What are the best BitLocker alternatives?
BitLocker Drive Encryption is the full-disk encryption system that Microsoft has provided in recent versions of Windows. Windows 8 BitLocker allows for recovery of encrypted system and data volumes in the event of a disaster. BitLocker also integrates with management tools, such as Active Directory.
As convenient and powerful as BitLocker disk encryption is, its biggest limitation is that it only works with certain versions of Windows: Windows Server 2008, Windows Vista Enterprise/Ultimate, Windows 7 Enterprise/Ultimate and Windows 8 Pro/Enterprise.
BitLocker also requires a Trusted Platform Module (TPM), although this can be changed by editing a Group Policy setting. But the biggest limitation, again, is the fact that it's available only in specific editions of Windows.
The single most commonly used and widely touted alternative to Windows BitLocker is a free program named TrueCrypt. Based on an earlier program named E4M -- Encryption for the Masses -- TrueCrypt has been in development since 2004 and is currently at Version 7.1a. Like BitLocker, it lets you encrypt entire volumes, including the system volume.
Unlike Windows 8 BitLocker, TrueCrypt runs on all versions of Windows XP, Vista, 7, 8 and Windows Server (from 2003 forward). It does not run on Windows RT or any IA-64 version of Windows, however.
TrueCrypt also has a few features that BitLocker does not. For one, TrueCrypt allows you to take a file of any size and mount it as an encrypted drive. For example, a file of 20 GB can be used as a 20 GB encrypted drive. The file can reside anywhere -- on a network share, a USB drive or on the local file system.
Another BitLocker alternative is FreeOTFE -- OTFE stands for on the fly encryption, which is conceptually and functionally similar to BitLocker. It sports some features not found in either BitLocker or TrueCrypt, such as the ability to allow users to read encrypted disks without needing the FreeOTFE driver. However, FreeOTFE has not been updated since 2010, so TrueCrypt has become the default choice.
On the other hand, TrueCrypt and FreeOTFE don't have many of the same key escrow or central management features offered by Windows 8 BitLocker. That makes them less desirable to administrators, but end users will still be able to make good use of those programs -- especially if they're running a version of Windows where BitLocker isn't available.
This was first published in June 2013