First off:
Hi guys, I'm new to the forum. I've recently purchased a Kingston Hyperx (got a great deal on eBay, 30 bucks for the 8gig). They are pretty expensive in Canada. I was really interested in a U3 drive and had my heart set on one, until I discovered that the entire project was in the process of being scrapped. But then I found this site and it was all good, same usability on a much faster USB drive.
Though I do wish I knew of a way to password protect the drive like the U3 launcher does. I don't need it encrypted, I can just encrypt the small amount of sensitive material I carry around. But a password would be nice to make sure no one tries to mess with the device.
Is there something that can do this?
Thanks in advance.
Visit the Community page
Join our forums
Subscribe to our email newsletter
Subscribe with RSS
Follow us on Facebook
Follow us on LinkedIn
Follow us on Twitter
Follow us on Mastodon
Follow us on BlueSky
Unfortunately this has been discussed many times before to no avail.
Password protection of a flash drive needs to be built in my the manufacturer
Encryption of parts of the data on the drive is the only way left to go.
Tim
Things have got to get better, they can't get worse, or can they?
Tim... that's what he meant.
He just wants part of the data encrypted...
Hello there, we have special app perfect for this. It's called Toucan (Don't know why).
https://portableapps.com/apps/utilities/toucan
I've never figured out how to use this... so I've been using 7-Zip Portable instead.
https://portableapps.com/apps/utilities/7-zip_portable
But I recommend Toucan as it's more efficient, and only 7-Zip if you can't figure out how to use it like me
stop replying without reading please
He knows he can encrypt some of the data on the drive.
He wants access to the drive to be password protected.
Things have got to get better, they can't get worse, or can they?
Tim, who made you the "reply forum Tzar"?
Since John T Haller made him a forum moderator
look here https://portableapps.com/about/team and scroll down the moderators part and you'll see that he is listed there so give respect to the man
your friendly neighbourhood moderator Zach Thibeau
a few of us got together in chat and promoted him to that position. However, the official title is "Reply Czar" not "Tzar" or whatever.
Czar sounds like a respectable title. Tzar does not. hence Tzar is more appropriate for him/it
you can't just password protect any drive, but what you can do is sell this usb drive and buy a corsair padlock usb drive. This corsair padlock usb drive needs a pin entered before the usb drive can be accessed by the computer, so if it cannot be accessed by the computer, no one can mess with it, so you get same security as a padlock literally. of course this by far does not mean this is the ultimate security. it is only one level of security that you may be asking for.
http://www.corsair.com/products/padlock/default.aspx
also you have ironkey usb drive, where if some one tried to get access to it, it fries the data in it and self destructs and you go and buy another drive.
https://www.ironkey.com
There have been so many requests for password protection lately, i think that someone should look into it. Maybe redesign the platform to password protect the folders as well as the platform?
and, sadly, they are from people who either don't search to see why it hasn't been done, or simply don't believe the people who try to explain why it cannot be done in the way they want.
To put it simply, it is not possible without administrator rights to make a (relatively) transparent encryption system that will support any arbitrary application.
The only ways that work are for an app to handle its own data encryption, such as KeePass does, or to decrypt the files that you want at the start of the session, which leaves them on disk in plain, and then reencrypt them at the end of the session, which still has the risk of leaving the deleted plain files around, such as people suggest doing with Toucan, or 7-Zip or most of the "acme folder protector" apps that are suggested.
For true, safe to use encryption, that doesn't leave plain files around, you need an on-the-fly encryption system, such as TrueCrypt. Sadly, all of these, without exception need an administrator to either install them in advance (so not portable) or to be run as an administrator.
This is a technical restriction in the security design of windows. It is not going away. There is no way around it, and if anyone discovered one it would be an exploit that MS would patch.
It has already been looked at, in depth, by many skilled and knowledeable people, and has been requested, and explained here, more times than I can count. I'm one of the many people who wish it were otherwise. I use TrueCrypt on my flash drive myself, with truecrypt explorer on it in case I need to extract a file to work on where I cannot find a PC with admin rights, but, as a systems administrator, I have admin access at work, at home, and at the computers of my family members when I'm visiting, so the restriction isn't too severe in my case. For most here, it would be far more limiting.
Nearly ALL UFD's manufactured within the last 3-4 years have multi-LUN capable controllers . This means that you can create a "public" device (LUN), often refered to (incorrectly) as a "partition", and a "private" device (LUN), the later only accesible after entering the correct pasword.
Apps like cosyco's "Carry it Easy" and "Lock it Easy" use this feature.
Most manufacturers of flash-drives do not provide the software needed to utilize the password-function of the controller .
