Encrypting a USB Flash Drive in Windows 10

Home > Videos > Windows 10 > Encrypting a USB Flash Drive in Windows 10

Encrypting a USB Flash Drive in Windows 10

Hi, my name is Mike Danseglio. I’m an instructor here at Interface Technical Training. I want to talk a little bit about encrypting USB flash drives with Windows 10. The concept of protecting data when it’s on a USB flash drive is not a new concept.


BitLocker 2-day instructor-led training is now available at Interface:
BITLOCK: Planning and Deploying BitLocker Drive Encryption Training


When files are portable on USB stick, they might get lost at, let’s say, Starbucks, or on an airplane, or on a bus, or at a friend’s place, something like that. You don’t want your sensitive data to be compromised potentially by whoever happens to find that USB flash drive at any given time. Given that they’re so inexpensive and so small, they get lost a lot.

An important concept here is just protecting that data to make sure you are the only person that has access to that data no matter who happens to find this flash drive wherever you happen to lose it. That’s what I’m going to show you with Windows 10 and a built‑in feature in Windows 10 called BitLocker.

In particular, BitLocker has a component called BitLocker To Go which allows us to encrypt data on a USB flash drive. I’m going to show you how to do that using a few flash drives that I happen to have over here. First thing we obviously need is a USB flash drive. I’m going to use, let’s say…Hello Kitty is probably a good choice.

Here’s Hello Kitty. That’s going to be my data drive. I’m going to plug Hello Kitty into our USB hub. Then I’m also going to plug a second drive, a really boring USB flash drive in as a second flash drive. I’ll show you why I do that in just a moment. It’s an important part of actually having some redundancy or some recoverability.

Now that I’ve got those in there and Windows 10 has found them both, as you saw. I can show you a little bit about how to use them, how to actually encrypt the data on there. What I’ll do is I’ll fire up File Manager and make sure I can see the drives. I’ve got Kitty drive here and boring drive. You can kind of surmise based on the name which drive is which.

Kitty drive, I can access it just like any other flash drive. I can create files on it. In fact, I’ll create a quick one just to show you that it’s got nothing special on it. Let’s see sample.txt, and we’ll sample text. Now, we’ve got a file there. Don’t really need a file there, but it’s always healthy to have one just to show.

You may also like:  Windows 10 Security – What’s New and Improved? - December 3, 2015

Now, I want to encrypt that drive so that no one else that finds the drive accidentally or steals it on purpose can have access to that file or anything else on there. I’ll click on the Windows flag in Windows 10. I’ll type in BitLocker. You’ll see Manage BitLocker comes up pretty darn quickly. Click here, and then this is BitLocker.

BitLocker lets us encrypt both the local drive, which is kind of a common thing for people to do ‑‑ local drive on a computer, on a laptop, anything like that ‑‑ but also on removable drive. Like on our Kitty drive, you’ll see BitLocker is off.

We want to turn BitLocker on on Kitty drive. BitLocker will fire up and then start checking the drive to make sure it’s got all the necessary components, make sure it can make space for the little bit of data it needs to store for the encryption, make sure it can properly encrypt the drive without losing data.

It runs a check for a few moments. This will depend on the speed of the USB drive, the USB flash memory. Once that’s done, BitLocker comes up and says, “Great! I’ll need either a password or a smart card to unlock this drive.” Every time you put this drive in a USB port, you’re going to need to provide either a password or a smart card.

Most folks are going to wind up using passwords so we’ll provide a little password here. I won’t tell you what my password is, but it’s the word “password” because this is a demo. I’m done here.

Probably the most important part for most users is the recovery key. The recovery key is what lets us get the data back if we lose the password. If we lose the password that we just typed in a moment ago or forget it, we’re going to need a recovery key. Otherwise, the data is lost. Otherwise, there’s no way to unencrypt it. We’ll just have to reformat the drive, losing the data.

When I click to Save to a File…This why I had to add that second USB drive in. BitLocker is smart enough to know I don’t want to store the recovery key on the same drive I’m encrypting. I don’t want to store the recovery key on the main hard drive. I want to make sure it’s somewhere else so that it has distance from the actual data it’s protecting, so I have to use a third drive.

Right here, I’m going to save it to the boring drive. Now that I’ve saved the recovery key, I can go ahead and answer the question whether I want to encrypt just the space in use or all of the space on Hello Kitty. It’s efficient to do the Used Disk Space Only on new disks because new disks don’t have very much data written to them.

You may also like:  Government Edition - Encrypting a USB Flash Drive in Windows 10

However, if Hello Kitty had been used for a while, if Hello Kitty had been dirtied with a bunch of data over time, probably want to encrypt the entire drive. Because this is a demo, we’ll assume that it’s a new drive. We’ll choose Used Disk Space Only. Click Next. We’re going to then answer the question of, “Do I want this drive to be able to be used in older version to Windows?”

If we select that option, we’re going to use older cryptography which is not a very good idea, not as efficient. It’s not a horrible trade‑off, to be honest, but whenever possible, we’re going to want to use the newer version of the encryption algorithms that Windows 10 provides.

We’ll stick with new encryption mode in this case. You can read the text right here. We’ll tell you pretty clearly what the trade‑offs are in this choice. Now, we can go ahead and start encrypting. It tells us right here. It’s going to take a little while. Hello Kitty will take a little while before encryption is finished, but it’s encrypting already.

Chug‑a‑chug‑a‑chug. The drive is encrypting. It won’t take very long. Once it’s done encrypting, we can actually take it out, use it. Even before we take Hello Kitty out and use it, as long as encryption has started, the data is being protected. Certainly, gradually, we want to leave it in until it’s finished.

If we pulled it out right now, it wouldn’t really cause any reparable harm to the drive. The encryption would just continue where it left off the next time it gets inserted in a machine. That’s pretty much it for Hello Kitty. It’s encrypted.

After that, once I take that drive out of this machine into any other machine or even take it out of this machine and put it back in, I’m going to get prompted for the password again. If I don’t type the password, Hello Kitty will stay protected. That’s it. That’s how you encrypt a USB drive in Windows 10.


BitLocker 2-day instructor-led training is now available at Interface:
BITLOCK: Planning and Deploying BitLocker Drive Encryption Training


Videos You May Like

Agile Methodology in Project Management

0 73 0

In this video, you will gain an understanding of Agile and Scrum Master Certification terminologies and concepts to help you make better decisions in your Project Management capabilities. Whether you’re a developer looking to obtain an Agile or Scrum Master Certification, or you’re a Project Manager/Product Owner who is attempting to get your product or … Continue reading Agile Methodology in Project Management

JavaScript for C# Developers – September 24, 2014

0 258 1

In this video Dan Wahlin demonstrate the similarities and differences between C# and JavaScript and the future of JavaScript (ES6).

Detailed Forensic Investigation of Malware Infections – April 21, 2015

2 268 3

In this IT Security training video, Security expert Mike Danseglio (CISSP / CEH) will perform several malware investigations including rootkits, botnets, viruses, and browser toolbars.

Write a Comment

Share your thoughts...

Please fill out the comment form below to post a reply.