Home Tech Encryption Make an Encrypted USB “Survival” Drive with Bitlocker
Make an Encrypted USB “Survival” Drive with Bitlocker

Make an Encrypted USB “Survival” Drive with Bitlocker


We are going to call it a “survival” drive because it will handle extreme punishment, is water resistant, has a large memory capacity, and it will be encrypted. It also helps if the model name is

As seen in Jason Bourne (2016)

Survivor“, after all. We Chose the Corsair Flash Survivor USB drive because it is one of the most rugged available. However, you can use any inferior USB drive.

Bitlocker is an extremely easy way to encrypt USB drives. A Bitlocker encrypted drive can be used on any windows 7 and above machine regardless if it is an Ultimate or Pro version. There is no special software or drivers you need to install like you would if you were to encrypt the USB drive with Truecrypt or Veracrypt. To decrypt a drive encrypted by one of those, you would need the software installed on the host computer you would want to open it on. This could pose a problem if you needed to get into your drive when away from one of your computers. If the majority of the computers you use run windows, encrypting with Bitlocker is a fast and painless solution. Just make sure you force Bitlocker to use strong 256 bit AES encryption instead of 128 bit AES.

To get started, you will need to be using one of the following Operating Systems:

Plug your USB drive in to the Windows machine.

In My Computer, right click on the inserted USB drive and Turn on Bitlocker.


Next, choose a password. Make it a strong one. A sentence is better, but not from the bible. Assume your adversaries  brute force attack would be using the most well known book on the planet.



Next, either save a recovery key to a file or print the key. If you decide to save a recovery key, don’t put it on the newly encrypted USB drive as its main repository. This contains the information to unlock the drive in the event you forget the password, or you die and someone you have entrusted can open it provided they know where your key is (or the password of course).



Next, Start Encrypting. This can take at least thirty minutes for a 15GB drive, go read some more articles on ETP or Eff.org.


After Bitlocker is finished encrypting the drive you will see this screen from now on when it is inserted into any Windows machine. It does not have to be Windows 7 Ultimate, 8 Pro, or 10 Pro. Any windows 7 and above machine you insert it in will always autorun and prompt you with the Bitlocker login screen for device decryption. If you were to pull the drive out without ejecting it, the drive would automatically resort to its encrypted state.


In My Computer, you can now right click on the newly created Bitlocker encrypted drive and you will have the option to Manage Bitlocker.


Check prices on Amazon


RELATED ARTICLE  SecureMyEmail - Email Encryption for Everyone