Better safe than sorry: 5 apps for encrypting and shredding files

Better safe than sorry: 5 apps for encrypting and shredding files

If you want to protect sensitive data -- especially if you’re sending it via email or via an online service -- one of these programs can help.

While safeguarding personal and business data has always been important, the necessity for maintaining digital privacy has become even more vital as more of our records are digitized.

People are starting to realize that passwords alone aren't enough. Even with password protection, anything on your computer can potentially be viewed by an enterprising hacker. And if your computer is lost or stolen, its hard drive can be removed and connected to a new computer, revealing its secrets. To be safer, encryption is the way to go. These days, the accepted standard for encryption is the Advanced Encryption Standard (AES) algorithm with a 256-bit key.

Once encrypted, there's only one way to get the original file back: Enter the correct password and the file reappears several seconds (sometimes minutes) later. Use the wrong password and you get nothing.

You also need to be especially careful when you get rid of a system or a hard drive. It's not enough to simply reformat the hard drive. As most computer-savvy users know, when you delete a file, all that is actually removed is the File Allocation Table (FAT) entry that the computer uses to track of what's on the drive. The underlying data remains intact until that part of the drive is overwritten with a new file.

A military-grade shredder, such as those that meet the Department of Defense's 5220.22M standard, starts by removing its FAT entry from the system's drive and then randomizes the underlying data on the drive where the file was stored. In other words, it's completely unrecoverable.

If your system is equipped with the Pro or Enterprise version of Windows 8.x or Windows 10, you're already set -- you're equipped with Microsoft's BitLocker, which encrypts full volumes with the 128- or 256-bit AES cypher. By the same token, Apple's Mac OS 10.7 or later includes FileVault 2, which can encrypt a system's image with 128-bit XTS AES protection.

However, if you use a different version of these operating systems -- or if you want to encrypt only specific folders or files rather than the entire drive -- there are other resources. For this roundup, I looked at five programs that can encrypt the files and folders you want to keep and shred those you don't: CryptoForge Encryption Software, Inv Softworks Kryptel, Kakasoft Advanced Folder Encryption, Kruptos 2 Professional and QuickCrypto. (All of the packages support Windows PCs; only Kruptos 2 Professional supports Macs.)

There's a lot of variation in these five programs -- mostly involving speed, level of customization and whether or not you can recover a lost or forgotten password. When it comes to shredding, the best let you choose how many passes the program makes, making the safety of your data even more certain.

How I tested

Using an HP Elitebook Folio G1, I ran tests on a batch of ten files (including .DOC, .PDF, .XLS, .WAV, .WMV and .PPT formats); together, they totaled 140MB. I ran them both from the computer's drive and from a Lexar 16GB USB thumb drive.

I used a stopwatch to time how long it took to encrypt the files using AES encryption with a 256-bit key. When encrypting, I used the same password for all the folders and files. I then searched for one of the encrypted files and made sure it couldn't be opened without the password. I used the stopwatch to time how long it took to decrypt the files and noted any problems with the decrypted files.

I also encrypted and decrypted a single 1.3GB video (.MP4) file and timed those operations.

Finally, I tested each program's shredding capabilities by timing how long it took to destroy the video file. For those applications that allowed me to control the number of passes, I set the parameter to 5. I then checked to see if the file was gone.

CryptoForge Encryption Software

CryptoForge offers four different encryption techniques with keys as long as 448 bits. Interestingly, though, it provides only one way to encrypt and shred files: Through Windows File Explorer.

At $40 for a single user, CryptoForge gives you a nice choice of encryption formats: Blowfish (448-bit key), AES (256-bit key), Triple DES (268-bit key) and Gost (256-bit key). It works on systems running Windows XP and later.

cryptoforge files

CryptoForge offers four different encryption techniques.

CryptoForge took about two minutes to download and install. Once installed, I found it a little confusing because it's actually made up of four apps -- and doesn't offer a common interface. These apps include:

  • Files for encrypting, decrypting or shredding files as well as changing CryptoForge's settings.
  • Text for writing and encrypting notes.
  • Updater for -- well, for updating the software.
  • Decrypter for enabling encrypted files to be opened on another PC that doesn't have CryptoForge installed (as long as you have the password).

It only took me a minute to use the Files app to set up 256-bit AES encryption, along with my shredding parameters. You just right-click on a file or folder in File Explorer to select it. Then using the drop-down menu, you click on Encrypt, Decrypt or Shred to start the process.

Each time you create a password for an encrypted file, CryptoForge judges its strength with a color-coded bar. Oddly, my password was rated as green (pretty good) by CryptoForge but only adequate with Kruptos and mediocre with QuickCrypto.

CryptoForge keeps the passwords you set for your encrypted items in a separately encrypted file, which can be recovered if you forget them. This can be handy, although it's more secure if your encryption program doesn't allow you to recover lost passwords.

CryptoForge uses the DoD 5220.22M technique for shredding data. You can adjust it for between one and 99 passes. The program warns you that the items will be permanently deleted.

Test results

Don't get CryptoForge if you're in a hurry. Using 256-bit AES encryption, the program was the slowest of the five reviewed here, taking 21.9 seconds to encrypt the batch of ten files from the desktop and 5.3 seconds to decrypt them. Using a USB thumb drive, it took 2 minutes, 23.4 seconds to encrypt and 1 minute, 7.7 seconds to decrypt the files.

It encrypted the 1.3GB video file in one minute, 31.4 seconds and decrypted it in 16.6 seconds. Finally, CryptoForge took 59.9 seconds to shred the video file with five passes.

