If you think that locks are just for safes and front doors—think again. You can add a (digital) lock to the files and folders on your PC to help keep them more secure from prying eyes. We’ve packed it all into this handy guide. Learn how to safeguard folders and documents with hard-to-crack passwords and hacker-hassling encryption. Don’t forget that Avira Password Manager helps generate, store, and manage all your passwords more safely.
Password protecting files and folders is a key to more privacy
If you feel that locking your computer and having a (hopefully strong and unique) password has turned your machine into a digital fortress, you’ll sadly have to think again. Using a login password for Windows is an essential first step in keeping your files safer from unauthorized access. This could be someone strolling by your laptop or anyone who shares your desktop PC.
Like a lone knight defending your digital realm, one login password is unlikely to be enough for many reasons. What if your computer is stolen and the thief removes your hard disk and installs it onto their device to gain access? And is it inconceivable that someone could see you type in the password or guess it? (If you’ve used your pet’s name again, please leap straight to this why it’s time to change your passwords). Login credentials are routinely stolen and misused by cybercriminals, who use a plethora of password-hacking techniques to snatch your data and even put spying software on your computer that “watches” as you type. If a hacker cracks your Windows password, all the files on your computer could be vulnerable. If you’re now thoroughly terrified—don’t panic. It’s simple to add an extra layer of security by password protecting and encrypting important files and folders. That way, no-one can open them without knowing their individual passwords, even if they have gained access to your machine.
Top tips for hard-to-crack passwords
It’s important to remember though, that encryption and password protection are only as strong as the passwords they use. So, it’s always vital to choose strong passwords that can’t be easily guessed. That’s why your date and place of birth are out, even though they handily feature a combination of numbers and letters. Here are our top tips for hard-to-crack passwords (and how to manage them with ease):
- Don’t use passwords that are easy to remember. They’ll also be easy to hack. Password 123? Never.
- Don’t re-use passwords unless you want to save a hacker time by granting them access to many of your accounts with just one password.
- Do use passwords that are at least 12 characters long and include a random combination of uppercase letters, lowercase letters, numbers, and symbols.
- Do add an extra layer of security with 2-factor authentication, so potential hackers will need more than just a password. Authenticator apps can make this process easier.
- Do use a password manager to help securely generate, store, and manage your passwords. Free Avira Password Manager syncs across your devices and can also auto-fill your login details. Say goodbye to tedious typing and password reset emails, at last.
How do password protection and encryption work? What’s the difference?
Both locking and encryption serve the same purpose: privacy and protection. Just as you would lock valuable items in a safe, you can lock or encrypt a file to protect its confidential contents. Like Aladdin shouting the magical words “Open sesame!”, only those who know the code can then successfully view the file.
Encrypted files aren’t just locked behind a protective password—their contents are scrambled using an encryption algorithm. If someone wants to read the document, they need the decryption key (a password) to unscramble the data. Encryption is considered safer than a password because no-one can make sense of an encrypted file even if they do manage to access it.
Most people use encryption to protect the following types of data assets:
- Banking information and documents
- Personally Identifiable Information
- Scans of ID documents such as passports or drivers’ licenses
- Tax invoices
- Confidential employee or client information
- Intellectual property
There are two main ways to encrypt hidden files on a Windows machine using native Windows tools: Windows own Encrypting File System (EFS) and BitLocker. Please beware that Windows 10 Home doesn’t support either. You’ll need to use Pro, Enterprise, or Education versions of Windows 10 or upgrade to Windows 11 (although Windows 11 comes with EFS support only—not BitLocker). If your machine is running Windows 10 Home, you’ll have to make do with the lone protection afforded by your Windows account password or opt for some extra muscle with the encryption powers of third-party apps. Thankfully, we have some great examples below!
There’s also more good news for Windows 10 Home (and beyond) users: You can keep others out of your individual Word documents, PDFs, and Excel files by password protecting them from within Microsoft Office. In case you’re getting too excited, Windows 10 Home doesn’t offer password protection for compressed files though. There is a work-around: You can use encryption software such as WinRAR.
