Linux Mac Windows

Encrypt Your USB Stick With Truecrypt 6.0

Mark O'Neill 20-07-2008

Last year I wrote an article on the benefits of encrypting your PC folders with Truecrypt and I also briefly touched on being able to encrypt your USB stick with Truecrypt. Well, the other day I received a nice new 2GB USB stick as a freebie and so I decided to install John Haller’s Portable Apps on it. But first I headed on over to the Truecrypt website to install the newly updated 6.0 encryption program.


Encryption is absolutely essential, especially if you’re the kind of person that carries their USB stick around as if it’s your car keys or your lipstick. USB sticks are so small that they are easily lost and they are also easily stolen. Just think of all the information that gets stored on one of these things. The British Ministry of Defence has lost 131 of them since 2004! A friend of mine constantly drops his in the street when he walks his dog and his dog keeps walking back to pick it up! So it definately pays to take the time and have encryption.

Also, look at it this way. If someone found your USB stick and it was unencrypted, they would have access to your Firefox browser (with access to your private bookmarks, including online banking), your private files, your portable FTP program (with the settings to your website), passwords, emails, IM contacts and much more. If the person was honest, it might not be so bad, but if the person wasn’t honest….well then it could be catastrophic for you. Identity theft would only be the start of your problems.

The only problem with using Truecrypt for your encryption though is that you need to have administrator privileges on the computer in which you’re plugging your encrypted USB stick into. So this would be no good for internet cafes for example. This would only be good if you were travelling between multiple trusted personal and work computers and you wanted insurance against theft or loss while travelling around.

OK, let’s get insured.

Step One – Download Truecrypt 6.0

The obvious first step. Head on over and download the encryption program. BUT since you are putting this on your USB stick, you do NOT install this anywhere. When you double-click the “exe” file, you will see this. Choose the second option. This will just unpack the files onto your computer and not install anything.


Encrypt Your USB Stick With Truecrypt 6.0 travellertruecrypt1a

When the files are unpacked, move the whole lot over to your USB stick. Once they are sitting on your USB stick, again don’t install anything. Just leave them there.

Step Two – Turn Truecrypt Into “Traveller Mode”

In your USB stick folder, double-click the “Truecrypt.exe” file and this opens up the main screen. Go to “tools” then “traveler disk setup”. That brings up this :

Traveller Mode


Change “create traveler disk files at” to whichever PC drive you have your USB stick in at the moment. Have the box underneath ticked. As to the Autorun configuration, well that’s down to personal preference so you decide. When you’ve done everything, press create. You’ll get a message a few moments later telling you that the traveler mode has been successfully created.

Step Three – Move Your Desired Programs Into Your USB stick

Now move your desired programs and files into your USB stick. As I said, I decided to put John Haller’s excellent PortableApps onto my USB stick. So I downloaded and moved all of them onto the USB stick next to the Truecrypt program as well as some documents. Notice we haven’t encrypted anything yet. That comes next.

Step Four – Create An Encrypted Area

OK, now we’re going to do the encryption. Go to the Truecrypt folder in your USB stick and double-click “Truecrypt Format.exe”. That brings up this screen.

Encrypt Your USB Stick With Truecrypt 6.0 truecryptvcw


Choose “create a file container” and follow these instructions from step 3 to make an encrypted container. I’m not going to go through it all here as it’s a long process. One important point though – do NOT fill up the whole USB stick. I would only make a container that fills up at most 75% of your USB stick. Leave the rest free and unencrypted. It’s always good to have some free space.

Before anybody points out option 2 which encrypts the entire USB stick, everyone I have talked to about this recommends that this shouldn’t be done because undoing it later is tricky and it can potentially mess up your USB drive. Doing it my way is better because a) you have some free space left for unencrypted files and b) if you don’t want Truecrypt anymore, you can just delete the whole lot. Much easier.

Step Five – Move The Programs Into The Encrypted Area

Encrypt Your USB Stick With Truecrypt 6.0 threefolders truecrypt

Once the encrypted container has been made, you will then have three things sitting in your USB stick – the folder with your programs / files, the folder with the Truecrypt application and the encrypted container you have just made. Now what you are going to do is move your programs and files INSIDE the encrypted container.


