Next”, you need to specify the size of the encrypted volume:

The size you enter will determine up to how many files  the encrypted volume will be able to hold (i.e. if you set it to one MB, it can hold two 500 KB files, or four 250 KB files, or five 200 KB files, etc.).

After you have set the size and clicked “Next”, you need to set the password for the volume:

After you have set a password and clicked “Next”, you are ready to actually create the volume:

You have the option to change the filesystem and cluster, but for must of us we should leave it at the default settings. Note that you also have the option to make the volume “dynamic”. A “dynamic” volume is different more a non-dynamic volume in the sense that a non-dynamic volume will always take up the total amount of space on your hard drive that you specified two steps earlier; a dynamic volume, however, will only increase in size as you add more files and when it is totally filled it will take up the total amount of space on your hard drive that you specified two steps earlier. Dynamic sounds better, obviously, but dynamic volume also perform worse and are less secure.

Once you are ready, hit the “Format” button and your encrypted volume will be created (it may take a little bit of time depending on how large you made the volume). Once the volume has been created, you are ready to start placing your files in it.

TrueCrypt volumes work similar to how hard drive partitions work; you mount the volumes when you want to access the files in the volume or add/remove files from the volume. When you are done, you unmount the volumes. So, to mount a volume you need to go to TrueCrypt’s main program window, select a drive letter, load the encrypted volume you want to mount, and hit “Mount”:

You will be asked for the password for the volume…

…and after you enter it and hit “OK”, the volume will be decrypted and mounted. Once a volume has been decrypted and mounted, either double-click on the volume from TrueCrypt’s main program window, or go to My Computer and double-click on the volume from there; the volume is then displayed to you:

When the volume opens up, you can can view/edit/add/remove and interact with the volume just like you would a folder on your desktop. In other words, cut and paste files into there if you wish, create new files in it if you wish, edit any existing files if you wish, delete any existing files if you wish, etc. Keep in mind, though, you can only have as many files in the volume as the size of the volume permits. Once you are done interacting with the volume and would like to re-encrypt it, go back to TrueCrypt’s main program window, right-click the volume and select “Dismount” (or hit the “Dismount All” button). Once the volume is dismounted, it is automatically re-encrypted and all the files inside the volume are safe – no one will be able to access the files without first decrypting the volume which they would need your password to do. (TrueCrypt is very secure.)

As I already mentioned, TrueCrypt has many features, many of which I did not discuss in the article. TrueCrypt is truly much too complex to discuss in one simple article. The bright side, though, is that the developer of TrueCrypt has very extensive and useful documentation which users can read if they want to learn all the tricks of TrueCrypt.

Final Words and Download Links

Just like how you can lock both the individual apartment doors and the apartment building door in the analogy I stated at the beginning, you can use both AxCrypt and TrueCrypt together to provide double protection for your files, if you wish. However, even alone each software provides you with ample encryption needs and will help you keep your files for-your-eyes-only. Which one you use totally depends on your needs and desires; both are terrific and well worth the download. Personally I am an AxCrypt user, and prefer its simplicity over TrueCrypt – how about you? Feel free to share in the comments below.

You may download AxCrypt and TrueCrypt from the following links:

AxCrypt

Version reviewed: v1.7.2126.0

Supported OS: Windows 2000/2003/XP/Vista/2008/Win7

Download size: 1.5 MB

AxCrypt homepage

[Direct download – 32-bit]

[Direct download – 64-bit]

TrueCrypt

Version reviewed: v6.3a

Supported OS: Windows 2000/XP/Vista/Win7, Mac OS X, and Linux

Download size for Windows: 3.2 MB

TrueCrypt homepage

[Direct link to download page]

[TrueCrypt documentation]

Share this post

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

35 comments

  1. Pingback: [Windows] Clean, optimize, and manage your computer with Ashampoo WinOptimizer, a program with over 20 different tools and features | Reviews, news, tips, and tricks | dotTech

  2. Pingback: [Windows] Encrypt files using 11 encryption algorithms with 1-abc.net File Encrypter

  3. Pingback: [Windows] Encrypt files using 11 encryption algorithms with 1-abc.net File Encrypter | Reviews, news, tips, and tricks | dotTech

  4. Pingback: [Windows] Create encrypted CDs, DVDs, and ISOs with idoo Secure Disc Creator | Reviews, news, tips, and tricks | dotTech

  5. Safe and Sane

    Truecrypt really is useful and I’ve been a happy user for years (and years).