Read on as we walk you through the most popular methods of password protection and encryption so you can help keep your valuable information safer from prying eyes.
All about Windows built-in EFS to protect a folder or file
Windows handily comes with its own EFS encryption feature. While it’s simple to use, this is not considered the safest option and savvy hackers may consider it more an inconvenience than a barrier. Nevertheless, the more layers to your digital security the better, so here’s how to encrypt a file or folder using the native Windows encryption tool:
- Right-click (or press and hold) a file or folder and select Properties from the drop-down menu.
- In the General tab, click on the Advanced button on the right.
- Tick the check box next to Encrypt contents to secure data.
- Click OK to close the Advanced Attributes window. Then select Apply.
- A window will then pop up asking you whether you want to encrypt only the file or also its parent folder and the files it contains. To be extra cautious, choose full-folder encryption.
- Click OK. A small padlock symbol should now appear in the top-right corner of the file or folder you’ve encrypted. If you add any new items to the folder, they will be automatically encrypted too. Very handy!
- A pop-up window now opens and offers you the option to back up the encryption key. This helps ensure that you won’t lose access to the file! You don’t want to be locked out of your own documents. If you don’t want to back it up, click Never back up and you’ll be done. Alternatively, choose Back up now (recommended) and then follow the remaining steps below.
- In the Certificate Export Wizard window, click Next. Leave the default settings on the Export File Format screen and then click Next again.
- On the security screen, check the box next to Password and enter the password you want to use for this encryption. You’ll need to confirm it twice. Then hit Next.
- On the next screen, click Browse and choose the location for your backup. This could be on your computer or an external device like a USB drive.
- In the filename field, enter EFSKey or your choice of a name.
- Click Save < Next < Finish < OK.
Top encryption tip: For added security, export your backup key to a USB drive and keep this safe. Then if you ever find yourself locked out of your Windows user account, you can use the drive to recover the encrypted files on your PC.
Encryption with EFS is part of your Windows account. When you’re logged in, the operating system will automatically decrypt your files, so you won’t need to do anything. If someone gains access to your computer through another account, the files will be encrypted and can’t be read. That’s the good news. The bad news is that if someone gains unauthorized access to your computer while you’re logged in, or manages to hack into your account, all your encrypted files will be conveniently decrypted for them. That’s where a strong login password comes in (and don’t leave your laptop lying around!). It’s also essential to use reputable technology to help thwart malware and hackers. If you’re very security conscious or have highly sensitive information, it’s time to move on to the stronger encryption methods discussed below.
Here’s how to use Bitlocker to help protect files and folders
Welcome to the encryption powers of BitLocker—the Windows feature that lets you add a password to a folder by turning it into a virtual drive. Please remember that this is not an option on your Windows device if it’s running Windows 10 or 11 Home. If you’re running Pro, Enterprise, or Education versions of Windows 10, here’s how to turn on device encryption with BitLocker:
- Sign in to Windows with an administrator account.
- Select the Start < Settings < Update & Security < Device encryption. If Device encryption doesn’t appear, it isn’t available.
- If device encryption is turned off, select Turn on.
If you have BitLocker turned on, it’s important to have the Recovery Key securely backed up! If BitLocker thinks an unauthorized user is trying to access the drive it will lock the system and demand the recovery key. Unless you can enter it, you’ll be treated like a hacker and locked out. If you want to find out if your computer supports device encryption, see device encryption in Windows.
How to password protect a Word document
Microsoft Word comes with an embedded document encryption tool and it’s fast and easy to use.
- Open the Word document and select File and then Info.
- Click on the Protect Document button.
- In the drop-down menu, click Encrypt with Password.
- Enter your chosen password and click OK. Safely store your password!
Remember that if you share the file with someone, they’ll need your password to open it as the document isn’t just password-protected on your computer.
