Yes and no, and probably not in the way you’re imagining it.
You can do something similar to password-protecting it using Windows security features, but success depends on using the computer the “right” way. I don’t really recommend it. If you have something you want to password protect and keep secure, I recommend a different approach.
Become a Patron of Ask Leo! and go ad-free!
Windows security
Windows allows you to place restrictions on who can do what with a folder or file. In Windows File Explorer, right-click on a folder. Click on Properties and then click on the Security tab.
Here you can see the security properties of a folder on my machine called “SecretFolder”.
You can control who has access to that folder. By default, any “Authenticated Users” — users with login accounts on this machine — can examine the contents of that folder. I can remove that and further restrict access on an account-by-account basis.
It’s actually very powerful, but complex.
The problem, from my perspective, is that it’s based on Windows user accounts. If you give your own account full access to the file, as I assume you would, then anyone who can log in to the machine as you can immediately access the file. There’s no real password on the folder; it’s your ability to log in to Windows using your login password that controls access to the file.
For many who use Windows in what I’d call “the Windows way” — different login accounts for different users, and always logging out when you’re not using the machine — that might be enough.1 For example, in a corporate environment, this might be the recommended approach.
I prefer a different approach: encryption. There are two options I’d consider.
VeraCrypt
For many years, my approach was to use the free open-source tool VeraCrypt to create an encrypted volume.
An encrypted volume is a single file on your computer’s hard drive. If someone looks at the file, they have no way to view its contents.
Once you “mount” the file using VeraCrypt, supplying the correct pass-phrase to unlock it, the contents of the file appear as another drive on your system.
For example, I might have a file “C:\Users\LeoN\secretstuff.vc”. There’s nothing you can do with that file without VeraCrypt and the passphrase to the file. Since I know the passphrase, I can mount it using VeraCrypt, and suddenly a new drive appears — say drive “P:”. That drive contains all my protected files. I can change them, update them, delete them, or do whatever I want with them. Once I’m done, I can hide them all again by unmounting the VeraCrypt drive.
It’s both simple and elegant.
It’s also not tied to Windows user accounts or anything else. In fact, you can copy your encrypted file to another machine entirely and mount it with VeraCrypt. You can even mount it on other systems, such as Macs and Linux machines.
Cryptomator
Cryptomator (which is conceptually very similar to BoxCryptor) works very similarly to the process I just outlined for VeraCrypt, except each file is encrypted separately. Rather than a single encrypted volume, you’ll have many individually encrypted files and folders. When you “mount” the encrypted folder — once again specifying a passphrase to unlock it — the unencrypted version of that folder appears as an additional drive on your system.
Cryptomator is designed for encrypting files placed in cloud storage. Encrypting them individually allows them to be uploaded to cloud-storage systems individually, rather than needing to upload an entire VeraCrypt volume every time any file changes.
But there’s nothing that says you need to use it in conjunction with cloud storage.
For example, I might have a folder “C:\Users\LeoN\SecretFolder” on my machine. Its contents appear as randomly-named files and folders, each containing only random, encrypted data. When I mount that folder using Cryptomator, specifying the correct passphrase, a new drive appears on my machine — say drive “P:” again. That drive contains all the unencrypted files and folders within SecretFolder. I can change them, update them, delete them, or do whatever I want with them. Once I’m done, I can hide them all again by simply unmounting the folder in Cryptomator.
Encryption is the answer
Password protection isn’t enough. What you really need to protect your files is encryption. Solutions like VeraCrypt, Cryptomator, and others are the safest ways to ensure your data remains secure.
Do this
Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.
I'll see you there!
I have a USB drive, pen drive, whatever you call it. I need to password protect a folder, insert all kinds of data into that folder, so all my data is password protected through the main folder. And I will need to use those files on a bunch of PC’s, so no 3rd party SW can be used. Can anyone tell me how I can accomplish this?
—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1
Look into what’s called “Traveller Mode” for Truecrypt.
There’s no way to do what you want natively in Windows and have it be able to
travel from machine to machine.
