Technology in terms you understand. Sign up for my weekly newsletter, "Confident Computing", for more solutions you can use to make your life easier. Click here.

How to Keep Information on a Shared Computer Private

//
I share a computer and I want to know how to keep my information private.

 

Ultimately, you can’t.

At least you can’t do it easily, and even then, it depends on the data you’re attempting to keep private and the technical savvy of the individuals who might try to access it.

There’s nothing like your own computer. But if you have to share, there are a couple of things that might help.

A little.

Become a Patron of Ask Leo! and go ad-free!

Administrators have power

First, realize that anyone with administrative access to the computer can see everything on it.

You can use Windows file permissions to make files accessible to only you, but an administrator could still use any number of techniques to access those files easily.

So if you’re trying to keep things private from other users who have administrative access, normal methods won’t work.

You need more.

Encryption

Computers at a libraryIf available in your edition of Windows, it’s tempting to consider using the built-in BitLocker encryption, which obscures the data to anyone but the Windows log-in account that owns it. Unfortunately, I can envision ways for an administrator to be able to log in as you and access the files. When it comes to keeping your information safe from other users of the same computer, BitLocker is not something I recommend.1

I frequently recommend VeraCrypt for situations like this, but unless you have administrative rights, it won’t work unless you first convince the administrator to install it for you. If you do have admin rights, then it can be a good  solution to secure your data. Only you know the passphrase, you can take your encrypted data to any machine, and you can leave it behind without fear of compromise.

If you don’t have administrative privileges, you need to encrypt your data some other way. One of the simplest might be BoxCryptor. While intended for cloud storage, it works just fine as a local encryption solution, and I don’t believe it requires administrative access. Like VeraCrypt, only you know the passphrase, and you can leave your data behind without fear of compromise.

Other tools aren’t as seamless as we’d like. Tools like WinZip and others encrypt individual files or collections of files, but  your encryption must be done manually (decrypt the file to use it, make changes, then re-encrypt), step by step, each time.

Another perhaps simpler approach is not to leave your data on the machine at all. Use a removable USB thumbdrive or external hard disk, and take it with you. But even then there are risks.

Other vulnerabilities

No matter how you’ve secured your data, there are still other issues to worry about.

History. Your browser history, your recently-used documents list, temporary files, and more all remain on the computer in  areas accessible to the administrator. You’ll want to clear your history after every use so as to leave as little trace as possible. A tool like CCleaner, for example, would probably do the trick, if you can install it and if it has access to what you need cleaned.

Spyware. This is a huge issue on publicly shared computers. You don’t know what’s installed. There may be keystroke loggers or other types of spyware intercepting and recording everything you do. Even with a computer shared between just two people, it’s one easy way person A can spy on person B. It need not be software, either; there are hardware keyloggers that could be installed.

It all comes down to trust

As you can see, there are several issues when sharing a computer.

It all boils down to trust. If you don’t trust the people you share a computer with, you need to take several extra steps to keep your information secure.

And even then, it’s not guaranteed.

In the final analysis, there’s no substitute for your own computer under your own control.

Podcast audio

Play

Video Narration

Footnotes

1: BitLocker’s great, though, for protecting your data from people who don’t already have an account on the machine, like hackers or thieves.

9 comments on “How to Keep Information on a Shared Computer Private”

  1. How can I protect myself from spyware on a public computer? We use computers at libraries when we are traveling. We do delete our history before logging off. Are there other issues we are not aware of? Thank you

    • The following article explains how to view hidden files. You can then go into the properties for that file and unhide it. Then you can either switch back to un-show the hidden files or leave them visible:
      How Do I View Hidden Files and Folders?
      Unfortunately, this answer is 10 years late but it may help someone else with a similar problem.

    • As Mark Jacobs points out, a couple of simple settings in Windows (File) Explorer will make (almost) all hidden files visible.

      Which… hmmm… kinda makes the “hidden” file attribute kinda useless. huh?

      Only someone who hasn’t yet changed his Windows (File) Explorer settings would be unable to see the hidden file. 🙂

  2. Carin– using a public computer, at a library or internet cafe– is exactly the situation that Leo is warning you about. You have NO reason to trust the other people who have had access to the machine before you. Unfortunately, Leo is right: if you don’t have physical control of the machine, there is NO way to be sure that malicious hardware or software hasn’t been installed. There have been criminal convictions of people who installed keystroke loggers on public computers to gain access to bank accounts, steal identities, etc. This is also one of the many ways that e-mail accounts get hijacked on a daily basis. Please don’t think this is a hypothetical risk; real people have had their lives messed up by exactly this sort of thing.

    If you’re using a public computer, you should not access a password-protected financial or business site, or a site which has your private information (to include credit card info) on file. It’s fine to use public computers for non-sensitive stuff like reading your hometown newspaper when you’re travelling. If you’re OK with running the small-but-real risk of having your e-mail account hijacked by spammers, you can use e-mail– better yet, get a “disposable” travel account with a free provider and abandon it after your trip.

    Bottom line, assume that someone is watching everything you do and everything you type when you’re on a public computer. If it’s harmless, go ahead; if it’s private, DON’T DO IT. A better choice: buy a cheap netbook to go with you, get a simple VPN solution to secure it, and then you have control over your situation.

    • Janet, you write:

      “If you’re using a public computer, you should not access a password-protected financial or business site…”

      This is exactly and precisely what the HTTPS:// protocol was designed for.

      Accessing a sensitive site is perfectly acceptable, provided that it’s a secured (https://) site.

      • I disagree. Strongly. https doesn’t secure the computer, only the connection between the computer and the web site. The computer could be chock-full of malware, including keystroke recorders, capturing your every move. Https doesn’t help at all for that.

        • Where https protects you is if you are using your own laptop on a public network, for example, in a coffee shop or in a public library but you’re not protected not on the library’s computer.

Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Typically that's off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.