By now it should be clear that encryption isn’t just for security geeks and IT administrators. You can take precautions to secure your own most sensitive files and folders by encrypting them. Some encryption utilities turn files and folders into encoded versions of themselves. Others create secure storage locations that act like standard drives or folders but can be locked, encrypting all of their contents. Still others maintain encrypted storage in the cloud. Most encryption utilities stick to just one of these functions. Folder Lock does all three things, and more, balancing ease of use with a wide range of features.
As with most competing products, your $39.95 purchase entitles you to use Folder Lock (the version I tested) indefinitely. You don’t have to buy right away; you can run the program 25 times before it demands payment. You also get free access to all updates until the next major point update. When the next version comes out, you can either pay an update fee or just keep using the current version. Note, though, that in the four years since my original review the product only went from 7.6 to 7.7.
What Is Encryption?
The Nazi government used a device called the Enigma Machine to encrypt sensitive military communications before and during World War II. With its rows of buttons and actuator wheels, the device looked quite impressive. However, not only did the Allied forces crack the code, they managed to keep that fact from the enemy, so the Nazi generals kept sharing their strategies using the faulty encryption system. The resulting intelligence served the Allied forces well.
Cryptographic algorithms used today have a certain connection to the old Enigma Machine, but of course they’re totally code-based, with no steampunk buttons or wheels. Unless you have the password, there’s no way to decrypt an encrypted document. No, you can’t just try every possible password, not unless you’re willing to wait for the heat death of the universe.
In 2001, the US government settled on Advanced Encryption Standard (AES). as its official algorithm, replacing the less-secure Data Encryption Standard. With even more bits in its main security key, Bruce Schneier’s Blowfish algorithm should be still more secure.
You’re probably familiar with symmetric encryption algorithms, where the same key encrypts and decrypts a file. AES, Blowfish, and many other common algorithms are symmetric. With this kind of algorithm, you must keep the password a deep, dark secret, and only share it via secure channels. But there’s another way. In a Public Key Infrastructure system, you get two keys, one public and one private. If I want to send you a file, I look up your public key and use it for encryption; you decrypt it with your private key. Public key cryptography is less common in small-scale encryption utilities.
Getting Started With Folder Lock
Installation of the product is quick and simple When you do pay up, you’ll receive a serial number and a registration key. Keep that serial number stored in a safe place. If you forget your master password, you can unlock the program by entering that serial number.
If that last statement worries you, congratulations—you’ve caught on to something. All of the encryption products I’ve reviewed recently have no backdoor, no way for the company to decrypt your files. But since the company clearly has your Folder Lock serial number, it could conceivably be ordered to supply it to law enforcement. You can disable this feature in settings, and I strongly suggest that you do so.
Like AxCrypt Premium, Folder Lock relies on a master password. Once you’ve logged in with the master password, you’re free to lock and unlock files, folders, and drives without having to enter it again. Of course this should be a strong, memorable password, something that you can remember but that nobody else would guess.
There is an Auto Protection option, disabled by default. If you turn this feature on, it shuts down the program after 10 minutes of inactivity. You can set the timeout from one to 100 minutes, and you can configure it to log out of Windows, or shut down Windows, rather than just shut down the program.
If you’re concerned someone might try to break into your Folder Lock installation, you can enable Hack Security. At its default settings, this feature shuts down Folder Lock after three incorrect login attempts. If you frequently fumble-finger your password, you may want to set a higher number. You can also configure it to log out of your Windows account or even shut down Windows altogether after a number of failed attempts.
Locking and Unlocking
So, what does it mean to lock a file or folder? A locked file is not encrypted. Instead, Folder Lock uses a technique called kernel level filtering to hide the locked file from Windows, and from all programs running under Windows. If that sounds a bit like the way a rootkit hides its components from Windows, well, it is quite similar, but working for good, not evil. Locked files are protected from casual snooping, which may be all you need.