One of the problems is that this ALSO requires admin-priviledges on windows-machines . All these problems are basically caused by the fact that m$ has decided to impose artificial limmits on flash-drives :you can only create one partiton on UFD's and other media seen as "Removable" under windoze and worse : you can only mount THE FIRST partiton, even if you have created multiple under another OS.
Even if you flip the Removable Media Bit of the controller you will still have problems as the password-software usually only works on media seen as "removable" !!
These limits are "necessary" because windoze up to Vista can not create multiple correctly aligned partitions on flash-media .
btw : Some Sandisk U3-drives (mostly cruzer micro's)actually DO encrypt all your data, even if it is not marketed as a drive with hardware-encryption and you haven't set a password . I learned this after browsing a data-recovery firms website ..
Is ther ea way to get those apps, and if so, where?
Hi,
Im having few Thumb drive from Sandisk, they have all U3 with Password protect.
Can it be done for external Hard Disk using PortableApps.
Many thanks.
Franck M.
Sorry, U3 Password protection is built into the hardware/firmware level and can not be imported via software to other media.
But welcome to PortableApps.com
Tim
Things have got to get better, they can't get worse, or can they?
for ufdutility
or see here: http://blog.usboffice.kr/?p=146
this is one of them
Otto Sykora
Basel, Switzerland
Your best chance is to check the websites of the drive- and/or controller-chip manufacturer.
"Imation" has "Imation Flash Login.exe", part of "Imation Drive Manager" . Kingston has "Secure Traveller", Transcend
also has a password-app for some of their UFD's .
Cosyco's "Lock it Easy" still works on a lot of older drives .
These apps are generally written for the controller so they may work on multiple brands if they use the same controller .
If a chip supports pw & multi-LUN you can always set the pw
with the "Mass-production tool" (if available) for the controller but that doesn't help much if no software is available allowing you to enter it ..
from my collection of abt 15 sticks, so far one works with some kind of generic software and I could make secong drive formated as CD. All others did simply refuse to talk to that software.
One stick, disk2go origin, has software supplied which will create actually two drives , each with one partition in it, and they will thus appear as separate drives in windows. One of them can be hardware encrypted by software residential on the controller, but here some big drawback: to enter the password to the controller, I need a software from disk2go , and this software can send the password there only under admin rights!
This could be done better, but at present it is so.
So so far I could set second drive partition only on one generic stick, some very cheap 16g stick from a junk shop. All other sticks resisted all attempts, even I tried to hack the partition setup on hex level, no cure.
Otto Sykora
Basel, Switzerland
at the data actually presented to the output of the usb stick (controller)?
There so far no trace of any encryption, just there is no access to the 'partition' since all is filled upwith FF FF FF...., this is as far as low level of the file system installed on the top of their flash file system.
This does not mean it is more easy to get to the data, but it does not mean for me that this is an encryption on the actual data level. So some kind of XORing the stream when password is set does not still mean an encryption in conventional understanding.
But here it comes to the point where one can discuss where the encryption should take place, on the flash file system ? or on the file system of the operating system? or ???
Further more, it probably also depends on the age of the stick. I have one old one, every time I stick it in it starts complain after some time that for security reasons I should update the u3 system or what. In fact this one can be partially accessed by linux even pw is set from win. (with hexeditor)
Later once are not accessible from linux when pw is set from win.
Otto Sykora
Basel, Switzerland
Not much of a computer guy (actually in the medical field so if any of you guys ever sick you know where to call!) but ever since synmantec crashed my computer (not once but X times) have been actively looking for alternative antiviruses & OS. Ran across PortableApps & the whole Linux saga & have been hooked since. Now learning how to use Linux. Looking for a small friendly version of Linux to use with my Apps. Thanks. ;-?
True Crypt will encrypt the entire contents of a standard USB key. If you use a long enough password I doubt even the NSA can crack into your thumb drive. The only disadvantage is that the machine you plug your drive into will have to have True Crypt installed.
http://www.truecrypt.org/downloads It's free and open source. If you want to use your key on any machine and have that password protected.....Iron Key is the best one on the planet I believe. https://store.ironkey.com/personal
As was stated above, encryption of the entire drive isn't what is required. All that is required is a simple locking of the drive, for which a password is required to unlock and be able to use the drive.
As far as I know this is, as also stated numerous times above, something that has to be done at the hardware level.
Does TrueCrypt support ROT13 as an encryption method? I suppose you could always encrypt the drive that way.
And for the record I believe TrueCrypt to be portable but you require admin rights to run it. Same deal with FreeOTFE, of which there is a portable version on this site.
My guess, the best way would be to just encrypt the filesystem part in the beginning. I wonder if TrueCrypt can do that...
What I do is I have a launcher program that asks for a password once per day, and then I set it in Autorun.inf to launch that on double-click. Of course it doesn't help at all, but it does give you a false sense of security at least :P.
