If you can encrypt files and folders in Windows, your data will be illegible for unauthorized third parties. Only someone with the correct password or decryption key can make the data readable again.
We will explain several methods that Windows users can use to encrypt their devices and the data stored on them.
Some Windows Encryption Options
BitLocker It is the preferred and safest method, but it does not allow you to easily select and encrypt individual files and folders (you can do this by creating a file container encrypted using VHD).
The File Encryption System (SAI) is the alternative, but not recommended for super sensitive data. The third option to encrypt files and folders in Windows is to use third-party software; For Microsoft OS editions such as Windows 10 Home, it is the only option.
Encrypt Files and Folders in Windows with BitLocker
Encrypts a full volume on your hard drive (or a removable device), regardless of who has logged in. To unlock a drive that is protected with BitLocker, anyone who wants to access must enter a password or use a USB drive that unlocks the PC when inserted.
To configure Bitlocker:
- Go to the Control Panel.
- Click on System and Security.
- Click on BitLocker Drive Encryption.
- In BitLocker Drive Encryption.
- Click Activate BitLocker.
- Select Enter a password or Insert a USB flash drive.
If your reliable platform module hardware (TPM). A TPM chip allows your device to support advanced security features. For example, when encryption is only at the software level, access may be vulnerable to dictionary attacks.
- To check if your device has a TPM chip
- Press the Windows key + X on your keyboard and select Device Manager.
- Expand security devices.
- If you have a TPM chip, one of the elements should read Trusted Platform Module with the version number.
- BitLocker is available in:
- Vista and Windows 7: Enterprise and Ultimate editions
- Windows 8 and 8.1: Pro and Enterprise editions
- Windows 10: Pro, Enterprise and Education editions
- Server 2008 and later versions
- BitLocker is not available for Windows Home editions.
File Encryption System (EFS)
EFS is the Windows built-in encryption tool that is used to encrypt files and folders on NTFS drives. Any person or application that does not have the password cannot open encrypted files and folders.
The encryption process is easy but not very secure (it is possible, although difficult, for an attacker to hack the key). It is also advisable to use a secure login password that other users of your PC cannot guess.
Only available in the Professional, Enterprise and Education editions of Windows. Some experts recommend using BitLocker just because it is more secure.
However, it depends on your personal circumstances. For home users, EFS may well be sufficient protection for nosy family members.
How to Encrypt Files and Folders in Windows 7, 8, 10 (EFS)
To encrypt a file or folder:
- In Windows Explorer, right-click the file or folder you want to encrypt.
- In the context menu, select Properties.
- Click on the Advanced button at the bottom of the dialog box.
- In the dialog box Advanced Attributes.
- In Compress or Encrypt attributes.
- Check Encrypt content to protect data.
- Click OK
- Click on Apply.