Get comprehensive data and security protection with Avast One
Your Windows login password isn’t going to last long against a skilled hacker. Go one step further and secure your files and folders with password locks. Here, learn how to password protect folders and files with strong, hard-to-crack passwords and encryption. Then, find out how to protect your passwords with specialized data leak monitoring software.
This article contains:
The most straightforward way to encrypt your folders (and all the files in them) is to use Windows’ built-in folder encryption. Here’s how to encrypt a file or folder in Windows 11, 10, 8, or 7:
Navigate to the folder or file you want to encrypt.
Right-click on the item, click Properties, then click Advanced.
Check Encrypt contents to secure data. Click OK, then click Apply.
Windows then asks if you want to encrypt only the file or its parent folder and all the files within that as well. Opt for full-folder encryption to be safe.
Then, when you navigate to the encrypted folder, you’ll see a small yellow lock on the file icon. When you add new content to that folder, it will automatically be encrypted as well.
Windows file encryption protects your files against anyone who gets their hands on your computer. The encryption is tied to your Windows account, so when you’re logged in, the operating system automatically decrypts your files. If someone were to log in through another account, they wouldn’t be able to access files that were encrypted under your username.
But since your files are accessible through your account, if someone gets unauthorized access to your computer while you’re logged in, this encryption is useless. This is where a strong login password can keep you safe.
Regular Windows encryption will take you only so far, because it’s easy to get around it by gaining access to your user account. If a cybercriminal manages to hack your account or obtain your password, they’ll have full access to your files.
Keep your data safe with Avast BreachGuard. If your passwords or other personal data are ever leaked online, BreachGuard will warn you ASAP. That way, you can regain control of your accounts before anyone has the chance to log in with your credentials.
Unlike Windows’ own file encryption technology, third-party password protection bars access to files and folders regardless of which user account is logged in. These tools offer more security than built-in Windows security features and are highly recommended for sensitive data.
Folder Lock is one content protection feature for Windows worth looking at. Folder Lock makes it easy to put a password on a folder, and it can password protect and encrypt files and folders at blazing speeds. The software uses Advanced Encryption Standard (AES) 256-bit keys to keep your data safe — the same level of encryption you’ll find with many powerful VPNs, like Avast SecureLine VPN.
Folder Lock uses a master password to control locked content. You can also create a “Locker,” a secured folder on the drive to house specified content. And you can assign a unique password and configure the maximum disk space for each Locker.
Folder Lock comes with a powerful file shredder and a cloud-based backup solution as well. The demo is free, while the full-version is $39.95.
My Lockbox is a lightweight utility with an easy-to-use interface that works for Windows XP, Vista, and Windows 7 — it’s also compatible with Windows 10 and 11. After installation, the tool will ask you to set a location for your locked folder.
All locked folders will be hidden on your drive until you unlock them. My Lockbox is free and resource-light, making it an ideal solution for older computers or operating systems.
While strong password protection will be enough for most users, if you have sensitive data, then more advanced methods such as third-party encryption tools can be used to safeguard data.
Beyond regular password protection, you can also use disk-encryption software that offers more robust security. Full-encryption tools block even the most advanced cold-boot and brute-force attacks, which try to crack passwords and encryption keys using different combinations.
7-Zip is free, open source software that can be used on any computer, and virtually any Windows system. It is essentially a file archiver that uses high compression and strong AES-256 encryption.
Your files are compressed and encrypted, so when you go to access them, you simply need to decompress the file first. Yes, it’s an extra step, but a small price to pay for high security. To secure your data with 7-Zip, follow these steps:
Download the latest version of 7-Zip and install it.
In your Windows directory, select 7-Zip File Manager.
From the 7-Zip control panel, select the file or folder you’d like to protect and click the Add button.
Choose your compression options (see image below).
Enter the name for your encrypted file.
Under the Encryption section, set a strong password for encrypting and decrypting.
We recommend setting your compression level to HIGH and your compression method to AES-256.
Your file or folder is now compressed, encrypted, and protected. Decompressing is just as simple:
From the 7-Zip control panel, select the file or folder you’d like to open.
Click the Extract button.
In the dialogue box, enter the password. Then click OK.
Your file or folder will decompress and open for you.
With support for AES, Serpent, and TwoFish keys, VeraCrypt is a free, cross-platform data security tool that can encrypt files very effectively. VeraCrypt comes with full disk encryption but can encrypt at the volume (folder) level as well. Users can decide whether they want specific folders encrypted or entire systems.
VeraCrypt may seem intimidating, but it’s actually quite simple once you get the hang of it. The software works similarly to the Daemon tools that can create a virtual CD drive on your computer.