Insert original signature here with Greasemonkey Script.
Okay, well I don't know much about all of this encryption, because honestly either i'm too stupid or i'm using the USB wrong. However, I am able to understand(not create, for some reason. yeah, lol. I can edit though) bat files. I also have a program that makes bat files into exes. what if we made a bat file that had a prompt, and if you got the password right, then you'd be able to get in, and if you didn't it'd just loop 3 times and wait. (YES I MADE THIS ON MY OWN USING TEH INTERNET AND ONLINE IDIOTS GUIDES. IF I CAN DO IT SO CAN YOU!!!.)
It would probably look like this:
echo off
:prompt
Set /P answ=Enter your Password^>
If /I "%answ%."=="P." GoTo :Password
GoTo :Incorrect1
:Incorrect1
echo That was incorrect. Please try again.
Set /P answ=Enter your Password^>
If /I "%answ%."=="P." GoTo :Password
GoTo :Incorrect2
:Incorrect2
echo That was incorrect. Please try again.
Set /P answ=Enter your Password^>
If /I "%answ%."=="P." GoTo :Password
GoTo :Wait
:Wait
echo You have entered an Incorrect Password. Please wait 5 minutes before
echo continueing.
GoTo :prompt
:Password
echo Correct!
start StartPortableApps.exe
pause
exit
Then use the program bat to exe converter:
http://www.f2ko.de/English/b2e/download.php
and put this in the root of your folder so that the destination of the new exe is (Your drive name):\(Your exe)
open up your autorun.inf (with notepad.)
(enable hidden folders if you can't see)
it should look like this:
[Autorun]
Open=StartPortableApps.exe
Action=Start PortableApps.com
Icon=PortableApps\PortableApps.com\App\Graphics\Black Cruser Micro USB.ico
Label=Matthew
Change StartPortableApps.exe to (Your new exe)
so now the inf looks like this:
[Autorun]
Open=(Your new exe).exe
Action=Start PortableApps.com
Icon=PortableApps\PortableApps.com\App\Graphics\Black Cruser Micro USB.ico
Label=Matthew
Please tell me how this works out for you guyes. okay, so it's not the best portable app, and it's probably not going to work on every usb just by installing it. But, I think it works sufficiently. Please reply.
(Only problem is the wait 5 minutes script. will edit this post later.)
"Welcome to the Internet, where men are men, women are men, and children are the FBI."
--Matthew Tam
"It is better to take what is not yours, than leave it there, neglected..."
--Mark Twain
Check the WAIT utility found on this link: http://www.paraglidernc.com/plugins/plugins.htm
The shortcoming of this approach is all someone needs to do to bypass the wait or even the prompts is to cancel the window asking for it. They can then access the USB drive's files using Windows Explorer unimpeded.
Ed
since autorun.inf is most often not executed on any reasonably managed workstations, recent OS will not look at it too much anyway, and there is no problem to stop your loop even in the case it is executed.
here what I am using now:
http://www.corsair.com/products/padlock2/default.aspx
it is fun, completely independent of any operating system, will under dos if you include usb driver in it...
Otto Sykora
Basel, Switzerland
I would buy that but I'ma kid so yeah. rofl. Can't buy anything. Well, At least it doesn't delete your crap after you mess up 3 times. I have a san disk. I turned off the san menu and went for portable apps. I really want a password protect featre. That's be great. Oh well.
"Welcome to the Internet, where men are men, women are men, and children are the FBI."
--Matthew Tam
"It is better to take what is not yours, than leave it there, neglected..."
--Mark Twain
I don't understand what this achieves. I could enter the incorrect password twice if I wanted (no consequences), close the command line that the app is waiting in, and then merrily go about my business of exploring the drive in a file manager.
Even the most novice user instinctively tries to close applications down that seem to be stalled or not working. It wouldn't take them long to realize that this app has absolutely no effect whatsoever. I suppose you could try to scare them into thinking that it does, by putting messages up like "You have entered an incorrect password too many times. The drive must now be unlocked by an administrator" but even that is laughable.
There are genuine methods of securing data out there if you have data that is truly that important. Unfortunately, I don't think this is one of them. Your data would be more secure if you used a Caesar cipher than this method!
use the new 3ROT13 algorithm , this will give you more enhanced security.
http://www.rot13.de/index.php
Otto Sykora
Basel, Switzerland
ROT47 is obviously a better choice, the number is higher, so it has to be more secure!