Leo
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1.4.7 (MingW32)
iD8DBQFHEqowCMEe9B/8oqERAs2AAJ437lQymXlAxvJcLEdOaQN2Fg3hjgCgjq8S
7jd+Oi3jI2AFjHrlTlrExsg=
=+89g
—–END PGP SIGNATURE—–
I think using windows features to paasword protect a file(s) is ok, but there is always work arounds on stuff created by microsoft. I agree with Leo that a third party SW is the best security you can get. Hopefully it not packaged with a trojan/worm. :)
My situation is just a tad different and I was hoping you might have a recommendation for me.
I have some online web forms that collect data from users that will out the forms. The information is then stored in a particular folder on a web server. I need the web forms to be able to write to the folder .. so the data can be saved, but I don’t want anyone (that either doesn’t have the appropriate permissions or a password) to look into the folder. So it needs to be able to write to the folder from my web forms, but it needs to prevent anyone that doesn’t have permission to even look into the folder.
Any thoughts on the best way to handle this?
Thanks,
Gary
Another suggestion is to not use “flat” files to store user inputs, but a small (SQL?) database which can offer additional security .
—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1
Depends on the server type, but that’s typically done with
simple account-level security. Set the permissions so that
only the account running the web form can read or write to
the file.
Alternately, if the data is highly sensitive, you could
encrypt it with public key encryption, making sure that the
decryption key is not kept anywhere on the server.
Leo
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1.4.7 (MingW32)
iD8DBQFIYZbACMEe9B/8oqERAn5QAJoD1qvoRemGHvh544gcX+6VgrW4UQCfdtWr
Bl/VDZ6VMYeZxl5OvC3DMsU=
=xgvO
—–END PGP SIGNATURE—–
just remember that the restrictions are not applicable on a FAT drivers but on NTFS drivers
thx for this great site.
Guys, try this link. It has help on how you can protect your folders without a third party software…
http://technocrawl.wordpress.com/2008/08/25/lock-your-folder-without-using-3rd-party-softwares/
The bat file did not work, I wrote the contributor about the error message that I keep getting when running this bat.
Here is what I wrote him:
This bat file does not work, here is the error message that I very quickly took of the window snapshot with PrintScreen as it disappears in just a second:
“The system cannot find the batch label specified – End”
Can you fix this?:
Hi,
I dont know what really happened to one of my personal folders in my computer in the office. All my private stuffs are there. All of a sudden it was unaccessable. I can’t open nor delete it. What I know is that only the Administrators can do that.
I have certain files there, that is very confidential. Im thinking of making a new folder, and then putting there the unaccessable folder and put up a password or do i have any options to keep it from being accessed.
Could I use the TrueCrypt?
I hope you could help me, as soon as possible.
Thank you very much.
Leo, how can I uninstall TruCrypt? After installing this software I realized that it is not what I was looking for. I deleted it from my comupter (or so I thought) and performed a system restore function, but I am still missing 100 GB from my C drive, which I allocated for this function. I would like to have that space back in the C drive. Please advise on how I can get it there. Thank you – Robert
24-Nov-2008
All this is good, True Crypt does give security. But the True Crypt file itself is vulnerable: if the file is in the My Documents folder, say data.tc, anyone can see its there and delete it, and with that, all the data is also lost, isn’t it? So is there any way to prevent a person who has physical access to the system to be unable to see or delete a particular file (except for formatting, where everything is lost)?
Thanks.
19-Jan-2009
Truecrypt is indeed the most secure container as Leo said. It uses military grade blowfish 256 [ 128 ] des encryption to format an area on the hard disk. It uses next to nothing in resources, is totally transparent and mounts/unmount’s in a flash. The only fly in the ointment is if you decide you no longer need the ‘container’ wiping it off the HD will only render that portion the container used – unreadable since it now has no regular format. Effectively, it is lost HD space unless you reformat that section with a utility and then either give it a drive letter or use something like partician magic to reclaim that bit of HD.