You do this by double-clicking “Truecrypt.exe” and “mounting” (choosing) on another drive, the encrypted container you have just made. This opens it up and unencrypts it. When it opens up, just drag your files and programs inside with your mouse. When you’re done, just dismount the container which closes it back up again and heavily encrypts it. No-one can get inside now without knowing the password. So I hope you chose a very good password!

Don’t forget to delete the programs and files which are sitting outside the encrypted container – the ones you just dragged inside the container are copies. If it reassures you, mount the container again, open it up and peek inside. You’ll see your files and apps inside all safe and sound.

Step Six – In Summary

So let’s recap what we’ve done here. We haven’t encrypted the whole USB stick. All we’ve done is put an encrypted container on the USB stick along with the Truecrypt encryption program to encrypt and unencrypt your files. If anyone was to steal the USB stick or find it (if you dropped it), all they would find on the drive would be an encrypted container which, without the password, is absolutely useless and unbreakable.

You also might want to put (on the unencrypted part of the drive) a text file with your name, email address and phone number so if a Good Samaritan were to come along, they would have a chance to do the right thing and return your property to you. A little incentive could also be mentioned depending on how desperate you are to get your property back.

Do you like to use any other encryption programs other than Truecrypt? What particular USB stick protection and detection methods have worked for you? Let’s hear about them in the comments!

Related topics: Encryption, Portable App, USB.

Affiliate Disclosure: By buying the products we recommend, you help keep the site alive. Read more.

Whatsapp Pinterest

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. alsen
    May 17, 2016 at 7:27 am


    I'd like to recommend Gilisoft USB Encryption. Converts a regular USB flash drive into a secured one in less than a minute, data on the protected area (Secure area) is encrypted by 256-bit AES on-the-fly encryption.

  2. captainjimkirk
    January 30, 2010 at 1:31 pm

    It is possible to do without admin rights or having the software installed on the PC. You just need to create a shortcut with elevated rights that points to the encrypted container on the USB. Ref:-

  3. Inquiring Mind wants to know
    January 28, 2010 at 4:10 pm

    This may get deleted- but reading this discussion made me do a new search for password protection of external devices and I found this for USB Secure. I am a consultant.. not assoicated with ANY company and have been seeking encryption & password protection solutions for my clients business data.

    USB Secure can password protect your USB drives. Protection is PC independent, doesn't require installation and doesn't require administrator rights at the other end. USB Secure works with all types of portable media like USB Flash drives, Thumb drives, Memory sticks, External drives and Memory Cards.

    4.5 stars on CNET - free trial only 30 USD- I will try it in addition to the TrueCrypts!

  4. Inquiring Mind wants to know
    January 28, 2010 at 3:51 pm

    Using TrueCrypt on 2 1TB External back-up drives & love it.
    I setup up 930 GB for backups and 1 GB for utilities (IT Admin) for a client.

    I am seeking a way to secure the crypts (if not the entire drive via password) from access or deletion by a clueless user or if the external drive were stolen or "lost & found" while in transit... smile.

    -I have a REWARD.txt to encourage finder to return.. however- I fear a "finder" may delete the crypt and use the drive. I am thinking if they cannot delete the crypt to use the drive- then they may seek the "no questions asked reward" and all data returned in good order.

    Thanks for a great discussion and all for any helpful suggestions!

  5. Kirk
    December 18, 2009 at 8:21 am

    format it the stick NTFS. Windows won't format anything over 4GB using Fat32 (really an obsolete file system).

    +1 for rohos. Great app, simple, no admin hassles. Truecrypt good for home/office machine but it's not coded with portability in mind. Don't get me wrong, there are ways to make it "portable", just not at the level of other crypto software out there.

    Nice write-up nonetheless.

  6. name
    December 17, 2009 at 8:20 am

    I got a 8 gb usb stick. The problem is I can only create 4 GB files in it. thefore I have to use 2 containers to get it to work. Is there a way I wouldn't have to split my container?

    • jimmy
      December 17, 2009 at 9:13 pm

      to the last poster, NTFS should fix your problem

      • name
        January 28, 2010 at 12:14 pm

        Yes but the truecrypt guide says that most of the drive goes to waste. I can't place a video file larger than 4 GB in the usb stick.

