Can you password protect a flashdrive? Hard drive?

There are utilities that can create encrypted partitions on a drive, and also there are USB drives with on-the-fly encryption built in. Check here: http://lifehacker.com/software/thumb...ive-154465.php Truecrypt is the only one I've used before but I don't know if it can do exactly what you're looking for. If you aren't much of a nerd you might want to just find and buy something with the encryption built in. Be sure to find an option that doesn't need to install anything on the host computer you use it on (i.e. you just plug it in and run whatever program off the drive itself instead of it wanting to install software on someone's computer).

You can also get flash drives with biometric technology. I have several that take a fingerprint.

trucrypt is great for my purposes, they say its secure but I have no idea really.

TrueCrypt is secure if you use a strong enough passphrase and keyfile. There is nothing to prevent someone from taking the encrypted archive and blasting away with a dictionary attack, so with a weak passphrase and no keyfile, someone may be able to decrypt a TrueCrypt archive. Unlike your online banking username and password which will lock out an account after 3 failed attempts and requires a laggy internet connection to attempt authentication, someone could throw thousands of guesses at the archive per second.

A strong passphrase with a keyfile provides a strong level of security because in combination, they take away the whole guessing attack which leaves attackers with hardly any realistic chance of brute-forcing your archive.

All of this also depends on what you are trying to secure. You don't need to spend more resources or money on security than the value of the data you are trying to protect.

"$vault" is easily guessable. Most brute force attacks will take dictionaries containing at least 100,000 "words" and then append and prepend numbers, special characters, other "words" to come up with millions of possibilities (e.g. vault, $vault, 12vault34, my0vault, etc). With modern computers, it does not take long to run this type of attack. Also, it is common for these attacks to substitute letters, so "p4s5w0rd" is just as easily guessed as "password". To mitigate this risk, passwords should be purely random.** Also, keep in mind the value of what you are encrypting. If you are carrying around 500,000 social security or credit card numbers, you better believe someone would be willing to brute force that archive for months in order to crack it open. If you are only protecting pictures of your kids and your address book, you may not need to apply the same level of protection. ** EDIT: I don't want to imply that purely random passwords are perfectly safe here, but they are better. Attacks can ignore dictionaries entirely and just start iterating through all possible printable character combinations. You'd be surprised at how quickly these can run, too. This is why security only works in layers; you need other controls in place to prevent someone from ever gaining direct access to the data.

as mentioned above, LG has a new biometric one that uses your fingerprint plus a password:

http://us.lge.com/products/model/det...HP8GNALP.jhtml

My favorite password generation algorithm is to pull letters of both cases from phrases or poems or what have you, liberally sprinkled with numbers and special characters when allowed. It's not truly random, but seemed a reasonable method. I'll probably DL TrueCrypt -- I like to protect my writing on my laptop, just because. ~ Huntsman

my truecrypt password include a random namesfrom the phone book of a country with a rare language intertwined with numbers and a word from a now extinct language and special characters. its over 20 characters long so I'm guessing they can brute force that for a while

Is trecrypt breakable only through brute force or is it somehow crackeable otherwise?

I heard the Basque seperatists used the basque language words as passwords and the authorities in France had a hard time cracking them. and despite all the jokes on france, they do NOT joke around with terrorists so they probably dumped a lot of means into cracking it.

I believe for encrypting text if you are REALLY paranoiac or like me think of these things as entertaining and cool, one time pads are the best, no one has ever been able to break them.

heres a link to a neat one I found, it seems mathematically secure.
http://users.telenet.be/d.rijmenants/en/onetimepad.htm

There is no statistical attack on TrueCrypt. The only attack that exists is what is called a "cold-boot" attack where someone would need to have physical access to the system in order to shut it down abruptly and quickly reboot the system with special software that will read the contents of memory from before the abrupt shutdown. If the stars align, the encryption keys will still be in memory. If you have other security controls in place like a BIOS password, then you would probably slow down the attacker to the point where the keys would have disappeared from memory.


One time pads are certainly very interesting, but in modern computing, they present a number of practicality issues. For example, you must carry around the key because it is impossible to remember it (key size = size of data to be encrypted, so to encrypt the contents of a book, your key would fill a book).

TrueCrypt provides many different encryption algorithms to choose from, and many of them fall into the category of unbreakable. For example, straight AES is strong enough for NSA and the US Government to use it for Top Secret and Classified data. Given current approaches, it would take decades to break this encryption even after a major advance in computing and mathematics, so the NSA feels safe using it for its most secretive data. To me, this means that if I protect my present day banking information with this kind of encryption, by the time someone is able to crack it, the data is already worthless.

And that's just straight AES. You can cascade encryption algorithms if you want to effectively double up on your protection.

At the end of the day, encryption is just one link in the chain. If an attacker wants to get your data, and he comes up against even a relatively "weak" version of encryption (say, 128bit AES, which is still horribly horribly difficult to brute force), then the attacker will find some other way. Instead of trying to get at the data "at rest" when it is encrypted, he would try to get at the data in transit or resting in some unencrypted form. Or, he would try to attack a weaker target that might share a trust relationship or common password with the encrypted system (e.g., sniff your password to StyleForum, which is sent plaintext across the internet, and then assume that password is used on other systems such as Gmail which might contain clues to getting access to the sensitive data).

It's like a locksmith told me once.. locks keep honest people honest, and slow down the bad guys. You could put a million dollar lock on a steel reinforced door, but then the bad guy just throws a brick through your window and goes right in.

I just bought two computers with fingerprint readers and I've come to love the biometric technology. I think mine use omnipass (or something like that). I'm not sure if that is some kind of generic biometric software.

It's wonderful! I particularly like the feature that allows you to swipe your finger when a password is called for. It's really convenient.

I'm not sure about your question, but I think that you can get what you are talking about.