DiskCryptor is a free whole disk encryption program for Windows. It supports encrypting internal and external drives, the system partition, and even ISO images.
A handy feature in DiskCryptor lets you pause an encryption and resume it at a later time or even on a different computer.
DiskCryptor is a free whole disk encryption tool for Windows. It's flexible, supports keyfiles, and can even encrypt ISO files. Very small download size; Installs quickly. Software Updater is a Portable, Free App That Finds Outdated Software. Disk Partitions: What They Are & How They Work.
Diskcryptor Portable Download
This review is of DiskCryptor version 1.1.846.118, which was released July 09, 2014. Please let me know if there's a newer version I need to review.
More About DiskCryptor
DiskCryptor supports a wide variety of encryption schemes, operating systems, and file systems:
- Can be installed on Windows 10, Windows 8, Windows 7, Windows Vista, Windows XP, and Windows 2000
- Windows Server 2012, 2008, and 2003 are also supported
- DiskCryptor supports common file systems like NTFS, FAT12/16/32, and exFAT
- It supports AES, Twofish, and Serpent encryption algorithms
- One or more keyfiles can be used to increase security. DiskCryptor supports using a custom file/folder and/or randomly generated file as a keyfile for added protection. If you choose this option, you don't have to create a password, though you can for even more security
DiskCryptor Pros & Cons
Aside from a shortness of official documentation, there's little not to like about DiskCryptor:
- Encrypts external devices as well as internal ones
- Can encrypt more than one partition simultaneously
- Very small download size
- Installs quickly
- Supports pausing an encryption to reboot or transfer the drive to another computer
- Custom keyboard shortcuts can be used for quickly mounting/dismounting drives
- Works with dynamic disks
- Works with RAID volumes
- Can automatically dismount volumes on logoff
- Able to encrypt ISO images to make encrypted CDs/DVDs
- Has a major bug (see #5 below)
- Not very many help files/documentation
- No update since 2014
How to Encrypt the System Partition Using DiskCryptor
Whether you need to encrypt the system partition, or one from any other hard drive, the method is nearly the same.
Before encrypting the system volume, it's recommended to create a bootable disc that can decrypt the partition in the event you can't access it for some reason in the future. See more about this on DiskCryptor's LiveCD page.
Here's how to encrypt the system partition with DiskCryptor:
Choose the system partition from the Disk Drives section.
It can be hard to see if you've selected the right drive, but since it's the system partition, it will say 'boot, sys' to the far right. If you still aren't sure, double-click the name of the drive to open it in Windows Explorer and view its files.
This screen is for choosing encryption settings. Leaving it at default is just fine, but you do you have the option to change the encryption algorithm DiskCryptor uses.
The Wipe Mode section of this screen is for clearing all the data from the drive (identical to a hard drive wipe) before encrypting it, something you certainly don't want to do for the system drive, so it can remain as None. See this list of data sanitization methods to learn about these wipe modes.
This section is for configuring bootloader options. If you're interested in this, see DiskCryptor's information on these options.
Enter and confirm a password.
The more complex of a password you enter, the higher up the Password Rating bar will go—anywhere from Trivially Breakable to Unbreakable. Refer to this indicator while you're entering a password to know if you should adjust it. Passwords can be alphabetical (upper or lower case), numerical, or a mix of both.
Selecting a keyfile on this screen will make it impossible to boot back into Windows! Whether you do or don't enter a password on this screen, if you add a keyfile, you will NOT be able to log back into Windows. If you were to select a keyfile, DiskCryptor would seemingly ignore your decision during boot up by not asking for it, which results in a failed authentication, which in turn means you can't proceed past the password checkpoint.
Keyfiles are fine to use for any other volume, just make sure you don't use them when setting up encryption for a system/boot partition.
If you're ready for the encryption process to start, click OK.
My Thoughts on DiskCryptor
Despite the fact that there isn't much documentation (found here), DiskCryptor is still very easy to use. Accepting the default values all the way through the wizard will encrypt a partition without any problems.
However, as is mentioned above, the keyfile and password combo issue is extremely important to realize. Missing that small bug will unfortunately render your files inaccessible. It's understandable that using a keyfile may not be supported when encrypting a system partition, but it'd still be very helpful if DiskCryptor either disabled the feature on that particular screen entirely, or at least displayed a warning.
There are some things I do like about DiskCryptor, though, like being able to encrypt multiple volumes at once, which is extremely useful considering the time it takes to complete just one, and allowing an encryption to be paused. When pausing an encryption, you can even remove the drive and insert it into another computer to resume it, which is really cool.
Review Diskcryptor Windows 10
Also, keyboard shortcuts to mount and dismount encrypted volumes is very handy so you don't have to open DiskCryptor every time you want to do so. These can be configured in the Settings > Hot Keysmenu.