  7. sankt nikolaus
    November 7, 2009 at 3:17 pm

    Krass! Hätte ich garnicht gedacht...
    Weihnachtsmann Köln

  8. Encryption Software
    October 27, 2009 at 2:30 pm

    I put my college marketing presentation on my USB flash drive. As a typical college student, I have lost everything including my college ID and my room keys on several occasions, so I knew there was a good chance I would lose my USB flash drive as well. If it were to fall into the wrong hands, my marketing presentation could be used by someone else to secure my well-deserved A+, so I wanted to make sure that was not the case. TrueCrypt encrypted all 2 GB of my presentation and made me feel much more secure.

  9. ERICP
    February 19, 2009 at 4:42 pm

    Just a note, for people with usb's larger than 4 gig you will need to make it NTFS before you run this procedure.


  10. Bradley
    January 12, 2009 at 6:27 am

    Great article! I have followed the instructions to create a 15 GB container on my 32 GB drive. This way I can store a ton of docs, pictures, music, and software. I also use TrueCrypt on my home PC. I have used Rohos but found the 1 GB size limit to be a real drag. The only con about TrueCrypt travel mode is needing to have the admin rights; not so much for me because I am admin on all machines I work with daily - but if I ever needed to access my data from a PC I didn't have admin rights on, this would be a real pain.

  11. car los
    September 5, 2008 at 4:00 pm

    My pc at work won't even let me open up trucrypt.exe, it tells me I am not an admin. I guess trucrypt has to have admin privs in order to run. that defeats the purpose of having a "travel mode".

  12. Nunya Bizniz
    September 2, 2008 at 10:10 am

    Is there ANYTHING like TrueCrypt that is just as good on a USB key, but without the admin rights problem? I need a TrueCrypt traveller mode alternative app that is self contained and no admin rights since I don't have admin rights at work.

    • Rob
      September 5, 2008 at 3:39 pm

      Nunya, check out Rohos for encryption without Admin rights: It's free, but has a limit of 1GB in size.

      • orb9220
        March 29, 2009 at 6:13 pm

        The paid version doesn't have the 1 gig limit.

      • zeiss
        April 14, 2009 at 2:39 pm

        it's now a 2GB limit for the free version.

  13. sandy
    August 31, 2008 at 4:21 am

    is it possible for someone who gets hold of ur USB to just delete the container? or is the container hidden?

    • Mark O'Neill
      August 31, 2008 at 7:33 am

      No, the container isn't hidden so yes the container can be deleted. But at least they weren't able to access the container first to read your files. Yes they may delete the container but everything inside it hasn't been compromised.

      If your USB stick is stolen, the worst that can happen is that you lose a USB stick. You don't have to worry that someone is reading your files, looking at your browser bookmarks, copying your passwords, etc.

  14. BDS
    August 17, 2008 at 3:41 am

    This is a great discussion about TrueCrypt usage. Just thought I would put in a summary list of the pitfalls of using TrueCrypt on a USB stick:
    -Always add sensitive data to the encrypted (mounted) drive. Anything in the unencrypted area may be recoverable even if deleted.
    -Use a strong password. At least 10 characters (20+ if possible), Upper case, lower case, numbers, special characters, etc...
    -This method only protects your USB stick from being read if lost or stolen. Never open your encrypted files on a computer you don't trust. Once TrueCrypt opens your encrypted files, they are open to all the standard risks of virus infection, spyware, keyloggers, etc...

  15. Anonymous
    August 3, 2008 at 8:09 pm

    Great tutorial but Truecrypt is a cracker's best friend, why bother breaking the encryption when you can just launch a brute force password cracker against the truecrypt GUI, crack the password and it decrypts it for you. If you don't get what I am saying then think of it this way, instead of wasting time and a super computer to break the encryption you can use a home computer and break the password in a few hours with for software like John the Ripper.

    • Mark O'Neill
      August 4, 2008 at 4:12 am

      That depends on whether the USB stick owner was stupid enough to use a short dictionary word. On the other hand, if the USB stick is encrypted with a 45 character password of lower case, upper case, numbers and other characters, your home computer will spend the several years going through the possible combinations. Good luck with that. Let me know when you're finished.

      • AskTheAdmin | Karl Gechlik
        August 4, 2008 at 9:42 am

        Snarky yet true :)

        My favorite kind of comments...

  16. tom markham
    July 31, 2008 at 12:28 pm

    Thank you for a detailed explanation. My dilemma is probably more mundane: I'm trying to decide whether to guard my files (specifically passwords and QuickBooks), and don't know the most secure version - using something like "Sandboxie" or your encrypted USB drive. I am self-employed with admin. access on all computers.
    If I use the encrypted USB method to run QuickBooks, how will I know that files I create are not created or mirrored to my un-encrypted disk?
    If these questions seem un-educated, it is only because they are.

