How to Use TrueCrypt for DropBox

DropBox is an immensely popular cloud storage solution, which has garnered a large following, in part, because of their low prices. In fact, they even offer a completely free service, which only allows 2GB of storage. Still, free is free, and plenty of users take advantage of their free service for basic backups and file syncing. But DropBox is far from a perfect solution. Quite the opposite, really, because they have had numerous security problems in the past.

Like any other tech company, security is absolutely essential to keeping their customers happy. Yet time and time again DropBox has received unwated attention from the public in the wake of data breaches caused by nefarious hackers. Nevertheless, the most concerning aspect of their business is that they have been regularly criticized for providing substandard encryption to protect users’ data. If you’re a happy DropBox user and don’t want to switch to a more secure provider, it’s well worth it to add an extra layer of security by using TrueCrypt.

TrueCrypt is a handy little freeware utility that can be used to increase security via encryption. More specifically, it provides on-the-fly encryption (OTFE), and it can encrypt your files, hard drive or other storage medium at the drop of a hat. It primarily uses encryption protocols such as AES, Serpent, Twofish, and combinations of these ciphers and algorithms.

db-tc2In this simple guide, we’re going to guide you through the process of setting up a TrueCrypt volume which can be used to store encrypted data within the DropBox folder.

1. Download the Software and Create a Volume

After you have downloaded and installed TrueCrypt (it’s free!), the first thing you’ll need to do is create a volume. A volume is basically a chunk of storage that is going to be used as a container for all the files which will be encrypted. Click the “Create Volume” button, and the wizard should begin.

2. Configure a Container

On the first page of the wizard, make sure you choose to “Create an encrypted file container.”

3. Volume Type

db-tc3Next, you’ll want to configure the type of volume. The Standard TrueCrypt Volume option is ideal, though you can create more secure volumes, such as hidden volumes. However, some users have reported that hidden volumes don’t play well with various cloud services.

4. Choose a File Location

Next, you need to actually save the TrueCrypt file. The button says you can select a file, but that’s misleading for several reasons:

  • If you choose an existing file, it will become overwritten

  • Choosing an existing file doesn’t add encryption to the file

  • The file needs to be within your shared DropBox folder

For these reasons, it’s better to create a new file instead of tampering with older files.

5. Choose an Encryption Algorithm

Next you’re going to want to select an encryption algorithm. I prefer AES (Advanced Encryption Standard) because it is still one of the most secure algorithms. In fact, mathematicians theorize that it would take a billion billion years (that’s right…a 1 followed by 18 0’s) to crack AES-256. That said, there are still rumors floating around that secret governmental supercomputers can crack the algorithm. At any rate, it’s much more secure than other protocols. I seriously doubt that anyone has the power to crack the protocol.

However, to be on the safe side, you may want to opt for a combination of AES and another protocol.

6. Volume Size

The next step is to measure how large you want the volume to be. You will want to take the size of your DropBox account into consideration. They don’t have to match, but the volume needs to be either the same size or smaller than your DropBox storage space. If you’re a free user, the maximum file size you can use is 2GB.

6. Password Creation

Make sure you use a strong password to encrypt your data with TrueCrypt, or you’ll create a security vulnerability. Make sure it isn’t your pet name, birthday, telephone number, home address, or other pieces of information that are easy to guess. In general, strong passwords need to be a minimum of 8 characters and include uppercase, lowercase, numerals, and special characters. If you use a service like KeePass, you can randomly generate a 20-character long password that’s ridiculously secure.

Alternatively, you can use a key file, which allows users to select any file they want to generate a password. Without the key file, you won’t be able to gain access to your volume. It could really be anything you want, such as a song or photo. If you do opt to use a key file, make sure you have an unadulterated, unchanged copy of the original file…or your volume will become inaccessible!

8. Format

The format option doesn’t mean that TrueCrypt will format your hard drive. Instead, it helps to format the volume you just created. Remember that the TrueCrypt volume is a virtual disk, so you’re safe to format it to an appropriate file system.

9. Cross-Platform Options

It’s advisable to use the cross-platform setting, even if you only plan on accessing a TrueCrypt volume from a single device. Who knows, in the future you may opt for a different Mac, Windows, or Linux operating system!

10. Random Data

Lastly, TrueCrypt is going to generate random data based on the pattern in which you move your mouse. This will generate a string of characters which is nearly impossible to replicate. After you have finished wiggling your mouse, click the Format button.

11. Final Steps

After the wizard has completed, the file will be created and the DropBox folder will upload it automatically. Just remember that you need to mount the volume using TrueCrypt if you want to add or delete files from your encrypted volume.

Final Thoughts

DropBox has some big security concerns, but that doesn’t mean you can’t use their service. A lot of people love their free service. If you have fallen in love with DropBox, it is highly recommended to use a third-party encryption tool to secure your data. If you don’t, you may run into unintended consequences like a hijacked account, stolen personal data, and even identity theft!

Leave a Reply

Your email address will not be published. Required fields are marked *