Do you use hard drive encryption?

I've used bitlocker for years now and I've never noticed the overhead, both on hard drives or on SSD. I see absolutely no reason not to use it.

What if the encryption fails and you cant access your files or content etc?

You restore your backup. :> (Yes that is the **** eating grin emoji :p).
 
I've used bitlocker for years now and I've never noticed the overhead, both on hard drives or on SSD. I see absolutely no reason not to use it.



You restore your backup. :> (Yes that is the **** eating grin emoji :p).

What if the backups are corrupted! Lol
 
Last edited:
What if the encryption fails and you cant access your files or content etc?
Disable TPM if you use Bitlocker or just use something like Veracrypt. The encryption itself can't really fail, it's mathematics. There's a bigger performance hit with Veracrypt but it's unlikely you'd notice anything in real world use, only on the benchmarks.

Be careful not to forget the password though, if the police ever ask for it and you don't remember you can be sent to prison indefinitely. Veracrypt has feature called hidden volumes where it creates a hidden encrypted volume within an encrypted outer volume, and it's impossible to prove that the hidden volume exists. I'd suggest using that with a really simple outer volume password that you'll definitely remember.
 
What if the backups are corrupted! Lol
Well it's a bad day for me... the backups are encrypted (but in a different way) also ;).

But in reality - I use restic and run an automated full check on the backup once a week, I'd need to be quite unlucky I think.

Not saying it couldn't happen though :D.
 
What if the backups are corrupted! Lol
Have a backup of your backups! You would reserve this for precious data though - irreplaceable things.

In terms of the thread itself, encrypting portable devices is a no brainer in this day and age, and it's also a doddle to do.

There was a post here about storing your passwords in a password protected archive. Do not do this. If someone gains access to the archive, a brute force attack could eventually penetrate it as there is no limit to the number of attempts.

Just as general security posture, think passphrase not password:

For example, S3cur3#! is far less secure than yellowgorillawithanumbrella. Extreme length is much more important than complexity and comes with the added bonus of being significantly easier to remember.
 
Desktop machine I don't bother, gaming laptop yes with bitlocker in case it gets stolen whilst working away.
 
Last edited:
Using encryption on a desktop is absolutely pointless, unless you live in a shady area or with shady people that you don't trust.

I think it's on my laptop, because Windows 11 enabled it by default. But that doesn't have a password at login and the laptop seldom leaves the house, so again it's practically pointless.
 
Last edited:
Using encryption on a desktop is absolutely pointless, unless you live in a shady area or with shady people that you don't trust.

I think it's on my laptop, because Windows 11 enabled it by default. But that doesn't have a password at login and the laptop seldom leaves the house, so again it's practically pointless.
What if you had an expensive SSD that failed and went into read only mode, would you send the drive in for RMA if it had sensitive information on it? There's no way I would. If you used encryption you could just send the drive in no problem since they wouldn't have access to your data.
 
What if you had an expensive SSD that failed and went into read only mode, would you send the drive in for RMA if it had sensitive information on it? There's no way I would. If you used encryption you could just send the drive in no problem since they wouldn't have access to your data.
Good point, but I've never had an SSD failed before it's warranty. In fact the only SSD I've had fail was an 840 EVO and the data was completely inaccessible. So I literally prised off the memory and controller chips and ran them through my paper shredder. :D
 
Last edited:
I encrypt most things. My Unraid server is encrypted, Macbook and iPhone are. Haven't bothered on my gaming PC. I feel it's a near enough free layer of security if something gets stolen or whatever.
 
I don't have it on my PC, I do use bitlocker on my personal laptop though. I have noticed no performance impact whatsoever on that. My work laptop is encrypted of course.
 
Nothing particularly worth encrypting but was always put off by the performance hit that was mentioned, when it was an option. Does make more sense for portable devices whereby security may take priority over performance.
 
Back
Top Bottom