How can I secure a USB Flash drive? I'd like to get a USB Flash drive that I can use to keep some personal information on securely - password-protected and encrypted, in other words. Do I have to buy a special drive to do this, or is there a way I can get the same results with software and a generic 16GB drive I have handy?
You can. All you need is your Flash drive and a copy of TrueCrypt for your computer. It's an open source app, so it's free to download and use. It's cross-platform too.
More details in our Getting Started with TrueCrypt feature here: http://www.reghardware.co.uk/2009/04/30/intro_to_truecrypt/
I agree with the above, TrueCrypt is the best option. Its free and easy to use. I've been using it on my flash drives and computer for 3+ years now without a single hitch. In my encrypted partition I have PortableApps and ran the flash drive on my computer at an internship daily for 3 months so I could use Firefox; always flawless performance.
www.truecrypt.org/
In short TrueCrypt uses really good (NSA and world recognized) encryption to do on-the-fly encryption. There are three ways to use it: encrypt the entire drive (not recommended), create an encrypted partition (not recommend, especially for this type of application) or create a "file" that is actually you're encrypted information. In all cases you run TrueCrypt and it accesses either the partition or file and uses on-the-fly encryption to mount it as a normal drive on your computer, so you can write/read/use it as normal. I have a 2GB flash drive (same one referenced above) and have a 1.5GB "file" on it that is my TrueCrypt secure data. There are a couple of good reasons for doing the file method, but the most important in this case is so that you can have the TrueCrypt software installed on the encrypted portion so that you can mount your encrypted portion without having to install software on any computer you want to use it on. Also, you can actually move your encrypted file (which is actually a drive remember) off the USB drive and onto another drive and use it there. This is great if you need more room on your flash drive temporarily (because you only have 1.5GB file taking up room, not a different partition) or want to back it up easily. And a third reason is it makes it easy to have some space to put low-security files and/or when you need someone else to be able to access some files without you having to mount your secure files (this way it just acts like a normal flash drive to them and makes life easier).
On my drive I have an autorun.inf file so I can mount the file straight from AutoPlay. Heres the code:
***START*** DO NOT COPY THIS LINE
[autorun]
label=TrueCrypt Traveler Disk
icon=TrueCrypt\TrueCrypt.exe
action=Mount TrueCrypt volume
open=TrueCrypt\TrueCrypt.exe /q background /e /m rm /v "FILE NAME"
shell\start=Start TrueCrypt
shell\start\command=TrueCrypt\TrueCrypt.exe
shell\dismount=Dismount all TrueCrypt volumes
shell\dismount\command=TrueCrypt\TrueCrypt.exe /q /d
***END*** DO NOT COPY THIS LINE
One final note and my only grievance with TrueCrypt: If you use Vista where you do not have administrator access (we have one lab at my University like that), you cannot mount your drive if TrueCrypt has not be installed. Even the portable edition needs a driver and Vista blocks if you're not an administrator privilege. Hopefully they will find a way around this in a newer version. It does work on Vista though, just you need one-time admin rights (http://www.truecrypt.org/docs/?s=administrator-privileges).
Good luck with it. Its a great program and the best solution IMHO to what you're asking. Sorry for the long post, but I wanted to include some of the most important things I've learned along the way.
I've been using TrueCrypt for a few years now and whilst I'd agree it's good for whole drive encryption (system or secondary), I think there are better options out there for flash drives.
Whilst it's not free, IronKey is a far more sensible and secure option for carrying sensitive data. Plug it in to a computer, plug in your password and voila. With TrueCrypt, it'll only work on a PC with the application pre installed. The additional benefits, such as a secure password manager and a hardened version of Firefox mean that it's a much more versatile tool.
As Trucrypt does literally mount and can be used easily (and there is TruCypt for MacOS too),
HOWEVER if the flash memory module isn't in the best of states, it can expose it to read/write errors either along the bus or within the unit itself.
That and there is one heck of a performance hit on R/W operations.
I'd suggest IronKey for a pretty much indestructible one, or Blockmasters "Safesticks". More expensive, but you get what you pay for IMO.
If you're in an environment that requires NO data to be written to a unencrypted flash drive, I would avoid the Kingston Flash Drives (due to the minor fact that they leave a portion of the drive accessible to anything even when you've encrypted as much of the drive as possible ).
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