To lock a file or folder, you just drop it on Folder Lock. It appears inside Folder Lock and vanishes from Windows Explorer. The locking process happens in a flash, faster than encryption. You can also use a menu within the program to lock files, folders, and drives. Of course, you can’t lock the Windows drive.
The Lock Folders page in the program’s main window lists all of your locked items, with a green padlock next to each. If you’re done locking one or more items, you select them and click the button Unlock Items, or right-click and choose Remove. When you do so, the item vanishes from Folder Lock and reappears in Windows Explorer.
It’s more likely that you’ll simply want to access a locked item while keeping it secure. Clicking Protection Off leaves the item inside Folder Lock, with a red open padlock icon replacing the green locked padlock. The item reappears in Windows Explorer so you can access it. You can configure Folder Lock so that when it shuts down, it turns protection back on automatically. In use, it feels somewhat similar to AxCrypt’s Secured Folders feature.
Folder Lock doesn’t just hide files and folders. It can actually hide itself as well. Just engage Stealth Mode and anybody snooping around your computer won’t see a trace of it. To bring it out of hiding, you press the hotkey combination that you selected when invoking Stealth Mode. Security experts turn up their noses at security through obscurity, but this feature really can help fend off casual snoops.
Locking items makes them invisible, but a determined hacker with physical access to the computer could conceivably still get at the data, perhaps by booting to a non-Windows environment. For serious file protection, you need to create one or more encrypted lockers. These correspond to vaults in CryptoExpert and to encrypted volumes in Cypherix Cryptainer PE.
You start by naming your locker and accepting (or changing) the location for the file that holds the locker’s data. Next you set a password to protect the locker’s contents. Like InterCrypto Advanced Encryption Package 2016, Folder Lock includes a virtual keyboard to eliminate any possibility of password capture by a keylogger. It rates password strength as you type, but unlike AxCrypt it’s pretty forgiving. It accepted “Password1” as strong password.
Next you must choose whether to create a backup-able FAT32 locker, accepting the limitation that no file larger than 4GB can be stored, or go for the no-limits NTFS format. You also set a maximum size. The initial size on disk is much smaller, growing as needed up to that maximum. Folder Lock takes care of formatting the drive, whichever file system you use. Cypherix Cryptainer PE, by contrast, relies on Windows to format NTFS virtual drives.
By default, Folder Lock assigns drive letters starting with Z: and works down from there. When you open a locker, you can choose a specific drive letter, and optionally open the locker in read-only mode. I did not, however, find a way to permanently assign a specific drive letter to a locker, the way Cypherix and CryptoExpert permit. If you try to close a locker that contains open files, the program warns you to close those files first.
Folder lock uses government-standard AES 256-bit encryption, and it claims to have the fastest AES algorithm around. That should be fine for most users. Yes, Advanced Encryption Package offers a choice of 17 different algorithms, and Ranquel Technologies CryptoForge lets you apply any or all of its four algorithms simultaneously, but most users don’t have the crypto-expertise to pick an algorithm.
There’s no point in copying an encrypted file into secure storage if you leave the plaintext original lying around. In addition, just deleting the file isn’t sufficient to wipe out its data. Forensic recovery software can often get back deleted files in their entirety. Folder Lock’s file shredder securely deletes files so they can’t be recovered.
The Shred Files page gives the appearance of a drag-drop target, but it isn’t. You must browse and select items to shred. Folder Lock also lacks the context menu integration found in Cypherix SecureIT, CryptoForge, and others.
By default, Folder Lock simply overwrites the file or folder with zeroes. You can set it to overwrite with random bytes instead. If you’re willing to have the shredder run a bit slower in order to more thoroughly erase the data, you can choose the three-pass Department of Defense algorithm, or the 35-pass Gutmann algorithm. But unless you anticipate law enforcement spending huge amounts of time and effort to recover your sinister deleted files, the single pass with zeroes or random numbers is probably sufficient. If shredding algorithms fascinate you, check out the 18 distinct algorithms in Advanced Encryption Package, most of which are government sanctioned.
