Helping people with computers... one answer at a time.

Keeping data on your computer secure is important. Being able to password protect a folder seems an obvious approach. Unfortunately it's not that simple.

Can I put a password on a folder so that only I can see its contents?

Yes and no.

You can do something similar to password protecting it using Windows security features. It depends, though, on using the computer the "right" way. On top of that, I actually don't really recommend it. If you have something that you want to password protect and keep secure, I recommend a slightly different approach.

Windows allows you to place restrictions on who can do what with a folder, or even a file. In Windows Explorer, right click on a folder and Properties, and then click on the Security tab:

Security Properties Dialog

Here you can see the properties of a folder on my machine called "books".

Here you can control who has access to that folder. The default way my machine is set up, everyone can examine the contents of that folder. I can remove that and further restrict on an account-by-account basis which users can access that folder, and whether they can modify, read or even see the folder contents.

It's actually very powerful, if a tad complex.

However, it's based on Windows user accounts. Thus if you give your own account full access to the file, as I assume you would, then anyone that can login to the machine as you can immediately access the file. There's no real password on the folder, it's your ability to login to Windows using your login password that controls your access to the file.

"The approach I prefer, and in fact use myself, is to use the free open-source tool TrueCrypt."

And since it's based on Windows user accounts it assumes you're actually using different user accounts for different people. It's very common for that not to be the case.

The approach I prefer, and in fact use myself, is to use the free open-source tool TrueCrypt.

With TrueCrypt, you create a single file on your computer's hard drive that is encrypted. If someone looks at that file all they see is random data - there's no way to know what that file contains.

Once you "mount" that file using TrueCrypt, and supply the correct password or pass-phrase to unlock it, the contents of that file appear as another drive on your system.

For example, I might have a file "c:\Windows\secretstuff.tc". There's nothing you can do with that file without TrueCrypt and the password to the file. Since I know the password, I can mount it using TrueCrypt and suddenly a new drive appears - say "P:". That drive then contains all my protected files. I can change them, update them, delete them - whatever. Once I'm done, I can hide them all again by simply unmounting the TrueCrypt drive.

It's both simple and elegant.

And it's not tied to Windows, user accounts or anything else. In fact, you can copy your encrypted file to another machine entirely and mount it with TrueCrypt. Even using other systems such as Linux.

And while any encryption is vulnerable if you pick a bad password, the actual encryption algorithms used by TrueCrypt are "industrial strength" and nearly impossible to crack with current technologies.

Article C2850 - November 23, 2006 « »

Share this article with your friends:

Share this article on Facebook Tweet this article Email a link to this article
Leo Leo A. Notenboom has been playing with computers since he was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed. After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers to common computer and technical questions. More about Leo.

Not what you needed?

60 Comments
Dimuka
November 24, 2006 8:19 PM

Hello! Well I must remember who is interested that Mic$ has "MY PRIVATE FOLDER" that just work as directory password-protected.
Regards. Vic > http://pwp.netcabo.pt/vicvalle/

Nicole
December 6, 2006 2:22 AM

Microsoft has removed My Private Folder. The application is no longer available. See the article in PCMag "Microsoft Kills Off 'My Private Folder' App" > http://www.pcmag.com/article2/0,1895,1989425,00.asp
However, you still can use third-party apps like Folder Password Expert > http://www.folder-password-expert.com

pappysmurf
March 24, 2007 7:42 PM

Of course you can password protect a folder and without 3rd party software. It's not as easy as it should be but then it's not that hard either. Right click on the folder you want to password protect and click "send to" and then "Compressed (zipped) folder". Pick where you want the file to be. I generally choose the folder the original folder is in such as desktop. Once the compressed file is made, right click on it and click "explore". In the window that opens, click "File" and then "Add a Password". Follow the prompts and then delete the original folder. You will only be able to access the zipped folder with a password. It would be nice to be able to do this without having to compress the folder but therein lies the constant room for improvement that drives us all through the digital world.

