TL;DR is on this page, next pages will have more detailed instructions with pics. 1.Download and install the latest stable release of DiskCryptor from here: http://diskcryptor.net/wiki/Downloads/en 2. Select drive to encrypt 3. Choose encryption algorithm 4. If it's "C:" drive with Windows on it, install bootloader to HDD 5. Check "show password", and type your password in. Use one that is rated "Unbreakable" 6. Wait a while for the drive to encrypt (time depends on hard drive size and CPU. It will take at least a few hours) 7. When the drive is done, go to "tools", then select "backup header". Store this header in a secure location! 8. Yo shit is encrypted, Nigra! Remeber that as long as you're using the drive, it's mounted, and therefore unencrypted. Cut the power to the drive before your attackers reach the drive! 9. Official FAQ: http://diskcryptor.net/wiki/FAQ/en Bootloader options (Advanced shit you don't really need): http://diskcryptor.net/wiki/Bootloader/en

Greetings, NewBloods! This guide is designed to walk you through encrypting your hard drives with DiskCryptor. There are other options, such as TrueCrypt, Windows BitLocker, and FreeOTFE, but this guide will focus on DiskCryptor. PLEASE READ THIS WHOLE FUCKING THING BEFORE YOU ENCRYPT YOUR PRIMARY HARD DRIVE! I strongly recommend using this guide with a USB thumb drive instead of your primary drive FIRST, then after making sure you know how to do everything you should proceed to encrypting your primary hard drive. After downloading and installing, this is the screen you'll see (or something real close to it) if you only have one hard drive and a cd drive:

Your hard drive and dvd drive will be named something other than "VBOX". This was done inside a virtual machine (something we will go over at a later date). If you have more than one hard drive, you can encrypt all of them, one of them, or some of them; your choice. It would be a good idea to encrypt all of your hard drives, so that all of your data is protected from enemies. The reason it's best to encrypt all hard drives is because Windows doesn't really delete anything; the files are still there; yes, even if you empty the recycle bin! So an enemy only has to get access to an unencrypted drive that has at some point in the past been plugged in your machine to look through the "trash files" that you thought were deleted. By encrypting all drives, your attacker must first defeat the encryption on the drive before they can even access your trash files.

Alright, so you simply left click on the drive you want to encrypt. One thing I don't like about DiskCryptor is that the drive isn't highlighted when you select it; the way you know you selected the drive is the "Encrypt" option can now be selected.

Once you click on "Encrypt", you will see this menu. These are the encryption algorithm options. Why are there options? Why not just have the best algorithm? Because part of the way hard drive encryption is attacked is by knowing the encryption algorithm and the length of the password. Because DiskCryptor gives you multiple choices, the attacker must still guess which algorithm you're using, even if he knows you're using DiskCryptor. So, don't tell anyone what algorithm you use, and don't tell anyone how long your password is. Time is also a factor. If you suspect enemies are coming soon (in less than 24 hours), your best bet is for you to use AES, because it will encrypt the drive the fastest . If you have time to prepare, using one of the other algorithms will make it harder for attackers to steal your data.

Here are the options for wipe mode. Leave this alone. All of these options take too long, and if you're encrypting the whole drive, this option is largely irrelevant for most.

If the drive that you're encrypting is the one that has Windows on it (usually "C:" drive), then you'll see this option as well. I strongly recommend you select "Install to HDD". That option just sets your drive up so that it will ask for the password before you get to Windows. Selecting "Use external bootloader" requires you to put critical files onto a USB stick. If you lose that stick (or if you lose those files) you're fucked, NewBlood. You won't be able to boot that drive, but you might be able to get shit off of it with recovery software. No gaurantees, though. Why is that even an option, then? Because when you use an external bootloader, if you don't have the USB drive in the machine when it boots, the drive looks like it hasn't been formatted. In other words, "Plausible Deniability" that there's anything on the drive. Instead of using an external bootloader, I would recommend buying another hard drive or maybe even a big USB stick to put your super sensitive stuff on. A non-boot hard drive, once encrypted, will look just like an unformatted drive until you decrypt it. The reason the boot drive can't do that is because part of the drive (just the tip, Lulz) must be exposed so that the computer can say "Oh! That's the drive with Windows on it! I'll boot from there.", and then DiskCryptor says "Hold up! What's the password first?". Not a boot drive? Then it looks blank as far as Windows is concerned.

Now we have the password selection screen. As you can see in this example, I have selected "Show password" so that I can see what I'm typing to make sure I don't make mistakes. It goes without saying you shouldn't do this if someone else is nearby because then they would see your password. In this example, I use uppercase, lowercase, spaces, and half of the words aren't in the dictionary ("foar", "Teh", "Lulz"). This was only to demonstrate you don't need a super long string of random numbers, letters, and special symbols to have a good password; It just needs to be longer than 15 characters bare minimum. There will be a separate guide for passwords, but for now, length is the primary concern. If you can remember a 16+ character password with numbers and special characters, great! Just make sure the "Password rating" bar says your password is "Unbreakable".

Now our drive is encrypting. Don't worry about the time. It constantly changes. Unless it's very small, It will probably take a few hours, and the total time is dependent on: 1. Encryption algorithm chosen 2. Hard drive size 3. CPU 4. How the hard drive connects to the computer (USB, USB 2.0, USB 3.0 SATA, SATA II, SATA III, SCSI, FireWire, eSATA, etc) 5. Rotational speed of the hard drive (or whether it's SSD or not)

After the drive is done encrypting, you want to go to "Tools", then select "Backup Header". This is an important file, and is just in case the "table of contents" of the hard drive ever gets fucked (shit does sometime happen, NewBloods). Naming the file becomes real important if you have multiple hard drives and/or USB thumb drives; make sure you know which Backup header belongs to which drive. Now, because these Backup Headers can be used to speed up an attack on the drive, you need to keep the header in a safe place. Maybe on a flash drive at a friend's house, maybe buried outside, maybe hidden somewhere. You don't want your Backup Header to fall into your enemy's hands!

You're done, NewBloods! Once you restart, you should see the following screen:

Type your password, and Windows should boot right up! Okay, so you've encrypted your hard drives and your USB thumb drives. You're good, right? WRONG, NewBloods; very wrong. As long as the computer is running, the hard drive is "mounted" and therefore decrypted. If enemies should burst into your house at that moment, all they would have to do is make sure you don't power down your computer. Be prepared for this; get a surge protector with an off switch, and position it so that you can flick that switch at a moment's notice, cutting power to your computer should enemies force themselves into your home in an attempt to steal your data. This is also another good reason to keep your super sensitive stuff on some place other than "C:" drive. At the time this guide is being made, you can get a 16GB USB thumb drive for about $15.00 online, and you can get a 32GB USB thumb drive for about $27.00 online. This concludes our tutorial on hard drive encryption. We are Anonymous We are Legion We do not forgive We do not forget Expect us