So I have made a few more edits, only to realise that this only gives a false sense of security. You can just x out of the window, but whatever. Here's the new code anyway. Ehh, it looks cool:
@echo off
echo @echo off> volume.bat
echo set getdrv_=%%3>> volume.bat
dir | find "Volume"> go.bat
call go
if exist volume.bat del volume.bat
if exist go.bat del go.bat
::
rem show that we got it
If Not Exist Correct.txt GoTo :Create_Password
If Exist Correct.txt GoTo :prompt
:Create_Password
If Exist Password.txt
ECHO Y | DEL password.txt
Set /P answ=Please enter your password^>
echo %answ% >> "Password.txt"
set /p pass=
If NOT %answ%==%pass% Goto :Unlikepass
If %answ%==%pass% GoTo :continue1
:continue1
echo You password is %pass%.
pause
GoTo :prompt
:Unlikepass
echo Your passwords do not match.
echo.
echo If you forgot your password, press "forgot".
echo If you want to re-enter your password, press "retry".
Set /P unlike=^>
If /I "%unlike%"=="forgot" GoTo :forgot
If /I "%unlike%"=="retry" GoTo :create_password
:forgot
echo Your password is %pass%.
pause
GoTo :reenter
:reenter
Set /P answ=Please reenter your password^>
If NOT %answ%==%pass% Goto :Unlikepass
If %answ%==%pass% GoTo :continue1
:prompt
set /p pass=
If %answ%==%pass% GoTo :Password
GoTo :Incorrect1
:Incorrect1
echo That was incorrect. Please try again.
Set /P answ=Enter your Password^>
If %answ%==%pass% GoTo :Password
GoTo :Incorrect2
:Incorrect2
echo That was incorrect. Please try again.
Set /P answ=Enter your Password^>
If %answ%==%pass% GoTo :Password
GoTo :Wait
:Wait
echo You have entered an Incorrect Password. Please wait 5 minutes before
echo continueing.
%getdrv_%:\PortableApps\Sleep.exe\Sleep.exe 300
GoTo :prompt
:Password
echo Correct!
start StartPortableApps.exe
start %getdrv_%:\PortableApps\PAM_Desktop_Icon_Portable\PAM_Desktop_Icon_Portable.exe
echo >> "correct.txt"
pause
exit
Just download sleep.exe here: http://www.sleepcmd.com/downloads.html
Then put a file called "sleep.exe" in your portable apps folder and put everything in the folder you downloaded into the new sleep.exe folder.
Now convert to autorun.exe with battoexe (here: http://www.f2ko.de/English/b2e/index.php)
Then adjust the autorun.inf accordingly.
[Autorun]
Open=autorun.exe
Action=Start PortableApps.com
Icon=PortableApps\PortableApps.com\App\Graphics\Black Cruser Micro USB.ico
Label=Matthew
There, a false sense of security!!! lol. IDK Why I posted this but it looks cool. Ehh, whatever. I'll work in this so that maybe someday it'll actually do something. rofl. Cheers.
"Welcome to the Internet, where men are men, women are men, and children are the FBI."
--Matthew Tam
"It is better to take what is not yours, than leave it there, neglected..."
--Mark Twain
If you're happy, then I'm happy. As long as you know the score.
It seems like no one pointed out that System Admins do not WANT you to be able to use your portableapps and especially in a secure and encrypted environment.
It seems that the best bet would be a portable virtual machine with a secure linux OS in a locked and encrypted folder. Of course, an admin could still jump in and format your flash drive if they so desired, or at least shut down your connection or computer. I think some protection from crazy admins is what we are really looking for here. To be able to jack into a public computer with our secure and unstoppable flash drives to do whatever we do, in the name of Truth, Justice, & the American Way, of course, is the penultimate freedom. (punny! haha
)
So,
1. Unbreakable USB
2. Locked and encrypted
3. Decrypt, recrypt OTF
4. Secure VM OS
5. Override Admin authority on host system
I think what we are talking about is called a 'Laptop' or 'Notebook' or even maybe possibley 'Netbook' computer. Perhaps my MotoQ can do it
;>jamvaru
try a encryption software.
I've been playing around on the internet and I've found something that might actually make my above script work. I won't release teh details yet but I think that it's actually pretty ingenious.
"Welcome to the Internet, where men are men, women are men, and children are the FBI."
--Matthew Tam
"It is better to take what is not yours, than leave it there, neglected..."
--Mark Twain
but there is no point having it work. The only way to have some reasonable success is if you have access to the controller of the usb flash on a low level side which is not possible via the usb port. So forget it, or continue dream.
Otto Sykora
Basel, Switzerland
you buy one of those little 7" 99$ netbooks that barely works at all, plug that in via usb, then plug your flash drive into your netbook, so the netbook acts like a gateway to the host computer, and you have secure access to your flash drive via tunneling vpn or something, whatever...
...so, you have to configure the netbook to limit access of the host computer to only run?
What prevents the admin from ghosting your desktop and using your own access to your security book?
sounds like you would have to access the host computer via the cheap netbook
;>jamvaru