Download the setup file for Windows and install the software, then follow these instructions:
To start, you need to create a volume, which is essentially an encrypted folder to house your data. Click on Create Volume.
Select Create an encrypted file container and click Next.
VeraCrypt lets you create a normal, visible container or an invisible one. For our example, we’ll choose Standard VeraCrypt volume, but select whichever option is best for you.
Click Select File and navigate to where you want to store your encrypted container. Click Next.
Now choose your preferred encryption method. We recommend AES-256, some of the strongest encryption used today. Then click Next.
Note how much space you want the encrypted folder to have. 10 MB should be enough, but if you have multimedia files, you may need more space.
Finally, enter the password you want to use for your volume (folder) and click Next. Make sure your password is strong.
VeraCrypt is now ready to create your container. Remarkably, the tool can use random mouse movements to create your encryption key and encrypt the folder. Move your mouse around a lot because that makes the encryption key stronger — do this until the bar at the bottom reaches the end. Then click Format.
Your first encrypted volume should now be sitting in its designated folder.
To add files or folders to your encrypted container, follow these steps:
To mount your volume, choose a drive number from any one of the drives available on the VeraCrypt home screen.
Click on any of the letters in your highlighted volume name, click Select File, and navigate to the folder where you saved your encrypted container.
Click Open to select the volume.
Next, click Mount to mount the volume to the selected drive. Enter your password and click OK. Your container is ready.
Double-click the mounted drive to open another window of the container. You should also see the container in This PC along with your other drives.
Now, copy the content to your new encrypted “drive,” click dismount to close the folder, and encrypt it again.
Password protection is like locking something in a safe, like a highly sensitive document. Encryption is like rearranging all the letters in a document so that they can only be placed back in the correct order if you have a special decoder key.
With password protection, knowing the password is literally the key. That’s why password protection is sometimes referred to as a form of knowledge-based authentication. Once you know how to password protect a folder, anyone who wants to access it must know the password as well.
If you need a physical key, like an actual key or a special USB drive, to access a secret document, this would be a form of possession-based authentication. If the key were your fingerprint or face, you would be using inherence-based authentication, because you’re using something that is inherent to you and you alone. These factors are important in two-factor authentication.
Encryption scrambles a document’s data so that it looks like a wall of random characters. To access the document, you need to have a decryption key. Unencrypted documents are stored normally in plaintext, and anyone can read them.
In the case of file and folder encryption in Windows, the “key” means being logged in to your account as the correct user. Even on the same computer, documents encrypted by one user are unreadable on another user account.
Password encryption is a third option that combines password protection and encryption. If someone has the right password to unlock the file or folder, they still won’t be able to read it if they’re not logged in as the authorized user.
You should password protect files because if you share your computer with others, someone might accidentally delete or modify an important file, or even share a private folder. You might even make the critical error yourself, accidentally sending sensitive information to the wrong person.
Sharing a computer is not a problem if you add a password to your most sensitive files. Entering a password every time you access that file may slow you down a bit, but the added security is worth it.
And you can always use Windows to encrypt an entire folder, as described above. Knowing how to password protect a folder and how to encrypt your files is key to making sure your content is locked up tight.
Now that you know how to password protect and encrypt your files and folders in Windows, all that’s left is keeping your passwords safe and following good security practices.
Consider what might happen if you lost your master password, if your encryption software got corrupted, or if the files themselves got lost. Backing up your data regularly and using a password manager can help ensure that never happens. You can even clone your entire hard drive to an external storage device.
Some of the tools mentioned above, like Folder Lock, come with their own cloud-based data backup solutions. But you can use Microsoft’s OneDrive or the free Google Drive as well.
The biggest challenge with strong passwords is remembering them. But you’re setting yourself up for potential data theft if you create one password to use across all of your accounts. The common alternative — creating simple, easy to remember passwords — is just as bad.
Weak and common passwords are easy to hack using programs that cycle through different key combinations at unfathomable speed. These password cracking techniques are highly advanced. In 2012, hackers created a computer cluster that guesses passwords at a rate of 350 billion per second — and things have only evolved since then.
That’s why long, unique, and hard-to-guess passwords are one of the best ways to protect your files and devices against hackers.
Now that you’ve encrypted your files with unique and hard-to-guess passwords, protect all your passwords and accounts with Avast BreachGuard. With 24/7 dark web monitoring, BreachGuard will alert you if your passwords or other personal data are ever leaked, helping you to respond ASAP and stay ahead of anyone looking to compromise your accounts.