I have been using TC for yonks to store my invention circuits and even if I decide to wipe it out [ the files NOT the container ] the space is still there to use even if it doesen’t HAVE to be encrypted. It would just mean I have to mount this drive with TC to use it for anything else. Since TC can be used on ANY drive [ rewritable DVD or stick drive ] and you think there will come a time when you don’t need a TC file – make the container on a 4-8 -16GB stick drive and just plug it in to a USB slot. This makes the files ultra safe as the stick can be removed and stored elsewhere in case the PC does a flame out and trashes the hard drive totally [ happen to me once ].
it seems that the protocol used by winsesame is beter than truecrypt and a professional version has a function to protect against deleting the folders protected by the program a sort of UAC protection for this sort of documents. this program has also diskweeper and memoryweeper functions. good for paranoia.
John
If you delete a TrueCrypt container file once it is dismounted then you do not lose that space on the host filing system. Even a container file sits within the filing system and Windows treats it like any other file whether it’s encrypted or not. So deleting it is no different to deleting any other file.
Will
Yes in fact winsesame is the best soft for password protect folers. It works on external drives usb flash drives or network. The folders can be send by email attachment. This soft can be downloaded from the site http://www.winsesame.com
There is a free version for folders less than 1Mb which is enough for everyday use.
Leo, Is what Johns saying above about lost HD Space correct with regard to Truecrypt?
If you delete a TrueCrypt container, that space is returned to the filesystem.
If you delete files within the container, that space is returned to the available space within the container.
06-Apr-2009
I have two queries
1) If i uninstall truecrypt then will anyone will be able to access the folder.
2) Can i encrypt the folder and store in my portable Hard disc or Flash drive etc.
N.B- If i want to view encrypted folder in a new machine i have to install the s/w in that machine
21-Apr-2009
You may also use WinRar to zip the folder and encrypt using password.
Do you have any solution for adding a password to access the internet or to open a folder? It’s a shared computer at work that I want to prevent free access to the internet without restricting access to sites once enabled. Also something similar for a folder that any file could go into and only be opened by password. I only know of password protecting a Word document.
Thank you
With TrueCrypt can you also password protect pictures? >jpg or??? If not is there a program that hides them from little eyes?
26-Nov-2009
Just to be on the Safe Side, if you’re going to delete a TruCrypt Container (or any other encrypted file, for that matter) you might want to consider using a File Shredder as well. A little Paranoia never hurt anyone! :)
I also use the Open Office Org programs that have the ability to assign a password when saving the file thereby making it necessary to enter the password to open the file.
I use winsesame. It is a strong encryption tool with 6 algorithms easy to use. The address:
http://www.aragonsoft.com/en/winsesame/
I also use the Open Office Org programs that have the ability to assign a password when saving the file thereby making it necessary to enter the password to open the file.
Thanks for the nice article … My problem is that I don’t see the “Security” tab in the “Properties” dialog box of my folders. Only “General”‘ “Sharing”‘ and “Customize” are there…
Any syggestions please!!!
Thankyou!!
14-Jul-2010
I’m very happy with folder lock software from Everstrike. This software can hide, lock and password protect folders with or without encryption.
You forgot to mention that this program costs $24.95 for a single Home license.
I am using Windows XP Professional and my properties does not have the security tab either. Can I use TrueCrypt on an external hard drive that is shared?
10-Nov-2010
Possibly a dumb question, but if you have more than one OS on a machine and you want to sucure files between them, would that be a separite install for each OS? If so, could more than one installation of TrueCrypt on the machine cause any problems?
29-Dec-2010
WinGuard Pro a free program has a feature to Disable Folder Access. Its very good!
Hi,
I secured my folders on Windows and changed my OS to linux, now I can’t access them. Can you let me know how I can access them from linux?
14-May-2011
can you have different password with different folders?
23-Oct-2011
why is my “Encrypt contents to secure data” button not clickable?
23-Oct-2011
@Jebbie
You can create as many TrueCrypt containers as you want, each with a different password. If you use the Windows built in method, you are limited to the password used to log in to Windows.
I have forgotten my password. Anything I can do?
@Patrick
You haven’t given enough information to begin to answer your question. Which password did you forget, program, email, windows log-in? Some have recovery options some don’t. If you forget a Truecrypt password, for example, it’s lost forever.
What if someone deletes that file, will i still be able to access it ??
