The ultimate guide for Encrypting files & folders using FreeOTFE program

In this tutorial, we are going to explain how to install and configure FreeOTFE on a local machine, in order to use this program on removable media (flash memory) check our part two article on this issue, however, we still recommend reading this tutorial first as it offers a comprehensive introduction to this tool.

Download FreeOTFE program from here https://sourceforge.net/projects/freeotfe.mirror/ and execute the installer as follow (you need administrative privilege to install the program in your machine, if you do not have admin privilege –Guest account – use FreeOTFE Explorer program instead)

Click “Next” to continue …

Choose the installation directory of FreeOTFE program and click “Next’

Select where to put program shortcut … and click “Install”

Wizard completed successfully, tick the option “Lunch FreeOTFE” to start the program instantly.

Main program interface appears as in the screen above.

Select “New” from the menu bar to create a new encrypted volume (screen capture below)

Volume creation wizard appears as appears in next screen:

Click “Next” To continue.

Wizard asks you whether you want to use a “Volume file” or encrypt an entire disk /partition

What is the difference: in most cases users want to create an encrypted container file to store private data inside it, this container file could be moved anywhere without damaging the data inside it. On the other hand if the user has already a partition /disk which already contains his private data, he might want to encrypt it, however he will not be able to move his data from one PC to another

For most users, it is enough to select “Volume File” to create a new encrypted container, so I will select the first option and click “Next” to continue.

Now, we need to specify a file name for our encrypted volume, click browse to select a location where you want your volume to be stored as follow:

In our example I select drive “E” as a location for my new encrypted volume named “MyFreeOTFE_Volume”

Now we need to enter the size of our new volume, a drop down menu appears beside the size text box contains the following measurements choices

• Bytes
• KB
• MB
• GB
• TB

For our example I will enter 100 and select the size in MB and click “Next”.

The above window allow us to select which encryption algorithm we want to use for our new volume , the default setting is always enough , advanced users can select different Hash – Cypher.

Accept the default setting and click “Next”

Now the wizard needs to generate random number to strength the volume key encryption, tick both choices “Microsoft CryptoAPI & Mouse Movement” and hit the “Next” Button …

Please note this screen will not appear if you did not select ‘Mouse Movement’ check box in the previous step

Now move your cursor as much as you can inside the white board till the “Next” Button becomes available for clicking (active …)

Now enter your secret password for the new volume, make sure not to forget it because if you do so you will not be able to recover your data from inside the encrypted volume.

Tip on Password:

Always choose a password which is difficult to guess or even to remember! , the password should contains both small and capital letters, symbols and numbers and it should not be less that 20 characters.

Hit the “Next” Button to continue …

Finally, click “Finish” and check the option “Mount Volume after creation” if it is not already ticked.

Now, we need to format this volume before we can use it, formatting this volume is similar to formatting any disk partition / flash memory , if we try to access our volume without first formatting it , the following error will pop up

Right click on the newly created volume and select “Format” as appears in next screen:

The following window appears, you can change file system type and volume label in addition to performing “Quick format” for speed.

Click start button to begin formatting the newly created volume.

After finishing go to Windows Explorer ‘My Computer’ and access your volume as appears in next screen:

Now you can save your private data inside this virtual disk, after finishing from entering data go to FreeOTFE main program and select this volume and click “dismount” to unplug your virtual disk.

Now, you have a fully encrypted virtual disk.

Additional Options:

How to open your encrypted volume?

We can open our encrypted volume as follow:

Double click on FreeOTFE Icon to lunch the program

Go to the File menu and select ‘Mount’ or select the Mount ICON from the menu bar as appears in next screen capture:

Browser your computer directory and open your encrypted volume and click ‘Open’

The password dialog appears, you must enter your password here, and this window offers additional choices like:

Choose a drive letter (which letter ‘A, B, C,…’ you want your volume to have after mounting it

‘Mount read only’, this option allow us to open the encrypted volume as read only, so we cannot add / delete / update its contents.

‘Keyfile’ , if the user has created a keyfile in additional to his password, he needs to select his key file in additional to entering his password in order to access his volume.

We notice in the bottom of the ‘Login window’ of FreeOTFE (picture above), a button named ‘Advanced >>’, clicking it open additional mounting options as follow (Please note the advanced section is optional, for most users it is enough to enter the password and click the ‘Ok’ button)

Salt length

This should be set to the number of salt bits used in the PBKDF2 processing of the user’s password, before using it to decrypt the volume’s CDB/keyfile being used.

By default, this is set to 256 bits – the same default length used when creating a new volume.

Key iterations

This should be set to the number of key iterations used in the PBKDF2 processing of the user’s password, before using it to decrypt the volume’s CDB/keyfile being used.

By default, this is set to 2048 iterations – the same default number used when creating a new volume.

 PKCS#11 secret key

This option is only available if PKCS#11 support is enabled.

Mount Options

(PC version only)

Mount as

FreeOTFE volumes may be mounted as any of the following types of virtual drive:

1. Fixed disk
2. Removable disk
3. CD
4. DVD

Under normal operation, users should select either fixed disk, or removable disk.

Selecting the “removable disk” option causes the volume to be mounted as though it was a removable drive. By mounting volumes in this way, among other things, files deleted from your volume will not be moved to a “recycle bin” on your encrypted volume, but will be deleted immediately.


By default, FreeOTFE mounts volumes as a fixed disk.

Mount for all users

If this option is checked, mounted drives will be visible to all users logged onto the PC.

By default, this option is checked.

Now after clicking ‘Ok’ if the password entered was correct’ the following message appears stating that mounting was successful.

Go to windows explorer (My Computer) to access your volume (as drive H in our example).

How to change Volume password?

First you need to dismount the volume that you want to change its password as follow

Now go to tools and select change volume/Keyfile password details… as appears in next screen:

The following wizard appears

Select the type of your encrypted volume (File in our case) and hit the ‘Next’ Button..

Now, browse you PC and select your encrypted volume (the volume should be dismounted)

Hit the next button to continue ….

Enter the current password in the specified filed as follow

Click ‘Next’ and enter your new password in next window and you are done.

In this tutorial, we have shown you how to make an encrypted volume with FreeOTFE in addition to exploring some of its advanced options.

You can download the program and reads more information about its functions https://sourceforge.net/projects/freeotfe.mirror/.