Encrypting a USB drive protects your sensitive files and data when they’re transferred between different locations. This tutorial shows how to encrypt a USB drive in Windows 10 and Windows 11 so that no one can read or access the data stored inside without entering the right password. You can later decrypt the USB with a password or recovery key, which is also very easy to do.

Tip: protect your personal information with mail encryption. Find out how it works and the best services that offer it.

Why You Should Encrypt Your Flash Drive

A USB drive is a portable device that offers a convenient way of storing and/or transferring your data, though this can come with several security risks. If you don’t encrypt your flash drive, anyone can get their hands on it and check your private files on their computer without your knowledge or consent.

Encrypting the USB stick is a reliable means of protecting it from data theft or exposure. It also allows you to delete your data more securely before discarding your drive, as it’s near impossible to recover deleted data from an encrypted drive.

Use BitLocker to Go

Windows 10 and 11 come with BitLocker, a feature that makes it easy to encrypt your hard drives When used for USB drives, it is technically called “BitLocker To Go.” BitLocker is only available in the Windows 10 and 11 Pro versions. If you’re using Windows 7/8/8.1/10/11 Home, scroll down for other alternatives.

Publicité

To encrypt your USB drive using BitLocker To Go in supported Windows versions, follow the steps below:

1. Plug in USB Drive and Open in File Explorer

  1. Plug your USB drive into your Windows PC and let the computer recognize the drive. If you see “AutoPlay” on your screen, click it to view its options in a pop-up window.
Autoplay Option Displayed In System Tray Of Windows 11.
  1. Select “Open folder to view files.” It will open the USB drive in File Explorer.
Options After Autoplay Message Of Usb Drive: Open Folder To View Files.

2. Turn On BitLocker

  1. Open Control Panel in Windows.
  2. Click on “System & Security -> BitLocker Drive Encryption” and enable the feature from there.
Turn On Bitlocker Option In Bitlocker Drive Encryption Menu Of Control Panel
  1. In Windows 11, you can also go to “Settings -> System -> Storage -> Advanced storage settings -> Disks & volumes.” The same is accessible in Windows 10 from “Settings -> Storage -> Manage Disks and Volumes.”
  2. Select your USB and click “Turn on BitLocker” at the bottom of the screen.
Turn On Bitlocker Option In System Storage Disks &Amp; Volumes Of Windows 11.
  1. You’ll be taken directly to Control Panel.
Turn On Bitlocker Option In Bitlocker Drive Encryption Menu Of Control Panel

Tip: need a new flash drive? These are the best portable USB options that you can buy.

3. Use BitLocker to Encrypt USB Drive

  1. Wait a few seconds for BitLocker to initialize the drive. Don’t remove your USB during this setup.
Bitlocker Initializing The Usb Drive In Windows 10.
  1. Check the “Use a password to unlock the drive” box.
Check Use A Password Option To Unlock The Usb Drive In Bitlocker Drive Encryption.
  1. Type in a password you can remember inside the “Enter your password” box and repeat it in the “Re-enter your password” box, then click “Next.” If you have a physical smart card, you can use it to unlock the USB drive with a PIN.
Type A Password In Bitlocker Drive Encyption To Unlock The Drive.
  1. You’ll get a prompt to back up a recovery key. This key allows you to access the USB drive in the event that you lose the encryption password. Save this key or print it out, but remember to store it safely.
Set Up Recovery Key To Unlock Pc In Bitlocker Drive Encryption For Windows 11.
  1. Select how much of your USB drive you’d like to encrypt: select the entire drive or the used space only. Then click “Next.”
Select How Much Of The Usb Drive Is To Be Encrypted In Bitlocker Drive Encryption.
  1. Choose either New encryption mode or Compatible mode for the BitLocker drive. If you’re going to use the USB drive on the same computer, choose the new encryption mode. However, if you want to use it on other computers running old Windows versions, select “Compatible mode.”
Windows Bitlocker Drive Encryption Mode Used - New And Compatibility Mode.
  1. Wait a few minutes for the encryption to complete. You can pause it in the middle of the process.
Encrypting Usb In Progress.
  1. After the encryption is complete, you will see options such as “Manage BitLocker” and “Change BitLocker password” (after pressing “Show more options” in Windows 11) by right-clicking the USB drive. In Windows 10, you will see both options together, as it doesn’t use context menus.
&Quot;Manage Bitlocker&Quot; Option In Context Menu After Right-Clicking Encrypted Usb.
  1. Windows 10 offers one more option to turn on BitLocker in File Explorer itself. Click “BitLocker” on the ribbon menu followed by “Turn on BitLocker” to activate the encryption wizard.
Bitlocker Option For Usb Flash Drive In Windows 10 File Explorer.
  1. Once the device is encrypted and you try to open your USB drive in Windows File Explorer, you’ll see a lock button showing that it is securely encrypted. To access the drive now, you’ll be prompted to enter the password you created initially.
Encrypt Usb Drive Bitlocker Password Controls Usb In Windows11
  1. There are other options such as a smart card that will automatically unlock the drive on your computer or a recovery key if you forgot the password.

