News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • looking for thoughts on Drive Encryption

    Home Forums AskWoody support Windows Windows 10 Windows 10 version 1909 – November 2019 Update looking for thoughts on Drive Encryption

    Tagged: 

    • This topic has 6 replies, 6 voices, and was last updated 4 weeks ago.
    Viewing 6 reply threads
    • Author
      Posts
      • #2307195 Reply
        znitro
        AskWoody Plus

        Dear Friends,

        I just recently purchased a laptop with Windows 19 1909 home. Out of the box Drive Encryption is turned on. I am a little leery of this, and my gut feel is to turn it off before there is too much stuff on the system . This laptop is for home use, it will have emails, photos, videos and perhaps some financial spreadsheets and documents. It will travel outside of the house once or twice a month.  I have backed up the encryption keys.

        Does anyone have strong opinions either way on using encryption in this situation.

        Also, does having the drives encrypted have any benefit in warding off a virus which encrypts drives.

        znitro

        znitro

      • #2307210 Reply
        mn–
        AskWoody Lounger

        I just recently purchased a laptop with Windows 19 1909 home. Out of the box Drive Encryption is turned on.

        Hm, that’s distinctly uncommon… normally you don’t get encryption with Windows Home.

        It’s of course possible to get encryption on that too with add-on software (like VeraCrypt or some others) or on the firmware level (Self-Encrypting Drive).

        Does anyone have strong opinions either way on using encryption in this situation.

        In the general case it’s safer to use encryption than not use. Speed differences… might not be what you’d expect. (Well-tuned encryption with compression, as is usual, can even speed things up due to having less data to write after the compression…)

        Also, does having the drives encrypted have any benefit in warding off a virus which encrypts drives.

        Only very rarely. Ran into that kind of thing once, was a bug in the virus – if it’d worked “correctly” a previous encryption layer wouldn’t have stopped it.

      • #2307285 Reply
        bratkinson
        AskWoody Plus

        Unless you have some confidential information like bank & credit card account numbers, passwords stored on a file somewhere, or even photographs you don’t want maliciously spread all over the web, I think encryption is a complete waste of CPU horsepower and RAM to run it in.  Given that many laptops are still slower dual processor devices, I think it likely that you’d likely see a slowdown compared to unencrypted.

        I don’t use encryption on my desktop or laptop as I don’t put anything on any of them other than my Excel spreadsheet used as my checkbook.  If that went public, there’s usually less than $100 in it after I pay my bills each month.

        As I sometimes travel with the laptop, I have all my bookmarks (favorites) for banks, credit cards, or anything else that has my credit card stored (such as ebay and Paypal) in a subfolder that after I copy bookmarks from my desktop to laptop prior to leaving town, the first thing I do is delete the bookmark folder with all financial links.  I then ‘trim’ the SSD to make sure it would be more than difficult for a laptop thief to get to my finances.  I don’t have passwords stored anywhere, either.  But as I have a different password for every site that uses them, I’ve put a hint in the bookmark to help me remember them.  Of course, after wiping out all links to financial sites, and since access ebay and Paypal frequently, I have no need to have password hints for those as well as other sites I frequent daily.

        I also turn my computer off every night, not ‘sleep’, to save on the electric bill, as well present less ‘exposure’ to the web.

        Similarly, there’s no financial links on my cell phone, where its being compromised either through loss or hijacked via wifi or blue tooth is far higher than my desktop.  To hack that, a hacker must get past the firewall, 17 position password on my router and a radically different 16 position password for my wifi, then one has to get past the internet security software I happen to be using, which historically, I replace with a competitors’ product about every 3 years for various reasons.

      • #2307302 Reply
        NaNoNyMouse
        AskWoody Lounger

        Drive Encryption always feels to me like one of those things that’s fine while it’s working fine, but… if it’s not for any reason, then you’re probably going to be in a world of pain

        Personally, I encrypt my sensitive data at the file/folder level. I use TrueCrypt (now discontinued, but still works in Win 10). I’m sure there are alternatives, but that works for me

        Like everything else, you have to balance potential risks against usability and other criteria. I toyed with the idea of drive encryption when I was setting my current main system up, but shied away from it in the end. Just seemed like too many things could go wrong

      • #2307305 Reply
        Alex5723
        AskWoody Plus

        A/V software can’t decrypt/scan encrypted drives/files…

        • #2307308 Reply
          Paul T
          AskWoody MVP

          Of course it can, just like your word processor can access your documents. Windows decrypts your files and your AV scans them, or the disk decrypts the files on the fly and Windows sees unencrypted files.

          cheers, Paul

      • #2307309 Reply
        Paul T
        AskWoody MVP

        Full disk encryption is sensible on a laptop, which may be lost stolen. It won’t get your laptop back, but your data will not end up in the wrong hands.

        As you have Windows Home you will not be running Microsoft BitLocker and probably don’t have any disk encryption running. If you want to use disk encryption you either use a self encrypting disk with Opal support, or install VeraCrypt in Windows.

        I have used VeraCrypt on an i5-5200U / SSD laptop running W10 Home and it works silently and with no apparent speed difference. When you boot / resume from sleep/hibernate, you have to enter the VeraCrypt password, then Windows fires up. I don’t run a Windows password if running Veracrypt as one password is sufficient.

        cheers, Paul

      • #2307493 Reply
        anonymous
        Guest

        Hm, that’s distinctly uncommon… normally you don’t get encryption with Windows Home.

        As you have Windows Home you will not be running Microsoft BitLocker and probably don’t have any disk encryption running.

        MANY laptops provided with Windows 10 Home installed are supplied with device encryption enabled:

        Device encryption is available on supported devices running any Windows 10 edition.
        Device encryption in Windows 10

        Many new PCs that ship with Windows 10 will automatically have “Device Encryption” enabled. This feature was first introduced in Windows 8.1,
        How to Enable Full-Disk Encryption on Windows 10

        Windows 10 Home doesn’t include BitLocker, but you can still protect your files using “device encryption.”
        How to enable device encryption on Windows 10 Home

    Viewing 6 reply threads

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: looking for thoughts on Drive Encryption

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.