DiskCryptor is a free whole disk encryption program for Windows. It supports encrypting internal and external drives, the system partition, and even ISO images.

A handy feature in DiskCryptor lets you pause an encryption and resume it at a later time or even on a different computer.

More About DiskCryptor

DiskCryptor supports a wide variety of encryption schemes, operating systems, and file systems:

This review is of DiskCryptor version 1.1.846.118, which was released July 09, 2014. Please let us know if there’s a newer version we need to review.

  • Can be installed on Windows 11, Windows 10, Windows 8, Windows 7, Windows Vista, Windows XP, and Windows 2000
  • Windows Server 2012, 2008, and 2003 are also supported
  • DiskCryptor supports common file systems like NTFS, FAT12/16/32, and exFAT
  • It supports AES, Twofish, and Serpent encryption algorithms
  • One or more keyfiles can be used to increase security. DiskCryptor supports using a custom file/folder and/or randomly generated file as a keyfile for added protection. If you choose this option, you don’t have to create a password, though you can for even more security

DiskCryptor Pros and Cons

Aside from a lack of official documentation, there’s little not to like about DiskCryptor:

How to Encrypt the System Partition Using DiskCryptor

Whether you need to encrypt the system partition or one from any other hard drive, the method is nearly the same.

  • Encrypts external devices as well as internal ones.

  • Can encrypt more than one partition simultaneously.

  • Works with dynamic disks and RAID volumes.

  • Supports pausing an encryption to reboot or transfer the drive to another computer.

  • Can automatically dismount volumes on logoff.

  • Has a major bug (see #5 below).

  • No update since 2014.

  • Not very many help files/documentation.

Here’s how to encrypt the system partition with DiskCryptor:

Before encrypting the system volume, it’s recommended to create a bootable disc that can decrypt the partition in the event you can’t access it for some reason in the future. See more about this on DiskCryptor’s LiveCD page.

  • Select the system partition.
  • It can be hard to see if you’ve selected the right drive, but since it’s the system partition, it will say sys to the far right and should have a larger size than the other ones. If you still aren’t sure, double-click the name of the drive to open it in Windows Explorer and view its files.
  • Click Encrypt.
  • Choose Next.
  • This screen is for choosing encryption settings. Leaving it at default is just fine, but you do you have the option to change the encryption algorithm DiskCryptor uses.
  • The Wipe Mode section of this screen is for clearing all the data from the drive (identical to a hard drive wipe) before encrypting it, something you certainly don’t want to do for the system drive, so it can remain as None. See this list of data sanitization methods to learn about these wipe modes.
  • Click Next.
  • This section is for configuring bootloader options. If you’re interested in this, see DiskCryptor’s information on these options.
  • Enter and confirm a password.
  • The more complex of a password you enter, the higher up the Password Rating bar will go—anywhere from Trivially Breakable to Unbreakable. Refer to this indicator while you’re entering a password to know if you should adjust it. Passwords can be alphabetical (upper or lower case), numerical, or a mix of both.
  • Selecting a keyfile on this screen will make it impossible to boot back into Windows! Whether you do or don’t enter a password on this screen, if you add a keyfile, you will NOT be able to log back into Windows. If you were to select a keyfile, DiskCryptor would seemingly ignore your decision during boot up by not asking for it, which results in a failed authentication, which in turn means you can’t proceed past the password checkpoint.
  • Keyfiles are fine to use for any other volume, just make sure you don’t use them when setting up encryption for a system/boot partition.
  • If you’re ready for the encryption process to start, click OK.

Thoughts on DiskCryptor

Despite the fact that there isn’t much documentation (found here), DiskCryptor is still very easy to use. Accepting the default values all the way through the wizard will encrypt a partition without any problems.

Select the system partition.

It can be hard to see if you’ve selected the right drive, but since it’s the system partition, it will say sys to the far right and should have a larger size than the other ones. If you still aren’t sure, double-click the name of the drive to open it in Windows Explorer and view its files.

Click Encrypt.

Choose Next.

This screen is for choosing encryption settings. Leaving it at default is just fine, but you do you have the option to change the encryption algorithm DiskCryptor uses.

The Wipe Mode section of this screen is for clearing all the data from the drive (identical to a hard drive wipe) before encrypting it, something you certainly don’t want to do for the system drive, so it can remain as None. See this list of data sanitization methods to learn about these wipe modes.

Click Next.

This section is for configuring bootloader options. If you’re interested in this, see DiskCryptor’s information on these options.

Enter and confirm a password.

The more complex of a password you enter, the higher up the Password Rating bar will go—anywhere from Trivially Breakable to Unbreakable. Refer to this indicator while you’re entering a password to know if you should adjust it. Passwords can be alphabetical (upper or lower case), numerical, or a mix of both.

Keyfiles are fine to use for any other volume, just make sure you don’t use them when setting up encryption for a system/boot partition.

Selecting a keyfile on this screen will make it impossible to boot back into Windows! Whether you do or don’t enter a password on this screen, if you add a keyfile, you will NOT be able to log back into Windows. If you were to select a keyfile, DiskCryptor would seemingly ignore your decision during boot up by not asking for it, which results in a failed authentication, which in turn means you can’t proceed past the password checkpoint.

If you’re ready for the encryption process to start, click OK.

However, as is mentioned above, the keyfile and password combo issue is extremely important to realize. Missing that small bug will unfortunately render your files inaccessible. It’s understandable that using a keyfile may not be supported when encrypting a system partition, but it’d still be very helpful if DiskCryptor either disabled the feature on that particular screen entirely, or at least displayed a warning.

There are some things we do like about DiskCryptor, though, like being able to encrypt multiple volumes at once, which is extremely useful considering the time it takes to complete just one, and allowing an encryption to be paused. When pausing an encryption, you can even remove the drive and insert it into another computer to resume it, which is really cool.

Also, keyboard shortcuts to mount and dismount encrypted volumes are very handy so you don’t have to open DiskCryptor every time you want to do so. These can be configured in the Settings > Hot Keys menu.

Get the Latest Tech News Delivered Every Day