Good to know: learn how to enable quick removal of USB drives in Windows.

Use USB Drive Encryption Software

If you’re on a Windows Home edition, you won’t have access to BitLocker to Go. consider using an encryption manager to encrypt your USB drive in Windows. We have two of the best recommendations below.

1. VeraCrypt

VeraCrypt is one of the best USB encryption alternatives for Windows. It also supports macOS and Linux. It uses 256-bit AES encryption, which is very strong and can’t be cracked by brute force. You don’t have to install it on your Windows PC, just download it to your USB drive directly.

  1. Download whichever is the latest stable release of the “VeraCrypt.exe” installer for Windows. In this case, we are downloading the Portable version.
Veracrypt.exe Installer Options On Official Webpage.
  1. Click the portable installer and follow the on-screen instructions that include extracting the installer files to a Windows folder.
Veracrypt Files Extracted To Windows Folder Location.

3. Click to launch the application from the Windows folder.

Veracrypt Application Launched From Windows 11 Folder.
  1. As soon as you see the home screen, select “Create new volume.” This will open a new pop-up window for VeraCrypt Volume Creation Wizard. Choose the “Encrypt a non-system partition/drive” option.
Encrypt A Non-System Partition Drive In Windows For Veracryptg.
  1. Select the removable media flash drive for volume location.
Encrypt Usb Drive Veracrypt Select Volume Location Flash Drive
  1. Choose your USB drive encryption option that varies from basic AES to advanced encryption standards, such as Serpent and Twofish.
Select Encryption Options In Veracrypt.
  1. After entering the volume size in MB, you will need to enter the password for the USB drive volume.
Enter The Volume Password For Usb In Veracrypt'S Volume Wizard.
  1. To change the password later, click “Volumes -> Select device.” This allows you to select your removable media USB drive, which then displays on the dashboard.
Select Partition Or Drive In Veracrypt Select Device Option.
  1. Select “Change volume password” for the USB drive.
Change Volume Password In Veracrypt For Usb Drive.
  1. Rename the password.
Encrypt Usb Drive Veracrypt Change Old New Password

Tip: USB ports not working? We have a few tips you may want to try that will help you fix the issue.

2. HasLeo BitLocker Anywhere

HasLeo BitLocker Anywhere is a third-party BitLocker solution that resembles the Windows Pro BitLocker. Apart from Windows Pro, it also supports all editions of Windows Home ranging from Windows 7, 8, 8.1, 10, and 11. This makes it very easy to use.