Richard
April 12, 2007 11:26 PM

I recommend to just hide your files and folders using Universal Shield or Lock Folder XP:
http://www.everstrike.com/

Kiskis
October 12, 2007 6:01 PM

I have a USB drive, pen drive, whatever you call it. I need to password protect a folder, insert all kinds of data into that folder, so all my data is password protected through the main folder. And I will need to use those files on a bunch of PC's, so no 3rd party SW can be used. Can anyone tell me how I can accomplish this?

Leo A. Notenboom
October 14, 2007 4:45 PM

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Look into what's called "Traveller Mode" for Truecrypt.

There's no way to do what you want natively in Windows and have it be able to
travel from machine to machine.

Leo


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)

iD8DBQFHEqowCMEe9B/8oqERAs2AAJ437lQymXlAxvJcLEdOaQN2Fg3hjgCgjq8S
7jd+Oi3jI2AFjHrlTlrExsg=
=+89g
-----END PGP SIGNATURE-----

William Sambora
January 5, 2008 5:34 PM

I use Privacy Monkey ( www.privacymonkey.com), it does the trick.

non-techy
March 11, 2008 6:36 AM

I think using windows features to paasword protect a file(s) is ok, but there is always work arounds on stuff created by microsoft. I agree with Leo that a third party SW is the best security you can get. Hopefully it not packaged with a trojan/worm. :)

Viktor
April 21, 2008 10:57 AM

In my opinion it is the best program - easy in management and powerful, at that it also free-of-charge, the easy interface:
http://depositfiles.com/files/4888204

Leo
May 14, 2008 6:06 PM

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

That's the article you just posted this comment on.

Leo

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)

iD8DBQFIK4ynCMEe9B/8oqERAoK3AJ49aYGGZaoTXhdSMkQGIPVkmacj+wCeOMuv
avRWFZNB9MyhpQpebtIAMuc=
=+BcQ
-----END PGP SIGNATURE-----

Gary Gordon
June 24, 2008 5:54 AM

My situation is just a tad different and I was hoping you might have a recommendation for me.

I have some online web forms that collect data from users that will out the forms. The information is then stored in a particular folder on a web server. I need the web forms to be able to write to the folder .. so the data can be saved, but I don't want anyone (that either doesn't have the appropriate permissions or a password) to look into the folder. So it needs to be able to write to the folder from my web forms, but it needs to prevent anyone that doesn't have permission to even look into the folder.

Any thoughts on the best way to handle this?

Thanks,
Gary

Leo
June 24, 2008 5:52 PM

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Depends on the server type, but that's typically done with
simple account-level security. Set the permissions so that
only the account running the web form can read or write to
the file.

Alternately, if the data is highly sensitive, you could
encrypt it witgh public key encryption, making sure that the
decryption key is not kept anywhere on the server.

Leo


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)

iD8DBQFIYZbACMEe9B/8oqERAn5QAJoD1qvoRemGHvh544gcX+6VgrW4UQCfdtWr
Bl/VDZ6VMYeZxl5OvC3DMsU=
=xgvO
-----END PGP SIGNATURE-----

Essam
July 29, 2008 6:15 AM

just remember that the restrictions are not applicable on a FAT drivers but on NTFS drivers

thx for this great site.

Ronald Rodrigues
September 6, 2008 11:38 PM

Guys, try this link. It has help on how you can protect your folders without a third party software...

http://technocrawl.wordpress.com/2008/08/25/lock-your-folder-without-using-3rd-party-softwares/

John Gerald
October 9, 2008 2:52 AM

Hi,

I dont know what really happened to one of my personal folders in my computer in the office. All my private stuffs are there. All of a sudden it was unaccessable. I can't open nor delete it. What I know is that only the Administrators can do that.

I have certain files there, that is very confidential. Im thinking of making a new folder, and then putting there the unaccessable folder and put up a password or do i have any options to keep it from being accessed.

Could I use the TrueCrypt?

I hope you could help me, as soon as possible.

Thank you very much.

Roland Sanchez
November 11, 2008 2:52 PM

better use winsesame. you can download winsesame at http://www.aragonsoft.com/en/winsesame/

Peter
November 14, 2008 6:39 AM

ye winsesame is good but it's a pity that the free version is so limited. maybe ask to the publisher if he can make an effort...

Robert ...ski
November 23, 2008 6:07 PM

Leo, how can I uninstall TruCrypt? After installing this software I realized that it is not what I was looking for. I deleted it from my comupter (or so I thought) and performed a system restore function, but I am still missing 100 GB from my C drive, which I allocated for this function. I would like to have that space back in the C drive. Please advise on how I can get it there. Thank you - Robert

My guess is that you created a TrueCrypt container after you installed TrueCrypt. Simply track that down and delete it.
- Leo
24-Nov-2008

John
November 27, 2008 9:36 AM

Hello All! MyFolder is a free program to password-protect and hide your folders. You can download it here http://virtual-protect.com/myfolder.aspx

HydraH
January 19, 2009 4:46 AM

All this is good, True Crypt does give security. But the True Crypt file itself is vulnerable: if the file is in the My Documents folder, say data.tc, anyone can see its there and delete it, and with that, all the data is also lost, isn't it? So is there any way to prevent a person who has physical access to the system to be unable to see or delete a particular file (except for formatting, where everything is lost)?
Thanks.

Not really. If someone has physical access all bets are off. This is why the single file is also very hand: it's extremely easy to back up, and should be backed up regularly.
- Leo
19-Jan-2009

john neeting
January 21, 2009 6:38 AM

Truecrypt is indeed the most secure container as Leo said. It uses military grade blowfish 256 [ 128 ] des encryption to format an area on the hard disk. It uses next to nothing in resources, is totally transparent and mounts/unmount's in a flash. The only fly in the ointment is if you decide you no longer need the 'container' wiping it off the HD will only render that portion the container used - unreadable since it now has no regular format. Effectively, it is lost HD space unless you reformat that section with a utility and then either give it a drive letter or use something like partician magic to reclaim that bit of HD.
I have been using TC for yonks to store my invention circuits and even if I decide to wipe it out [ the files NOT the container ] the space is still there to use even if it doesen't HAVE to be encrypted. It would just mean I have to mount this drive with TC to use it for anything else. Since TC can be used on ANY drive [ rewritable DVD or stick drive ] and you think there will come a time when you don't need a TC file - make the container on a 4-8 -16GB stick drive and just plug it in to a USB slot. This makes the files ultra safe as the stick can be removed and stored elsewhere in case the PC does a flame out and trashes the hard drive totally [ happen to me once ].

Pradier
February 13, 2009 1:17 PM

it seems that the protocol used by winsesame is beter than truecrypt and a professional version has a function to protect against deleting the folders protected by the program a sort of UAC protection for this sort of documents. this program has also diskweeper and memoryweeper functions. good for paranoia.

Will
February 22, 2009 12:52 AM

John
If you delete a TrueCrypt container file once it is dismounted then you do not lose that space on the host filing system. Even a container file sits within the filing system and Windows treats it like any other file whether it's encrypted or not. So deleting it is no different to deleting any other file.
Will

Georges
March 5, 2009 10:51 AM

Yes in fact winsesame is the best soft for password protect folers. It works on external drives usb flash drives or network. The folders can be send by email attachment. This soft can be downloaded from the site http://www.winsesame.com
There is a free version for folders less than 1Mb which is enough for everyday use.

Ant
April 5, 2009 5:15 PM

Leo, Is what Johns saying above about lost HD Space correct with regard to Truecrypt?

It's unclear exactly what his point is.

If you delete a TrueCrypt container, that space is returned to the filesystem.

If you delete files within the container, that space is returned to the available space within the container.
- Leo
06-Apr-2009

Santu
April 20, 2009 1:51 AM

I have two queries

1) If i uninstall truecrypt then will anyone will be able to access the folder.

2) Can i encrypt the folder and store in my portable Hard disc or Flash drive etc.

N.B- If i want to view encrypted folder in a new machine i have to install the s/w in that machine

1) No. Your encrypted containers remain encrypted. Without Truecrypt installed even you will not be able to access them. 2) Absolutely, I do this all the time. NB) Check out the truecrypt documentation, they have a way to install on a portable drive.
- Leo
21-Apr-2009
RK
April 23, 2009 1:36 PM

You may also use WinRar to zip the folder and encrypt using password.

Zvonko
June 23, 2009 11:24 AM

The Folder Shield is an ideal way to accomplish this feat. You simply do not see the folder until you request it with a password. Unfortunately the Vista version is not out yet.

Ben
September 12, 2009 2:02 PM

Do you have any solution for adding a password to access the internet or to open a folder? It's a shared computer at work that I want to prevent free access to the internet without restricting access to sites once enabled. Also something similar for a folder that any file could go into and only be opened by password. I only know of password protecting a Word document.
Thank you

chakri
October 12, 2009 9:26 PM

hi...i deleted my file container created in truecrypt........wht shud i do now

Start over?
Leo
13-Oct-2009

Roadhousepsych
November 24, 2009 10:10 AM

With TrueCrypt can you also password protect pictures? >jpg or??? If not is there a program that hides them from little eyes?

With Truecrypt you create an encrypted container, and into that container you can put whatever you like.
Leo
26-Nov-2009

jpChris
November 24, 2009 3:28 PM

Hi Leo,

I've been using a program (free) called "Cloaker" by Bill Sergio, since about 2 weeks after dirt was invented. It's extremely simple to use and adds itself to the right-click menu. Just right click a file or folder and you can cloak it or uncloak it.

As a test, I cloaked a folder and copied it to another HDD that didn't have Cloaker. I installed Cloaker on the new drive and it uncloaked the folder from the other drive.

Very simple.

Glenn P.
November 24, 2009 11:01 PM

Just to be on the Safe Side, if you're going to delete a TruCrypt Container (or any other encrypted file, for that matter) you might want to consider using a File Shredder as well. A little Paranoia never hurt anyone! :)

Grandpa
November 27, 2009 12:14 PM

I also use the Open Office Org programs that have the ability to assign a password when saving the file thereby making it necessary to enter the password to open the file.

Alex
December 6, 2009 6:45 PM

Hey I was wondering if there is a program (preferably free) that can hide a folder / files from everyone including searches and stuff like that, but when I send the file to another computer they can access and see it as if it were never hidden on my system. Thankyou

Shu Miah
January 22, 2010 11:28 AM

Can I password-protect a folder in Hotmail?

mageshwaran
February 3, 2010 7:34 AM

how to going in my computer book Properti

Teo_69
May 19, 2010 6:19 AM

I use winsesame. It is a strong encryption tool with 6 algorithms easy to use. The address:
http://www.aragonsoft.com/en/winsesame/

A.Amar
June 10, 2010 3:43 AM

I also use the Open Office Org programs that have the ability to assign a password when saving the file thereby making it necessary to enter the password to open the file.

raJ
June 23, 2010 12:26 AM

I HAD DOWNLOAD VICE CITY GAME FROM INTERNET AND IT IS ZIPPED FILE AND PASSWORD I DONT KNOW WHAT SHOULD I DO THIS GAME

nitin surani
July 5, 2010 11:00 PM

This is very useful...

Muhammad Anas
July 13, 2010 7:45 AM

Thanks for the nice article ... My problem is that I don't see the "Security" tab in the "Properties" dialog box of my folders. Only "General"' "Sharing"' and "Customize" are there...
Any syggestions please!!!
Thankyou!!

You're probably running the "Home" version of one of Windows OS's. XP Home, for example, does not include the security tab (except in Safe Mode, I believe).
Leo
14-Jul-2010

divya
July 17, 2010 1:33 AM

i did not understand any thing.

nyturn
August 3, 2010 9:31 AM

I'm very happy with folder lock software from Everstrike. This software can hide, lock and password protect folders with or without encryption.

Kerry McMullen
November 9, 2010 3:45 PM

I am using Windows XP Professional and my properties does not have the security tab either. Can I use TrueCrypt on an external hard drive that is shared?

You can, but I would run TrueCrypt on one machine - the one with the drive attached - and then share the mounted volume. I would not expect Truecrypt running on two machine trying to mount the same volumn to work well if at all.
Leo
10-Nov-2010

Myo Paing
November 24, 2010 1:04 AM

I would like to know how can I protect a folder from my external drive.

Dave
December 29, 2010 2:22 AM

Possibly a dumb question, but if you have more than one OS on a machine and you want to sucure files between them, would that be a separite install for each OS? If so, could more than one installation of TrueCrypt on the machine cause any problems?

You could install TrueCrypt on each OS just fine. As long as the container file was accessible to both it could be mounted in either.
Leo
29-Dec-2010

paul
March 3, 2011 7:51 PM

WinGuard Pro a free program has a feature to Disable Folder Access. Its very good!

Mo
May 13, 2011 1:46 AM

Hi,
I secured my folders on Windows and changed my OS to linux, now I can't access them. Can you let me know how I can access them from linux?

It all depends on HOW you secured them. If you used Windows built-in encryption, then you cannot access them from Linux.
Leo
14-May-2011

Inayath
September 11, 2011 8:20 AM

Check Out The Post in My Blog-Top 5 Ways to Encrypt or Add Password To Your Personal Stuffs.

www.computer-geek-inas.blogspot.com

jebbie
October 23, 2011 6:10 AM

can you have different password with different folders?

Please read the article - your question actually doesn't quite make sense given the information presented in the article. Certainly different user accounts can have different passwords if you go that approach, and different TrueCrypt volumes can have different passwords if you elect to use that.
Leo
23-Oct-2011

jebbie
October 23, 2011 6:18 AM

why is my "Encrypt contents to secure data" button not clickable?

Typically that means that either the filesystem is formatted FAT32, which does not support encryption, or you're running the Home version of Windows, which doesn't include it.
Leo
23-Oct-2011
Mark J
October 23, 2011 9:02 AM

@Jebbie
You can create as many TrueCrypt containers as you want, each with a different password. If you use the Windows built in method, you are limited to the password used to log in to Windows.

Patrick
October 27, 2011 11:27 PM

I have forgotten my password. Anything I can do?

Mark J
October 28, 2011 12:42 AM

@Patrick
You haven't given enough information to begin to answer your question. Which password did you forget, program, email, windows log-in? Some have recovery options some don't. If you forget a Truecrypt password, for example, it's lost forever.

Mak
November 19, 2011 6:00 PM

What if someone deletes that file, will i still be able to access it ??

Mark J
November 20, 2011 12:39 AM

@Mak
If a file is deleted it normally goes into the recycle bin. If the recycle bin has been emptied or the file has been deleted bypassing the recycle bin, it can often be recovered if it hasn't been rewritten using Recuva.

But an ounce of prevention is much better than a pound of cure: Keep a current backup of all of your data.

PATRICK
December 8, 2011 3:08 AM

HOW CAN I START USING THE TRUECRYPT TO PROTECT ALL MY DOCUMENTS AGAINST EXTERNAL TRAIT

Connie
December 8, 2011 9:43 AM

@Patrick
Ask Leo! has a bunch of great articles, and even a webinar, on that:

* Encrpting Using Truecrypt

Thorrun
January 19, 2012 3:40 AM

Downloaded and installed and attempted to follow the tutorial with more than one attempt. Various windows appeared not in tutorial and finally gave up to search for something that did not require a geek brain to operate. 0/10 and I do not consider myself a newby.

Comments on this entry are closed.

If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.

If you don't find your answer, head out to http://askleo.com/ask to ask your question.