    Back before the 7zip format, Axcrypt was, too. Now that you can get 256 AES encryption with your archiving program, though, (and ANY archiver using 7zip’s format *can* do this), Axcrypt is (pretty much) irrelevant.

    There IS one great feature of the Axcrypt website, though, and that’s their online password generator. Sure you can let Keepass generate one for you but the advantage here is that they are all quite easy to remember. I use it all the time; combining parts of several into easily remembered codes.

    http://www.axantum.com/Xecrets/PasswordGen.aspx

  6. Godel

    If you don’t have AxCrypt, remember that 7Zip and Zip Genius can encrypt their archives if you chose to do so. Just right click on your file, select “add to archive” and look for the encryption boxes on the lower right of the 7Zip window.

  7. Raul

    Yup, Emrys is right. TrueCrypt messed up my encrypted folder on an external drive once. That folder can not be decrypted any more even though the ext. drive itself works just fine. Bing or google to find similar stories.

  8. tony

    Hi,
    I installed Axcrypt on a new win.7×64 notebook and opened an Axcrypted file (microsoft

    Word) fine, but after I closed it (exited Axcrypt) and if I tried to reopen it then I have

    this problem: ” the process can not access the file because it’s being used by other process,

    you or someone else have it opened already” Do you want to open… as a read only

    instead…” There was no other opened program in my laptop. I have NO above problem in my

    desktop win.XP though.

    Can anyone help
    Thanks

  9. Jeremy Stewart

    @Rahul: if a donkey or other gets that far, you’ve got more pressing issues to deal with! files are files…if it can be deleted, the only thing to prevent it would be permissions/security implemented at the OS level. usb drives would be a loss unfortunately.

  10. TC

    One thing I dislike about Axcrypt is that it only supports 128bit encryption.  I know they claim it to be secure, but why not use 256bit?  His excuse for not adding it is that he is working on the x64 version of the program… but how hard can it be to add an open source 256bit aes… its not like he has to write the encryption code himself, as its already done.
    I’m guessing he has some other motivation behind not adding it.  By the time he adds it, it will be outdated.

  11. Rahul

    hi ashraf,
    your reviews are always very informative.
    I wanted to know one specific thing among AxCrypt, Truecrypt and SafeHouse explorer. Once a file is encrypted by these, is there any way to prevent it from getting deleted ? If lets say a rabid but computer literate donkey gets on my computer or usb drive and discovers some encrypted files, and tries to delete them, i would at least want some protection from that.
    thanks,
    Rahul

  12. Andrew

    Dear Ashraf,

    I have 500GB SATA hard drive which stores all my data: docs, xcl, photos, videos, etc. I use external enclosure and connect to laptop using USB port.

    I does not partition it into multiple partitions. Only 1 partition, the entire size which about 488GB.

    How do I encrypt the hard drive usinf TRUECRYPT, without format it? Should I used 2 500GB HD in 2 USB enclosures?

  13. jefri12

    Hi Ashraf
    I may recommend you following excellent alternatives:

    DiskCryptor: http://diskcryptor.net/wiki/Main_Page/en , this little program (< 1 MB) can encrypt individuals partitions and whole disks, also can encrypt CDs and DVDs (through an image ISO  encrypted that later can be burned), it is very fast and optimized for most recent proccessors.
    SafeHouse Explorer: http://www.safehousesoftware.com/SafeHouseExplorer.aspx , this portable program can create encrypted volumes as TrueCrypt and FreeOTFE but it doesn’t need administrative privileges.

    Both programs are free.  :)
    Bye
    Jefri

  14. IT3

    Thank you Ashraf for two great free programs.  I have been using TruCrypt from a previous recommendation by you but I am now going to also use AxCrypt for individual files or folders.
    Big thumbs up!