  17. jumanji
    July 23, 2008 at 5:57 am

    Hey, I use truecrypt for a quite a while, I like this software, it's very reliable, and I haven't had any issues with that, except I forgot my loooong (64 chars) password...
    However, today I decided to make something that you explained but with different approach...

    I'd like to make two partitions on my usb, one about 128 mb, second one 3,7 gb.

    first (128) will contain traveler disk with truecrypt, second partition would be encrypted.

    However, since I am struggling with converting second partition into true crypted, I wonder whether it's possible at all?

    any ideas?



  18. joe
    July 22, 2008 at 7:22 pm

    I download Truecrypt from link on this page and installed it, required reboot. After reboot my computer OS windows xp home become unstable, broke, several error message displays. When I click to open Webbrowser, no respond, can not open other software, so I tried to do system restore. It won't allow me to do system restore. Now, I have to use linux live to post this message. Be careful before install software from link in this web page.

  19. jeffrel
    July 22, 2008 at 11:59 am

    on Step Two - Turn Truecrypt Into “Traveller Mode”
    In your USB stick folder, double-click the “Truecrypt.exe” file and this opens up the main screen. Go to “tools” then “traveler disk setup”.

    - got an error on this, it says ->>

    "The process cannot access the file because it it being used by another process"

    i cannot create the file, using the exe on the usb stick, but when i choose to the exefile from the extracted folder -- it works!!

    • Tommy
      February 10, 2009 at 6:52 pm

      I had the same problem. It seems to happen if you have placed the various Truecrypt files (including Truecrypt.exe) into a folder on the USB drive, rather than at the top level of the drive itself. Move the files out of the folder and up to the root of the USB drive and you'll be able to run the Truecrypt.exe on the USB without seeing the "...process cannot access..." error.

  20. 800HighTech
    July 21, 2008 at 9:35 am

    Great Article, some really useful advice....well all have sensitive data that we need to carry around sometimes.

  21. Gregory A. Blake
    July 21, 2008 at 9:33 am

    * You need administrator privileges in order to able to run TrueCrypt in 'traveler' mode.

    That's a big problem if you ask me...I'm often at computers without admin rights...your encrypted data on your usb stick is then useless in that case...keep that in mind!

    • Mark O'Neill
      July 21, 2008 at 9:38 am

      That's why I said that this would only be helpful if you were travelling between personal and work computers (which you had admin rights on) and you wanted some insurance in case you lost your USB stick or you had it stolen.

      A lot of people are self employed and have more than one computer in various locations.

  22. Some More Ron
    July 21, 2008 at 7:20 am

    Instead of a text file saved to your usb stick, try this:
    Open wordpad
    Type this:
    icon = \myicon.ico
    label=your name here (Cell123.456.7890)

    Save it as 'autorun' on your stick.
    Where icon= pick an icon and save it to the same location as your autorun file.
    Every time your stick gets plugged into a computer, it will be labeled with your name and contact number.

    • zeiss
      April 14, 2009 at 3:32 pm

      this seems more useful if it could popup a dialog or something. merely naming the drive with your name and ph# is subtle if you are not looking for it, and it will get old quick on your own computer to have your drive with your name instead of a more meaningful description. i put this info on the outside of my drive with an adhesive label.

  23. oelewapperke
    July 21, 2008 at 4:17 am

    I do hope everybody realises this protects against exactly 1 thing : loosing your stick.

    Any pc YOU insert the stick into in order to use it can access any and all information. So if you want to keep stuff secret from, say your employer, this advice is worthless, and the security zero.

    Just a batch file, a registry entry, and the stick will be copied upon being made accessible through truecrypt. Nothing you can do about it either. Or one could even just save the password and the encrypted file.

    And this is horribly bad advice since it will make people think data that is trivially simple to crack is secure.

    • Mark O'Neill
      July 21, 2008 at 4:47 am

      I'm sorry but you're wrong. Your information is secure inside the encrypted container and without the password, no-one can access it. I tested it on another computer before posting this article and I got someone else to try it. They were unable to crack the password.

      • TK
        May 22, 2009 at 4:27 pm

        Commenter oelewapperke is right: If you insert the USB stick into an untrusted computer, AND you enter your password to access the TrueCrypt data, THEN at that point that untrusted computer might copy all your private files and/or keylog-capture your TrueCrypt password.

