Creating an encrypted file container using VHD files and BitLocker To Go

with 3 comments

With Windows 7 you can create encrypted container files without using any third-party tools.

For example you can create a file named importantdata.vhd which contains sensitive data which can only be opened with the correct password or with your smartcard.

These are the steps to create an encrypted container file:

• Open Disk Management MMC (Start – diskmgmt.msc – Return)
• Click Action – Create VHD
  
• Enter a filename for the VHD file and specify a size
  
• Right click on the newly created Disk in the list below and click “Initialize Disk”
  
• Click OK
  
• Right click on the unallocated space and select “New Simple Volume…”
  
• Follow and finish the wizard to format the volume

 

• Open BitLocker Drive Encyption Control Panel (Start – Bitlocker – Return)
  
• Click “Turn On BitLocker” right next to the newly created volume on the VHD file in the BitLocker To Go section
  
• Select “Use a password to unlock the drive” and specifiy a password. Alternatively you can also use a smartcard here.
  
• Save or print and store your password key to a secure space
  
• Click “Start Encrypting”
  
• BitLocker is now encrypting the VHD file
  

You have now created an encrypted VHD container file which you can attach to your pc or another Win7 pc via the Disk Management console.

Detach the encrypted VHD file

• Open Disk Management MMC (Start – diskmgmt.msc – Return)
• Right click onto the VHD Disk and select “Detach VHD”
  
• Click OK
  

Attach the encrypted VHD file

• Open Disk Management MMC (Start – diskmgmt.msc – Return)
• Click Action – “Attach VHD”
  
• Select the VHD file and click OK
  
• The BitLocker window will now open to prompt you for the password
   
  Enter the password and click “Unlock”

Easier and more convenient way to attach and detach the VHD

An easier way to attach and detach the VHD is to create a batch file which you can run by just double clicking it.
You will need to create 4 files for it.

Attach VHD

Attach_diskpart.txt

select vdisk file="c:importantdata.vhd"
attach vdisk

Attach.bat

diskpart /s "<fullpath to>Attach_diskpart.txt"

Now you can create a shortcut to the Attach.bat file in the Startmenu which you can just click to attach the file.

Detach VHD

Detach_diskpart.txt

select vdisk file="c:importantdata.vhd"
detach vdisk

Detach.bat

diskpart /s "<fullpath to>Detach_diskpart.txt"

Now you can create a shortcut to the Detach.bat file in the Startmenu which you can just click to detach the file.

Written by Wolfgang Unger

August 9, 2009 at 16:11

Posted in Windows 7