  1. Download and install the trial version of HasLeo BitLocker Anywhere.
  2. Head to the dashboard and right-click the drive letter to bring up the action menus.
Hasleo Bitlocker Anywhere Software Main Homescreen.
  1. You will see the “Turn on BitLocker” option as soon as you right-click on the USB drive.
Turn On Bitlocker With A Right Click In Hasleo Dashboard.
  1. Enter and confirm your passwords to encrypt the drive. You can also save advanced settings, such as 256-bit encryption.
Enter And Confirm Your Password In Hasleo Encryption Software.
  1. Wait for the USB encryption to complete.
Encrypting In Action In Hasleo Bitlocker Anywhere.

How to Decrypt Your USB Drive in Windows

After encrypting your USB drive, if you want to make it usable and sharable once again, you will need to decrypt it.

  1. If you’re using Windows BitLocker or a third-party BitLocker software, such as HasLeo, go to the BitLocker Drive Encryption folder.
  2. Click “Turn off BitLocker” in Device Manager.
  3. You will get a warning message as shown below. Click “Turn off BitLocker.”
Bitlocker Decrypt Warning Message While Turning Off Bitlocker For Usb Drive.
  1. Wait a couple of minutes for the USB decrypting process to continue. You should see a status percentage message.
Bitlocker Decryption Ongoing For Usb Drive.
  1. Once finished, you will see a “Decryption of the [USB] drive is complete” message alert. This means BitLocker has been disabled for the USB drive.
Decryption Complete Message For Bitlocker In Windows 10.
  1. If you’re using VeraCrypt, it has a “Permanently Decrypt” option that you can access from the top of the “Volumes” tab.
Permanent Decrypt Option In Veracrypt.

Tip: did you know that you can back up your data by creating a USB image? We show you how.

Frequently Asked Questions

What encryption does BitLocker use?

BitLocker has used the powerful 256-bit XTS-AES encryption mode since Windows 10 version 1511, which has continued all the way to Windows 11’s latest versions. It is impossible to break this with brute force attacks. With the improved algorithm, it also offers integrity support. Windows versions older than 1511 don’t have this new encryption mode. You can also use a lower 128-bit encryption standard with BitLocker.

Can you enable BitLocker with PowerShell?

PowerShell can perform many advanced functions, as it’s a full-fledged scripting interface. To enable BitLocker with PowerShell, open it in Administrator mode (provided you have the Windows Professional edition) and type the following:

$Pin = ConvertTo-SecureString "205020" -AsPlainText -Force
Enable-BitLocker -MountPoint "Drive Letter:" -EncryptionMethod Aes256 -Pin $Pin -TPMandPinProtector -UsedSpaceOnly

After entering a password, the encryption process should start automatically.

Can qn encrypted USB be hacked?

An encrypted USB created using BitLocker, VeraCrypt, or similar powerful tools can never be hacked by brute force attacks. However, encryption doesn’t protect your data and files from human error. Disclosing your password to unauthorized users can cause data breaches, so you should consider using a password manager.

Image credit: Pixabay. All screenshots by Sayak Boral.

Sayak Boral
Sayak Boral

Sayak Boral is a technology writer with over eleven years of experience working in different industries including semiconductors, IoT, enterprise IT, telecommunications OSS/BSS, and network security. He has been writing for MakeTechEasier on a wide range of technical topics including Windows, Android, Internet, Hardware Guides, Browsers, Software Tools, and Product Reviews.

Subscribe to our newsletter!

Our latest tutorials delivered straight to your inbox

Rate this post
Publicité
Article précédentLe club d’anime des Bucks est de retour en plein essor – The Centurion
Article suivantMeta ne veut pas contrôler le métaverse. Les enfants en paient le prix
Berthe Lefurgey
Berthe Lefurgey est une journaliste chevronnée, passionnée par la technologie et l'innovation, qui fait actuellement ses armes en tant que rédactrice de premier plan pour TechTribune France. Avec une carrière de plus de dix ans dans le monde du journalisme technologique, Berthe s'est imposée comme une voix de confiance dans l'industrie. Pour en savoir plus sur elle, cliquez ici. Pour la contacter cliquez ici

LAISSER UN COMMENTAIRE

S'il vous plaît entrez votre commentaire!
S'il vous plaît entrez votre nom ici