TrueCrypt is a great utility that will allow us to encrypt our hard drives, are local, Remote, USB, pen drive, Sd… Thanks to this utility we will avoid any loss of information through theft or loss of our laptop or external media, The decryption form being transparent and fast for our users. Uses different encryption algorithms (AES, Serpent and Twofish or a combination of them). We could even create a hidden partition with a hidden operating system in case we were forced to hand over our password, to give them false information! Can be used on Windows XP/2000/2003/Vista/7, Mac OS X, Linux… Of course it is free! (but not GNU).

How to decrypt a password or a file can be used (Keyfile) whatever each one prefers, being able to decrypt the system disk when starting the computer or if we take the disk out and connect it to another computer, if you have TrueCrypt installed it would also be enough. The encryption algorithms supported by TrueCrypt are: AES, Serpent and Twofish.

We download the utility from web and we can install it to encrypt even our system hard drive or run it without installing (portable). Well, In this document we will see how to encrypt our own hard drive to prevent leaks of information (our own personal or organizational information). The installation of the application is straightforward, we open it once installed and go to “System” > “Encrypt System Partition/Drive…”

Select “Normal” to encrypt our entire hard drive, the other option would be to hide/encrypt a partition or operating system in case someone forces us to decrypt it. “Next”,

We have two options, que encripte sólo la partición de sistema de Windows o todo el disco duro, independiendo de las particiones que tenga. En mi caso al tener sólo una partición en mi HD, de todas formas la segunda opción es la interesante, para qué vamos a cifrar sólo una partición si en la otra almacenamos información sensible. “Next”,

Si queremos cifrar la parte final del disco donde puede que exista algúna partición que nos haya dejado nuestro proveedor… nothing!

Indicamos en número de sistemas operativos que tenemos instalados en el equipo…

Seleccionamos el algoritmo de encriptación y el hash para el cifrado. “Next”,

Seleccionamos una contraseña para desmontar el volumen (para descifrar) when starting the computer or when connecting this drive to another computer and wanting to retrieve information. When performing this full HD encryption and having a system partition, we will not be able to use files to store the key there. “Next”,

The typical action of moving the mouse to generate random data like salt to generate cryptographic keys with greater strength/hardness, “Next”,

These are the keys that have been generated, “Next”,

It is necessary to create a rescue disk to recover the information from the drive if needed! also it is mandatory and we will not be able to continue without this! If we have a computer without a CD burner or we don’t feel like burning it, one way to skip this process is to mount the ISO it generates using a utility that creates a virtual CD/DVD drive, and it will be accepted as OK.. “Next”,

“Accept” to generate the image,

“Next” to burn it to a CD, or in my case, I will mount it in one of those utilities.…

And that's it, make sure it is properly burned.,

Before encrypting the disk, if we want, we can clean the system., Not required, “Next”,

And now, before encrypting anything, it will perform a test to ensure there won’t be any problems., “Test”,

“OK” to accept the agreement.…

We restart the computer.…

This screen will appear when restarting,, before loading the operating system, we enter the password.…

Ok, Our system is capable of working smoothly, Click on “Encrypt” to start the hard drive encryption process.

“OK” to accept the agreement again…

…we wait depending on the capacity of our disk, from a few minutes to a few hours…

“Accept”

“Finish”,

If we open the console we can see that our hard drive is encrypted, If we're going to “System” > “Settings…”

We can change the startup message by giving instructions in our language or preventing the 'Esc' key from being pressed’ to skip decryption at startup (it wouldn't make sense as it would give us an error).

If we try restarting again we check the new message…

And from any Linux (liveCD) verá que existe una partición pero no reconocerá el sistema de ficheros ni se podrá montar libremente, con lo que conseguimos que nadie pueda obtener información de nuestro equipo!