Bottom line

I applaud CryptoForge for the freedom of choice it offers: Four encryption techniques and the ability to pick how many shredding passes the software makes. On the other hand, I would have preferred it to allow you to encrypt files within its interface rather than just using the File Explorer. In addition, a little more speed wouldn't hurt.

Inv Softworks Kryptel

Inv Softworks' Kryptel not only provides four different encryption methods but has wizards that make it easier to encrypt files or make them vanish.

Kryptel can be used on systems with Windows Vista and later. In addition to a free version that just shreds and encrypts files, the Standard Edition ($30), which was the one reviewed, can save encrypted backups and be run from a USB drive. The Enterprise Edition ($40) adds a command line interface and 64-bit operations, if your computer supports it.

kryptel virtual kb

Kryptel has an encrypted on-screen keyboard that can keep your passwords secret.

Downloading and installing the program took me about two minutes. When I started it up, it asked if I wanted to use any of its wizards for encrypting, decrypting or shredding files and folders. These step-by-step sequences are ideal for those who have never used encryption before and want the process simplified. Other users can dive right into the program.

There are actually two ways to use Kryptel. You can select items from Kryptel's built-in browser window, or you can right-click on anything in the Windows File Explorer and then select encrypt, decrypt or shred. Kryptel encrypts files and folders, but not full drives or disk volumes.

Every time you enter a password, Kryptel gives you its opinion of how secure that password is with a color code (red to green) and also rates it weak, mediocre or good; if you need one, there's a primer on passwords in the Help section. In my case, the same password that got a green rating by CryptoForge was judged mediocre by Kryptel. The program doesn't have its own extension for encrypted files and can't recover a lost password.

Kryptel's default setting is for 256-bit AES encryption, but it also offers Blowfish (576-bit key), Twofish (256-bit key), Serpent (256-bit key) or Triple DES (168-bit key). It's on a par with CryptoForge in the variety of algorithms available, but the 576-bit key option is potentially the most secure of all the software reviewed here.

Like the others, Kryptel's shredder uses the DoD 5220.22M algorithm that randomizes the underlying data. You can choose to have it do between one and nine passes.

If you suspect that a keylogger or password sniffer has been placed on your computer, Kryptel has an encrypted on-screen keyboard that can keep your passwords secret.

Test results

Kryptel took 11.6 seconds to encrypt and 3.1 seconds to decrypt my group of ten files from the desktop. It took 51.8 seconds and 46.9 seconds, respectively, to do the same thing from a USB thumb drive.

Its ability to work with the 1.3GB video file was about equal to Kruptos, although it was faster at encrypting and slower at decrypting the file. With its shredder set to make five passes, it destroyed the 1.3GB video file in 32.7 seconds.

Bottom line

By guiding new users through the process of encrypting, decrypting and shredding files, Kryptel wizards are great tools for anxious encrypters; in addition, the program has an excellent variety of algorithms available.

Kakasoft Advanced Folder Encryption

Kakasoft's Advanced Folder Encryption isn't as flexible as some of its competitors -- it offers only AES encryption with a 256-bit key and the Department of Defense's 5220.22M shredding standard (with what it calls "several" passes). However, the program has at least one advantage: It lets you encrypt an entire drive.

It is free to download and use; there is also a licensed $30 version (which is the one that was reviewed). The two are essentially the same, except the full version has a feature called the Restore Center, which lets you change the password of an already encrypted file. It works with Windows versions starting with 2000.

advanced folder encryption interface

Kakasoft's Advanced Folder Encryption has its own easy-to-use interface.

Advanced Folder Encryption took less than a minute to download and install on my test bed. The program's interface runs on half the screen, which doesn't give you a lot of space to work with if you have a lot of files to encrypt or shred. Alternatively, you can right-click on any item in the File Explorer or drag an item into the interface to get things started. At that point, you can encrypt, decrypt or shred files.

Other than picking a skin to change the program's look or the icon you want the program to use to identify encrypted files, there's not much to customize or adjust. All encrypted files have a .KFE extension. There are three settings: Normal (hides and locks, but doesn't encrypt the file), High (scrambles the data and encrypts the file name) or Highest (full AES encryption). If you use the Normal setting, the program can recover a lost key -- which can be good or bad, depending on how secure you want the encryption to be. On the other hand, as you increase the security setting, speed of operation will drop.

Unlike some of the other applications reviewed here, such as Kruptos and QuickCrypto, when you enter a password to encrypt a file, the program doesn't rate its strength.

Advanced Folder Encryption doesn't encrypt email attachments or have a file decryption app for use at the recipient's end. On the other hand, it can encrypt full drives, which most of the competition can't.

Test results

Using the program's highest setting, Advanced Folder Encryption encrypted the batch of ten files in 7.6 seconds and decrypted them in 5.8 seconds. It was able to do the same to and from a USB thumb drive in 52.8 and 45.9 seconds.

It encrypted and decrypted the 1.3GB video file in 21.7 and 17.2 seconds, respectively, and shredded the file in 16.9 seconds.

Bottom line

If you're the type who doesn't like fiddling with controls or tweaking a program's settings, yet want data protection, Advanced Folder Encryption delivers with the ability to secure or shred a file, folder or an entire drive.

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

More about AdvancedAdvanced Encryption StandardAppleDigital DefenseDropboxEncryption SoftwareGoogleHPLexarMacsMicrosoftTestXTS

Show Comments