Do you use hard drive encryption?

[Pulseammo]

I've used bitlocker for years now and I've never noticed the overhead, both on hard drives or on SSD. I see absolutely no reason not to use it.

What if the encryption fails and you cant access your files or content etc?

You restore your backup. :> (Yes that is the **** eating grin emoji ).

 

[joey1211]

21 posts in and no mention of prawn? This place has changed

 

[koolpc]

I've used bitlocker for years now and I've never noticed the overhead, both on hard drives or on SSD. I see absolutely no reason not to use it.



You restore your backup. :> (Yes that is the **** eating grin emoji ).

What if the backups are corrupted! Lol

 

[Eddie99]

What if the encryption fails and you cant access your files or content etc?

Disable TPM if you use Bitlocker or just use something like Veracrypt. The encryption itself can't really fail, it's mathematics. There's a bigger performance hit with Veracrypt but it's unlikely you'd notice anything in real world use, only on the benchmarks.

Be careful not to forget the password though, if the police ever ask for it and you don't remember you can be sent to prison indefinitely. Veracrypt has feature called hidden volumes where it creates a hidden encrypted volume within an encrypted outer volume, and it's impossible to prove that the hidden volume exists. I'd suggest using that with a really simple outer volume password that you'll definitely remember.

 

[Pulseammo]

What if the backups are corrupted! Lol

Well it's a bad day for me... the backups are encrypted (but in a different way) also .

But in reality - I use restic and run an automated full check on the backup once a week, I'd need to be quite unlucky I think.

Not saying it couldn't happen though .

 

[aaronyuri]

What if the backups are corrupted! Lol

Have a backup of your backups! You would reserve this for precious data though - irreplaceable things.

In terms of the thread itself, encrypting portable devices is a no brainer in this day and age, and it's also a doddle to do.

There was a post here about storing your passwords in a password protected archive. Do not do this. If someone gains access to the archive, a brute force attack could eventually penetrate it as there is no limit to the number of attempts.

Just as general security posture, think passphrase not password:

For example, S3cur3#! is far less secure than yellowgorillawithanumbrella. Extreme length is much more important than complexity and comes with the added bonus of being significantly easier to remember.

 

[SimonRigga]

yellowgorillawithanumbrella.

Dammit how did you know my YouPron password?!?!

 

[aaronyuri]

Dammit how did you know my YouPron password?!?!

*Frantically tries to login to YouP using SimonRigga*
*Succeeds*
*Looks at favourites*
*Wishes I didn't*

Edit: she's doing WHAT with an umbrella and WHY IS THERE A YELLOW GORILLA??

 

[arknor]

Home no, because I'm not a nonce

 

[aaronyuri]

Home no, because I'm not a nonce

Yay, let's let everyone see everything because we have nothing to hide.

 

[Rabtech]

Desktop machine I don't bother, gaming laptop yes with bitlocker in case it gets stolen whilst working away.

 

[darael]

Using encryption on a desktop is absolutely pointless, unless you live in a shady area or with shady people that you don't trust.

I think it's on my laptop, because Windows 11 enabled it by default. But that doesn't have a password at login and the laptop seldom leaves the house, so again it's practically pointless.

 

[Eddie99]

Using encryption on a desktop is absolutely pointless, unless you live in a shady area or with shady people that you don't trust.

I think it's on my laptop, because Windows 11 enabled it by default. But that doesn't have a password at login and the laptop seldom leaves the house, so again it's practically pointless.

What if you had an expensive SSD that failed and went into read only mode, would you send the drive in for RMA if it had sensitive information on it? There's no way I would. If you used encryption you could just send the drive in no problem since they wouldn't have access to your data.

 

[darael]

What if you had an expensive SSD that failed and went into read only mode, would you send the drive in for RMA if it had sensitive information on it? There's no way I would. If you used encryption you could just send the drive in no problem since they wouldn't have access to your data.

Good point, but I've never had an SSD failed before it's warranty. In fact the only SSD I've had fail was an 840 EVO and the data was completely inaccessible. So I literally prised off the memory and controller chips and ran them through my paper shredder.

 

[andy_mk3]

I encrypt most things. My Unraid server is encrypted, Macbook and iPhone are. Haven't bothered on my gaming PC. I feel it's a near enough free layer of security if something gets stolen or whatever.

 

[Kobrakai]

Not since I read it can reduce drive performance by up to 45%, though maybe with modern nvme drives this isn't an issue?

 

[nightwish]

Bitlocker on all drives. If they get nicked, at least the crims ain't getting my data to steal my identity or blackmail me with!

 

[OverDrive]

I don't have it on my PC, I do use bitlocker on my personal laptop though. I have noticed no performance impact whatsoever on that. My work laptop is encrypted of course.

 

[Cyber-Mav]

I use sed drives for lower overheads
But media photos etc is not encrypted otherwise failed drive recovery is impossible

 

[Slogan]

Nothing particularly worth encrypting but was always put off by the performance hit that was mentioned, when it was an option. Does make more sense for portable devices whereby security may take priority over performance.