Use Your Flash Drive as a Super Secure Keychain
Step by step guide on converting your flash drive into a secure store (Keychain) for passwords
Data breaches happen, and when they do happen they jeopardize millions. The best way to protect yourself from data breaches is limiting the data you share — read our article (below) to know more.
The Realities of Digital Privacy
If Digital Privacy is One of Your Concerns, Know How You are Giving it Away
Consider a scenario — you got notified about a data breach from xyz.com, explaining your email, password and last known location have been compromised. To make things worse, you are habituated to use almost identical passwords for all your accounts. Meaning as xyz.com is compromised all other accounts are also compromised.
As anyone would realize at this point, using unique, strong passwords for each account is probably the safest way. But isn’t it hard to remember?
There are many digital keychain softwares (e.g. iCloud Keychain) that can help you, but if you want to push it to the next level and aiming to create your own keychain device — this article is here to help.
Steps to Create a USB Keychain Device
Step 1: The Device
You can use any flash (USB) drive. Pick your newest if possible and erase/backup the data.
Step 2: The Tool
💡 You can also do it with Bitlocker, but its not does not have cross platform support, and only available with Windows Pro or greater versions.
Step 3: The Procedure
- Insert USB drive in your system.
- Once it is detected, launch Veracrypt by double-clicking the file VeraCrypt.exe
- Click on Create Volume.
- On the next window, select Encrypt a non-system partition/drive, click next.
- Select Standard VeraCrypt volume as volume type. Click next.
- Click on Select Device
- Select your flash drive from the list. click OK
- Click next and continue.
- On the next page, select Create encrypted volume and format it. Click next to continue.
- Under Encryption Options there are various algorithms you can select from. For starter, AES should be good enough. Keep Hash Algorithm to default SHA-256. Click next.
- If the volume size is what you have expected, click next.
- Generate a strong password here, try to keep it at least 16 character long. Write down the password. Click next.
- Here is the fun part. Veracrypt utilizes the random movement pattern of you mouse to enhance the strength of the encryption keys. Move it as random as possible. When you see the indicator Randomness collected From Mouse Movements green, click format.
- Respond by clicking yes to the warning message pop-up.
- It may take sometime depending on you system and device I/O speeds. Grab a drink, Relax! 🍹
- You will see a success message once its done.
Well done! Now your flash drive is encrypted. 👏
Step 5: Access Your Encrypted Drive
- On the main window of Veracrypt click on Select Device.
- Select the volume and click ok.
- Select a drive volume from the list (here it is M:), and click Mount.
- Provide the password and click ok.
- Once the volume is decrypted, the flash drive will appear and mount on the selected drive on you computer. Navigate to the drive (M:) and create a key file.
Step 4: Create a Key Files
A key file can be a simple text file, that contains your password and account mapping.
// keyfile.txtaccount_x --> myP@ssw0rd*183&
account_y --> some0therPassword...
The contains of the file can look like above snippet. You can navigate to the mounted drive and create this file and add your contains. That is it!
You can also keep other documents in this secure store. Also, this same procedure can be used to encrypt portable HDDs or SSDs.
Step 5: Dismount
Once you are satisfied with the contains of the drive, you are good to dismount the drive. Click Dismount to do so.
Well done! 👏
Things to Remember ❗
- You need to mount and dismount this drive to your computer every time you want to access it.
- You will need a portable version of Veracrypt to access your USB drive. Worry not Veracrypt has cross-platform support, so you can use the same drive on Mac, Linux and Windows without problem.
- Keep your drive password safe and secure. Don’t keep the device and password at the same place. 😉
- Remember passwords to main email id, corporate account etc. Those will be helpful if you loose the device.
- Enable MFA for all the accounts.
Thank you for reading this article. Leave a comment with your views or suggestions. If you think this article was helpful, do share with your friends. We are working on bringing more articles soon. Ciao!