Identity Finder
From CVL Wiki
(Difference between revisions)
| Line 1: | Line 1: | ||
For installation instructions and more details, please see the [http://www.security.vt.edu/idf/index.html VT Identity Finder] page. | For installation instructions and more details, please see the [http://www.security.vt.edu/idf/index.html VT Identity Finder] page. | ||
| − | + | =Using TrueCrypt and VT eToken to encrypt your data= | |
This method uses a keyfile on your VT eToken instead of a normal password. This allows you to copy the keyfile to a remote secure location for backup and recovery. | This method uses a keyfile on your VT eToken instead of a normal password. This allows you to copy the keyfile to a remote secure location for backup and recovery. | ||
---- | ---- | ||
| − | *Download and install [http://www.truecrypt.org/downloads TrueCrypt] and the [http://www.pki.vt.edu/pdc/ Virginia Tech | + | ==Creating the TrueCrypt Volume and Keyfile== |
| + | *Download and install [http://www.truecrypt.org/downloads TrueCrypt] and the [http://www.pki.vt.edu/pdc/ Virginia Tech eToken] software | ||
#Open TrueCrypt | #Open TrueCrypt | ||
#Click on Settings menu-> '''Security Tokens...''' | #Click on Settings menu-> '''Security Tokens...''' | ||
| Line 10: | Line 11: | ||
#* Windows: C:\Windows\system32\etpkcs11.dll | #* Windows: C:\Windows\system32\etpkcs11.dll | ||
#*OS X: /usr/local/lib/libeTPkcs11.dylib | #*OS X: /usr/local/lib/libeTPkcs11.dylib | ||
| − | #Click on | + | #Click on Tools menu -> '''Keyfile Generator''' |
| − | # | + | #*'''Note''': Technically any file can be a [http://www.truecrypt.org/docs/?s=keyfiles keyfile], however we recommend creating a new one with the built-in tool |
#Follow the instructions at the top, then select '''Generate and Save Keyfile...''', and choose a nondescript filename. | #Follow the instructions at the top, then select '''Generate and Save Keyfile...''', and choose a nondescript filename. | ||
| − | # | + | #Click '''OK''' to close the Keyfiles window |
| − | #Click on Tools menu -> '''Manage Security Token Keyfiles...''' | + | #Insert your VT eToken into a USB slot |
| + | #Click on Tools menu -> '''Manage Security Token Keyfiles...''' and enter the eToken password | ||
| + | #*'''Note''':If you are not prompted for your eToken password, please make sure that you properly installed the [http://www.pki.vt.edu/pdc/matrix.html eToken software]. | ||
#Click on '''Import Keyfile to Token...''' | #Click on '''Import Keyfile to Token...''' | ||
| − | #Select the keyfile you created in step 8 and | + | #Select the keyfile you created in step 8 and click '''Open''' |
| − | + | #Click '''OK''' twice to close out of the Security Token windows. | |
| + | #Click on Settings menu -> '''Default Keyfiles...''' | ||
| + | #Click on '''Add Token Files...''' | ||
| + | #Select your eToken name and click '''OK''' twice to close the windows. | ||
| + | #Read the prompt and click '''Yes''' | ||
| + | #Click on '''Create Volume''' to start the Volume Creation Wizard | ||
| + | #Select '''Create an encrypted file container''' and click '''Next''' | ||
| + | #Select '''Standard TrueCrypt volume''' and click '''Next''' | ||
| + | #Click '''Select File...''', choose a filename and location for your TrueCrypt volume and click '''Next''' | ||
| + | #Select '''AES''' in the drop-down menu and click '''Next''' | ||
| + | #Choose a volume size appropriate for your files. This is a static volume size, you will need to make a new TrueCrypt volume if you run out of room for your files. | ||
| + | #Leave the password boxes clear, check '''Use keyfiles''' and click on '''Keyfiles...''' | ||
| + | #Select your eToken name and click '''OK''', then '''Next''' | ||
| + | #Enter your eToken password | ||
| + | #Keep the default Filesystem options (FAT, Default, uncheck Dynamic) and move your mouse as randomly as possible before clicking '''Format''' | ||
| + | #Click '''OK''', then '''Next''', then '''Cancel''' to close the Volume Creation Wizard | ||
| + | #Click Settings menu -> '''Preferences''' | ||
| + | #Under the Auto-Dismount section: | ||
| + | #*Check "User logs off" | ||
| + | #*Check "Screen saver is launched" | ||
| + | #*Check "Auto-dismount volume after no data has been read/written to it for _____ minutes" (Recommended 5 minutes) | ||
| + | #*Check "Force auto-dismount even if volume contains open files or directories" | ||
| − | + | ==Mounting your TrueCrypt Volume== | |
| − | + | ||
| − | + | ||
| − | + | ||
| − | + | ||
| − | + | ||
| − | + | ||
| − | + | ||
Revision as of 15:41, 21 July 2011
For installation instructions and more details, please see the VT Identity Finder page.