How to password protect a pdf file
You’ll need a subscription to the paid version of Adobe Acrobat. Then it’s easy to use the app to password protect PDFs straight from your desktop. If you don’t have an Adobe subscription, you can password protect a PDF file for free on the Adobe website—provided you’re happy uploading a sensitive PDF to a third-party server.
- Open the pdf you want to protect and select All Tools. Then click Protect a Pdf.
- Click Protect with Password.
- Select Yes when the pop-up window prompts “Are you sure you want to change the security of this document?”.
- Tick Require a Password to Open the Document and enter your password (and remember to store it where you—and only you—will find it).
How to password protect an Excel file
Here’s how to use built-in Excel encryption to protect an Excel file that may be full of confidential information.
- Open the Excel file. Click File and then Info.
- Click Protect Workbook. Then select Encrypt with Password.
- Enter your password and hit OK.
- Repeat the above. Make sure to safely store your password!
Is it time to use third-party password and encryption protection?
Cybercriminals are deploying increasingly creative methods to hijack your device and online accounts. Even the best antivirus protection can’t always block a zero-day threat or hacker from worming their way into your digital life and files. That’s where third-party technology can help. Unlike Windows’ own encryption, this security software is like a beefy bouncer, barring access to files and folders regardless of which user account is logged in or who cracks your account password. Plus, the decryption keys are more complex making it an all-round stronger, safer choice for very sensitive documents.
Here’s a list of highly rated encryption software for 2023 but we’ll put a spotlight on these three popular choices to sum up some top contenders for you:
- NordLocker lets you secure, back up, and access your files via a private file vault on the web or by using its desktop and mobile apps. It prides itself on being very simple to use: Drag your files into NordLocker, and they’re encrypted instantly. Ta daaa.
- Folderlock can password protect and encrypt files and folders quickly and easily. The software uses Advanced Encryption Standard (AES) 256 keys to keep your data safe—that’s the industrial-strength, global standard of encryption you’ll find in other powerful VPNs like Avira Phantom VPN.
- AxCrypt Premium promises to encrypt files with a single click and lets you share files securely with others via its key-sharing functionality.
Let’s sum up file vs disk encryption
As you’ll have seen, there are different encryption tools and techniques for various data protection needs. Both file and disk encryption transform intelligible data into a scrambled, unreadable form (called ciphertext) but there are also key distinctions. As the name suggests, file-based encryption (FBE) encrypts files individually while full disk encryption (FDE) takes a scorched-earth approach and renders the entire disk unreadable. There are pros and cons to each.
Disk encryption is comparatively slower as it works its way through the entire disk—and data recovery is a massive headache if the key is lost. It is more convenient though, as you need just one password to rule it all. This also makes it more convenient for hackers, so beware. File encryption is granular (as it works on a file and folder level), making it faster and more secure but it’s also more cumbersome as you’ll need to manage multiple passwords. Only you will know what your needs and priorities are, as well as your patience levels and password-management prowess.
If you do opt for disk encryption, VeraCrypt is a popular free and open-source choice that lets you create a virtual encrypted disk. It can also encrypt an entire storage device with pre-boot authentication. If you’re interested, here is how to create and use a data vault with VeraCrypt that may be secure enough to thwart the secret services.
Password managers: Why we love them and cybercriminals don’t
Whatever security choices you make, strong passwords are the cornerstone of a robust digital defense. They help protect your personal and sensitive information from unauthorized access and there are few things that hackers and cybercriminals love more than weak passwords. Unless your pet is named a random keyboard assault like m#P57s@ap$VcA, you’re unlikely to remember a strong password—let alone a different one for every online account. That’s why password managers are essential.
Avira Password Manager helps generate, store, and manage passwords more safely so you don’t have to. It also syncs across your devices and can be set to auto-fill your login details, so you’ll save time too (and hopefully never have to send another reset-password email).
Microsoft and the Windows logo are trademarks of Microsoft Corporation in the U.S. and other countries.