        The point he's making is that the main security your method provides is that if someone finds/steals your stick, you're safe. But as soon as you use (i.e. including entering your password to actually make use of your encrypted files) the stick in an untrusted computer, you have no protection at all against that computer stealing your data (unbeknownst to you).

        So, you should not get too comfortable that you now have "full security." Mostly you just have security if a random person steals your stick. But since you don't actually BOOT from the stick, you're at the mercy of the foreign computer.

        Fuller security would involve actually booting from your stick. Then you would be using your own (trusted) environment rather than a foreign (possibly compromised) one. At that point you're just vulnerable to physical keylogger combined with physical theft of your stick.

  24. Det
    July 21, 2008 at 1:14 am

    Hey Mark,

    It's a very bad idea to first copy your files onto die usb-disc, then create the TC-container and at least copy/move those files into the container!
    The File-System on your USB-Drive won't delete your personal files securely - in fact, they are really easy to recover.

    So your way should be:
    * Install TC in traveller-mode on the USB-drive
    * create the TC-Container
    * move your file DIRECTLY from your HDD into the container; no messing around with saving any sensitive data to the thumbdrive!!

    Cant't be too paranoid :)


    • Mark O'Neill
      July 21, 2008 at 4:49 am

      Actually you've got a point. Move the files directly from the hard drive into the encrypted container. Never thought of that. Good one.

  25. BradB
    July 21, 2008 at 12:24 am

    Hi I like your post. I'll go ahead and copy it on my blog but better.

  26. Christian Schmidt
    July 20, 2008 at 11:53 pm

    I have to say, first off I absolutely love TrueCrypt. I have gone a little bit more technical with my USB TrueCrypt setup but after the initial setup it works like a charm. I obtained a fixed drive driver and modified it to accept my USB Stick as a Fixed Drive as opposed to a Removeable drive. This then let me re-partition it via Windows. Essentially on my 2GB USB Drive I have a 50mb Partition and a 1.95gb partition. I then used TrueCrypt to encrypt the 1.95gb partition (Actual partition not a container) and in my 50mb partition I copied TrueCrypt and my USB Drivers. That way, if someone came off the street and picked it up they would find a 50mb USB Stick with a TrueCrypt Folder and a USB Driver folder and until they loaded the USB driver and unencrypted the other partition would not find any of my data. I haven't personally found any issues with this method and would be happy to explain how to do it if needed.

    • melaos
      July 21, 2008 at 2:52 am

      hi Christian,
      your method sounds interesting, can you share it?

  27. Simon
    July 20, 2008 at 6:58 pm

    Nice USB-stick, Mark ^^

  28. Clancolin
    July 20, 2008 at 5:46 pm

    I like the idea of this, but this walk-through seems to miss out some steps.

    I may be being thick here, by why install portable apps outside the encrypted file and then move it inside? Why not just install into the encrypted file (section) while that file is open and unencrypted?

    Also what does this mean "You do this by double-clicking “Truecrypt.exe” and “mounting” (choosing) on another drive the encrypted container you have just made."? My usb stick is Drive J. When I get to this step, all I have are drive letters K to Z.

    I'll look back later to see if there is any clarification.

    • Mark O'Neill
      July 20, 2008 at 7:26 pm

      "why install portable apps outside the encrypted file and then move it inside? Why not just install into the encrypted file (section) while that file is open and unencrypted?"

      That's true - you could just download directly to the USB stick.

      “You do this by double-clicking “Truecrypt.exe” and “mounting” (choosing) on another drive the encrypted container you have just made.”?

      When you make an encrypted container, you have to open it to move your files inside. To open it, you have to attach it to another one of your drives on your PC. You're right, that isn't very clear. I'll rephrase the article. Thanks.

  29. Rarst
    July 20, 2008 at 1:56 pm

    Most of my flash drive is occupied with "software" folder that has bunch of portable (or simply needed often) stuff.

    Trick is - it is only a mirror of folder I have on my HDD. Every time I launch sync process at my home PC everything on flash drive is brought to mirror local folder. So all stuff like possible logs and such gets wiped and I always have latest set of portables (drivers, setups, AV updates, etc) without much hassle.

    So my best advice to prevent losing data via flash drive - only have data that you may lose there.