By default, Folder Lock won’t shred any lockers, locked files, or wallets (more about wallets in a bit). That makes sense to me. But if you think otherwise, you can turn off this precautionary setting.
Here’s a handy feature; Folder Lock includes the ability to overwrite all the free space on your drives. Doing so effectively applies secure deletion to all the files you’ve deleted previously. Be warned, this can take a very long time, especially if you select one of the multi-pass shredding algorithms.
CertainSafe Digital Safety Deposit Box stores your encrypted files directly to multiple encrypted cloud servers, ensuring security by splitting up parts of the file to different servers. Folder Lock doesn’t do that, but it offers secure backup for your encrypted lockers.
The secure backup component requires a subscription, separate from the price of Folder Lock. Rates range from $5 per month for 10GB, through $30 per month for 100GB, all the way up to $400 per month for 2TB. A free one-month trial is available for plans up to 100GB.
Once you’ve logged in to your secure backup account, you can configure automatic backup for any locker that you defined as backup-able during its creation. The already-encrypted locker data is transmitted via a secure SSL connection. You can optionally choose to sync a locker between multiple PCs that have Folder Lock installed.
USB and Email Protection
Cypherix SecureIT and Advanced Encryption Package can turn encrypted files into self-decrypting executables, files that don’t require the program itself for decryption. In an interesting twist, Folder Lock lets you make entire lockers into self-decrypting files that you can store on USB drives or even on DVDs. You can either make a self-decrypting copy of an existing locker or create a new locker directly on the removable drive.
From the USB Protection page, you can also encrypt files to send as email attachments. Folder Lock creates an encrypted ZIP file with the name, location, and password of your choice. It then launches your email client to send that ZIP file as an attachment.
What’s in Your Wallet?
Sometimes the information you want to store securely isn’t in the form of a file. You could create a file containing, say, the details that define your bank account and then encrypt it. But it’s easier to just put that data in a wallet.
Creating a new wallet is simple. All you do is indicate the name and location for the file that represents the wallet and enter a password. As with locker creation, Folder Lock rates password strength as you type.
Now you can put virtual cards in the wallet. First, you name the card and select a type: bank account, business card, business info, credit card, general purpose, health and hygiene, ID card, license, and passport. The next screen contains data fields relevant to the type you chose.
Like the secure online password storage offered by AxCrypt, this is strictly a static data dump. If you want to make use of the stored information, say, to fill a Web form, you’ll have to copy and paste. You can, if you wish, create multiple wallets for different purposes.
The point of encrypting your data is to ensure it can’t be accessed by anyone but you. However, in the process of editing documents, visiting websites, and so on, you create a trail of evidence. Temporary files, browsing history, cached webpages, all of these have the potential to compromise your security. Folder Lock’s Clean History feature aims to help by wiping out at least some of these traces.
It wipes out Windows temporary files, clears the clipboard, and deletes the system’s memory of what folder you last used when opening or saving files. It clears recently used file history from Media Player, WordPad, and the Paint app. And it clears a number of Windows recently used file lists.
This isn’t remotely the full system cleanup you get from a purpose-built tune-up utility. It doesn’t wipe browser traces, or recently used lists from third-party utilities. On the plus side, it runs in an instant.
A Well-Balanced Utility
Folder Lock packs a ton of useful encryption-related features into a bright and cheerful package that’s easy to navigate. While not as technically deep, it actually offers more encryption options than InterCrypto Advanced Encryption Package, which suffers from an awkward, dated interface. Its interface is modern, like that of AxCrypt, but its range of encryption styles is greater than AxCrypt’s.
This fine balance between ease of use and breadth of features earns Folder Lock our Editors’ Choice award for encryption. It shares that honor with two quite different products, AxCrypt Premium and CertainSafe Digital Safety Deposit Box.
Folder Lock Specs
|Public Key Cryptography||No|
|Rate Password Strength||Yes|
|Create Encrypted Storage||Yes|
|Create Self-Decrypting EXE||Yes|
|Secure Deletion of Originals||Yes|