Using TrueCrypt and VT eToken to encrypt your data
This method uses a keyfile on your VT eToken instead of a normal password. This allows you to copy the keyfile to a remote secure location for backup and recovery.
Creating the TrueCrypt Volume and Keyfile
- Download and install TrueCrypt and the Virginia Tech eToken software
- Open TrueCrypt
- Click on Settings menu-> Security Tokens...
- In the dialog box for 'PKCS #11 Library Path', enter the following and click OK:
- Windows: C:\Windows\system32\etpkcs11.dll
- OS X: /usr/local/lib/libeTPkcs11.dylib
- Click on Tools menu -> Keyfile Generator
- Note: Technically any file can be a keyfile, however we recommend creating a new one with the built-in tool
- Follow the instructions at the top, then select Generate and Save Keyfile..., and choose a nondescript filename.
- Click OK to close the Keyfiles window
- Insert your VT eToken into a USB slot
- Click on Tools menu -> Manage Security Token Keyfiles... and enter the eToken password
- Note:If you are not prompted for your eToken password, please make sure that you properly installed the eToken software.
- Click on Import Keyfile to Token...
- Select the keyfile you created in step 8 and click Open
- Click OK twice to close out of the Security Token windows.
- Click on Settings menu -> Default Keyfiles...
- Click on Add Token Files...
- Select your eToken name and click OK twice to close the windows.
- Read the prompt and click Yes
- Click on Create Volume to start the Volume Creation Wizard
- Select Create an encrypted file container and click Next
- Select Standard TrueCrypt volume and click Next
- Click Select File..., choose a filename and location for your TrueCrypt volume and click Next
- Select AES in the drop-down menu and click Next
- Choose a volume size appropriate for your files. This is a static volume size, you will need to make a new TrueCrypt volume if you run out of room for your files.
- Leave the password boxes clear, check Use keyfiles and click on Keyfiles...
- Select your eToken name and click OK, then Next
- Enter your eToken password
- Keep the default Filesystem options (FAT, Default, uncheck Dynamic) and move your mouse as randomly as possible before clicking Format
- Click OK, then Next, then Cancel to close the Volume Creation Wizard
- Click Settings menu -> Preferences
- Under the Auto-Dismount section:
- Check "User logs off"
- Check "Screen saver is launched"
- Check "Auto-dismount volume after no data has been read/written to it for _____ minutes" (Recommended 5 minutes)
- Check "Force auto-dismount even if volume contains open files or directories"
Mounting your TrueCrypt Volume
The Bradley Department of Computer and Electrical Engineering recommends using Identity Finder to find and remove any Personally Identifying Information on your computer(s). If you need to keep any such Personally Identifying Information, the data needs to be encrypted and stored according to the VT policies (see below). We recommend using TrueCrypt and the VT eToken to encrypt and store your documents.
For more information on the VT Policies for securely storing and using SSN, please see the following:
