Windows 11/10 offers an in-built encryption solution — BitLocker — which makes sure the drive if used anywhere else, will not be readable. However, like many other solutions, it is a proprietary solution. If you are looking for a BitLocker alternate, an encryption solution that is open source, then check out DiskCryptor. You can use it to encrypt disk partitions, including the system partition.
DiskCryptor Disk Encryption software for Windows PC
Before we start, DiskCryptor is not new. According to the current developer, NTLDR developed it as a replacement for DriveCrypt Plus Pack and PGP WDE. However, there has been no development since 2014, so the guys at diskcryptor.org took the development of the software into their own hands (GNU GPLv3). The good news is that the software development looks active on their GitHub page, so you can use it if you are looking for an alternative.
DiskCryptor Features
- Support of AES, hardware AES, Twofish, Serpent encryption algorithms individually or in combination.
- SSD TRIM feature is supported.
- Transparent Encryption of disk partitions.
- Full support for dynamic disks.
- It works with any RAID volumes that the system supports, i.e., disks with large sector sizes.
- Compatible with multi-boot managers, UEFI/GPT boot, third-party boot loaders (LILO, GRUB, etc.)
- Option to place boot loader on external media and to authenticate using the key media.
- Support for key files.
- Apart from storage devices, it works with CD, DVD, external USB storage.
- It can also automatically mount disk partitions and external storage devices.
- Support for hotkeys and optional command-line interface (CLI).
- Open license GNU GPLv3.
Once the Encryption is complete, the partition or volume cannot be used to identify any data. It will be protected with a password, and once you enter the password, the structure of the partition becomes accessible.
How to use DiskCryptor
- Once you launch the software, it will reveal all the partitions sorted by the physical drive.
- Select any of the partitions and right-click, and click on Encrypt
- Next, you need to select the encryption algorithm and wipe mode.
- In the next step, you can set up a password or use a Keyfile.
- Lastly, start the Encryption, and wait for it to complete.
The password can be changed. Right-click on mounted volume and choose to Change password from the context menu.
The total time taken for Encryption will depend on drive speed and size. If you encrypt the primary partition, you will need to enter the password during the boot process. That said, here are two exciting features of DiskCryptor you should know.
DiskCryptor Wipe Mode
Do note that when you use Wipe mode during Encryption, it does not delete files nor any remnant data that a file system might contain. According to the developers, it is not necessary as the program encrypts the whole file system. Wipe Mode instead prevents the possibility of recovering data by examining residual magnetic energy, which can be done on specialist equipment.
Pause, Resume Encryption anywhere
This feature allows you to pause the ongoing encryption process and resume back later. Not only that, if you use it, you can also decrypt incomplete Encryption. It is handy if you accidentally choose the wrong Encryption drive and do not want to wait long hours to complete it. Also, if you encrypt an external drive, you can pause, switch the computer, and start Encryption on another computer.
While you should be able to perform all kinds of Disk Management after encrypting the device, the software developers advise against it. It’s mostly because thee software has not been tested for such scenarios.
You can download it from GitHub. After installation, you will have to restart the computer before you can use the software. If you plan to uninstall, make sure to decrypt all the volumes, especially the system partition.