  15. Harlan

    I have used AxCrypt for several years primarily to encrypt keyfiles. I can store an encrypted copy of a keyfile on the same computer as my encrypted data file, as a backup in case the UNencrypted keyfile on the USB drive that I carry around with me gets corrupted. I’ve never had a problem with AxCrypt. I have installed the newest version, and I also see no difference from the 1.6.4 version. Note that the developer pushes a separate paid security service that has nothing to do with AxCrypt. Omziff from xtort.net is another option, freeware but not open source.
    TrueCrypt, though, is the real gem. It’s easy to install and set up: just ignore all of the options and accept the defaults; the only thing you need to decide is the size of the file. I think a keyfile is useful, but it can be added later when you have time to understand how they work (which is pretty simple). In addition to providing seamless, no-effort file protection, TrueCrypt can encrypt your entire disk or active partition. That means that not only are your data files encrypted, but all of the temporary files that Windows and Windows programs create are also fully protected. Another advantage is that your files are never unencrypted except in memory, unlike file encryptors like AxCrypt, which store unencrypted files on the hard drive, at least temporarily. TrueCrypt also implements a number of steps designed to protect you from revealing data even if malware such as a keylogger is installed on your system.
    You must backup your data, either the individual files or the TrueCrypt container, or both. But you do backups anyway, right?

  16. Ashok

    @Frank: You are right. I had issued with a Truecrypt volume and lost all my files within that container. The container became corrupt so nothing could be done. It did not accept the password, could not even mount it so left bad taste in my mouth. Perhaps, rare but I am a living example of that loss :(

    Axcrypt sounds good. One question: when encrypt/decrypt does the timestamp on file change or the original timestamp is retained? This is important since my automated backup kicks in every night and with a new timestamp, all files will get backed up all over again, albeit nothing would have changed (ie convert an entire folder of axcrypted files back to normal unencrypted files).

    I also toyed with double zipping i.e. zip a folder, password protect it, then zip it a second time with another password so now nobody can open the zip or see the listing of files inside. Zip is standard technology. For security freaks, you can axcrypt files first and then ZIP them to avoid anybody knowing file names within the folder.

    I always wonder how the windows indexing will deal with that? Can I still find a file except its just an .axx type now?

  17. annie

    I’ve been using AxCrypt for a number of years to encrypt text and Word documents, and have encrypted everything from tiny files to huge folders, no problem.

    I now use it a lot on my laptop, or on the desktop if my husband’s relatives are coming to stay (!).

    I paid for AxCrypt a few years ago, and get regular notification of updates.
    It’s great, and has been very reliable.

  18. Ashraf
    Author/Mr. Boss

    @Frank: You don’t wanna know.

    @ATW and @jumbi: Cool – thanks for the suggestion.

    @o(o.o)o: I actually just got upgraded to 1.7.x thanks to this article – I didn’t notice it before I sat down to write this. That said, I really don’t notice that big of a difference at all.

     

  19. o(o.o)o

    Just noticed via this thread that axcrypt has upgraded from my intalled 1.6.4.4 version to 1.7.x. Can anyone post a link to the full changelog pls?
     
    To be on-topic, I personally like FreeOTFE as well. The good thing about it is that it fits my setup quite nicely since it doesn’t need admin rights for program usage so I could just put a copy of portable FreeOTFE Explorer and the encrypted container file on a USB that I carry along whenever needed.

  20. jumbi

    @Frank: nice point!
    I am using both of them indeed, but I find finally myself more involved with axcrypt as I use it quickly to any computer I share critical data (eg through dropbox shared documents).
    I also use OTFE because it has not only a “portable” explorer style version but a pocket pc version as well, so for critical data I need to have also in my windows mobile phone, a have a small (fat 32) volume file, syncronised automatically.
    I think its also less complicated that truecrypt for the average user.
    http://www.freeotfe.org

  21. Frank

    what the hellis a rabid donkey?
    Will it eat my files? If so  – only the ones Axe-crypted or True-crypted?
    Questions, questions, questions.
     
    Frank
    P.S. Truecrypt is really great. Using it for years. You just need to be aware of a performance degrade when using it. AND EVEN MORE IMPORTANT: BACKUPs!! Chances to rescue data from a broken encrypted drive are pretty small…