Yes and no, and probably not in the way you’re imagining it.
You can do something similar to password-protecting it using Windows security features, but success depends on using the computer the “right” way. I don’t really recommend it. If you have something you want to password protect and keep secure, I recommend a different approach.
Become a Patron of Ask Leo! and go ad-free!
Windows allows you to place restrictions on who can do what with a folder or file. In Windows File Explorer, right-click on a folder. Click on Properties and then click on the Security tab.
Here you can see the security properties of a folder on my machine called “SecretFolder”.
You can control who has access to that folder. By default, any “Authenticated Users” — users with login accounts on this machine — can examine the contents of that folder. I can remove that and further restrict access on an account-by-account basis.
It’s actually very powerful, but complex.
The problem, from my perspective, is that it’s based on Windows user accounts. If you give your own account full access to the file, as I assume you would, then anyone who can log in to the machine as you can immediately access the file. There’s no real password on the folder; it’s your ability to log in to Windows using your login password that controls access to the file.
For many who use Windows in what I’d call “the Windows way” — different login accounts for different users, and always logging out when you’re not using the machine — that might be enough.1 For example, in a corporate environment, this might be the recommended approach.
I prefer a different approach: encryption. There are two options I’d consider.
For many years, my approach was to use the free open-source tool VeraCrypt to create an encrypted volume.
An encrypted volume is a single file on your computer’s hard drive. If someone looks at the file, they have no way to view its contents.
Once you “mount” the file using VeraCrypt, supplying the correct pass-phrase to unlock it, the contents of the file appear as another drive on your system.
For example, I might have a file “C:\Users\LeoN\secretstuff.vc”. There’s nothing you can do with that file without VeraCrypt and the passphrase to the file. Since I know the passphrase, I can mount it using VeraCrypt, and suddenly a new drive appears — say drive “P:”. That drive contains all my protected files. I can change them, update them, delete them, or do whatever I want with them. Once I’m done, I can hide them all again by unmounting the VeraCrypt drive.
It’s both simple and elegant.
It’s also not tied to Windows user accounts or anything else. In fact, you can copy your encrypted file to another machine entirely and mount it with VeraCrypt. You can even mount it on other systems, such as Macs and Linux machines.
Cryptomator (which is conceptually very similar to BoxCryptor) works very similarly to the process I just outlined for VeraCrypt, except each file is encrypted separately. Rather than a single encrypted volume, you’ll have many individually encrypted files and folders. When you “mount” the encrypted folder — once again specifying a passphrase to unlock it — the unencrypted version of that folder appears as an additional drive on your system.
Cryptomator is designed for encrypting files placed in cloud storage. Encrypting them individually allows them to be uploaded to cloud-storage systems individually, rather than needing to upload an entire VeraCrypt volume every time any file changes.
But there’s nothing that says you need to use it in conjunction with cloud storage.
For example, I might have a folder “C:\Users\LeoN\SecretFolder” on my machine. Its contents appear as randomly-named files and folders, each containing only random, encrypted data. When I mount that folder using Cryptomator, specifying the correct passphrase, a new drive appears on my machine — say drive “P:” again. That drive contains all the unencrypted files and folders within SecretFolder. I can change them, update them, delete them, or do whatever I want with them. Once I’m done, I can hide them all again by simply unmounting the folder in Cryptomator.
Encryption is the answer
Password protection isn’t enough. What you really need to protect your files is encryption. Solutions like VeraCrypt, Cryptomator, and others are the safest ways to ensure your data remains secure.
Each week I publish several articles like this covering a variety of tech topics and solutions. Subscribe to Confident Computing -- more articles that help you solve problems, stay safe, and increase your confidence with technology, delivered to your inbox once a week.
Hope to see you there soon,