@Mak
If a file is deleted it normally goes into the recycle bin. If the recycle bin has been emptied or the file has been deleted bypassing the recycle bin, it can often be recovered if it hasn’t been rewritten using Recuva.
But an ounce of prevention is much better than a pound of cure: Keep a current backup of all of your data.
HOW CAN I START USING THE TRUECRYPT TO PROTECT ALL MY DOCUMENTS AGAINST EXTERNAL TRAIT
@Patrick
Ask Leo! has a bunch of great articles, and even a webinar, on that:
* Encrpting Using Truecrypt
Downloaded and installed and attempted to follow the tutorial with more than one attempt. Various windows appeared not in tutorial and finally gave up to search for something that did not require a geek brain to operate. 0/10 and I do not consider myself a newby.
Most of the above methods/procedures are quite elaborate.
Most people have Winzip or Winrar on their machines.
Just Right click your folder and select Add To Archive, enter a password and hit OK.
Pretty simple and takes all of 90 seconds, works for me.
What do you think Leo?
Actually in my experience most people don’t have Winzip or Winrar. The problem is that you must then delete the files you zipped (to protect them), and unzip then every time you want to use them, remembering to re-zip and delete every time you make a change. That’s also pretty cumbersome.
…related to the theme of folder protection by password, I use FlashCrypt, and it is exactly what it is about ….free and very simple program, which, after installation, is located in the right-click menu … you can choose any folder, click on protect with FlashCrypt, enter a password, and then choose whether or not the original folder is deleted or left in the same place …. it is recommended to delete the original and when you need it just specify that folder and decrypt …. enter the same password, and everything is in here … of course, it is important not to forget the password, because then there is no return … but, definitely, my first choice … simple, and at the same time very functional ..
I’ve never encrypted anything because of a single fear … what if the encryption algorithm fails? I might be showing naivety here but I’ve had compression algorithms fail so I’m afraid to use encryption for the same reason. If I understand correctly, a corrupt encrypted file is worthless and lost forever, yes?
Typically, yes. Encryption failure is rare, but … this is also why we back up. If there’s only one copy — encrypted or not — then you’re not backed up and are at risk of losing it.
Geez all seems so difficult in comparison to the software that is already on Western Digital external drives these days. Took seconds to just pick a password for the drive, when you mount it anywhere it asks for the password, simple. Don’t know if it has encrypted anything but It definitely didn’t sit there with any progress bar showing encryption happening.
My seagate didn’t have any security software on it like the WD drive did.
Is there any software to put on my external seagate drive and do the same thing without having to encrypt everything? Just want a darn simple password option -weaker than encrypting for sure but is this possible?
Thanks;)
Encryption is a complex mathematical process which uses the CPU intensively. That’s why it takes a long time. Any non-encryption password would be trivial to crack. I’d compare it to a padlock from a dollar store, good just to keep the honest people honest.
That would be great, all I’m looking for to keep kids from opening folders or a drive. Western Digital has pre loaded security tools so it was simple minute to set up password that locks whole drive without many hours encrypting. I don’t see Veracrypt having that simple folder lock by password option without encrypting it all, am I wrong on that? (I’m worried about encryption going bad tho rare)
How about a free version simple one like Folder Lock I found on File Hippo? Ah geez just tried that one and you have to make a container on your computer then ‘convert’ it to a portable container then copy to external drive. My external drive is almost full 1 TB all in one folder and I don’t have that material on my computer. Isn’t there software just to add to the drive that will ask for a password same as the virtual cd pop up asking for a password up that happens when you’ve used the western digital pre installed software on their drives?
thnx for help;)
You can use Veracrypt to encrypt any predetermined amount of data by creating an encrypted volume. Lately, I’ve been using .zip encryption via 7Zip for the small amount of data I need encrypted.
Thanks again Mark but again do you know any software to simply lock a folder with a password and not encrypt anything? I see some here but don’t know if reliable https://www.intowindows.com/top-4-free-folder-locker-software-for-windows/
That’s what this article was all about Lee. There’s no simple “lock a folder” in Windows. You do need to use third party tools, like Veracrypt or others, to control access to the data you want protected.
what will i do in order to set a password on a folder on my computer window 10
Read the article you are commenting on. It Answers your question.