General BestCrypt Features

    Basic Features

  1. BestCrypt software is designed for Windows (32-bit and 64-bit versions of operating systems). The software satisfies all requirements for 32 and 64-bit software and uses all available advantages of the operating systems.
  2. There are no limitations on the number of local physical drives on which a user stores BestCrypt containers. Any type of physical media may be used to store and access the data on the BestCrypt containers: hard drives, removable media, magneto-optical devices, etc.
  3. Any network accessible disk may be used by BestCrypt software for creating and accessing file-containers. This network disk may be shared by a server with any operating system, for example UNIX-like operating systems (OSF/1, LINUX, BSD, SunOS, HP/UX, AIX and others), Novell, Windows.
  4. User may copy (backup) BestCrypt containers from one computer to another in network and continue to access encrypted data without any limitation on the operating system type. For example, a user may copy or move a file-container from a computer with a Windows operating system to a UNIX computer, yet continue access the data (now stored inside the container on the UNIX computer) from the Windows computer.
  5. The main commands to control access to encrypted data may be run from Windows Explorer ("My Computer" window) without starting BestCrypt Control Panel. To run these commands from Explorer, you should use the same method as for creating and opening any other document from Explorer, for example, a Microsoft Word document.

    Security

  1. BestCrypt can create Hidden Containers that are not evident to an intruder. You can simply create another (hidden) container inside an already existing (shell) container. Data stored within shell and hidden containers can be completely different, passwords for the containers are also different, and it is impossible to tell whether a shell container is concealing a hidden container or not.
  2. BestCrypt has a low-level module (so called Anti-Keylogger) that automatically turns on when the user enters password in BestCrypt password edit boxes. Keyboard Filter prevents keyloggers from intercepting a real password that the user types.
  3. Automatic closing options.
    Timeout: all virtual drives are automatically closed if the user has left computer or simply does not touch keyboard and mouse for the specified time (i.e. a "Screen saver" style time-out).
    Hot Key: all virtual drives are automatically closed if the user presses the Hot Key combination on the keyboard.
    Dismount drives at suspend: your containers can be dismounted automatically if your computer goes to sleep or hibernate mode.
  4. Two factor authentication:

    BestCrypt allows users to remove the header of the encrypted container from the container file. Without the header, it is absolutely impossible to access data inside the container, because the header stores the encryption key for the data. The container's header may be stored in a separate file apart from the container such as a removable device. Thus, you need to have the removable device attached and know the password to gain access to the container.

    Since BestCrypt v9.02, Key files are supported in addition to password authentication.

  5. There are cases when the access to the container must be obtained with presence and password of more than one person. For such cases there is a Secret Sharing Scheme.
  6. BestCrypt can additionally encrypt the header of the container if you want the container to look as complete random data.

    Useful functions

  1. BestCrypt allows mounting encrypted containers not only as a disk drive with a drive letter (like D:, E: or Z:), but also as a mount point, i.e. as a subfolder on a regular NTFS partition. It is useful, for example, because the new drive appearing on a computer is more noticable than as some additional data appearing in an NTFS subfolder. With BestCrypt v.8., the user can now mount multiple containers simultaneously, not being limited by the number of free drive letters on his/her computer.
  2. The software now allows mounting BestCrypt virtual drives as removable devices. Sometimes it is useful, for example, if your computer lacks a reliable power supply. Windows caches data flow on removable devices in a different way in version 8, so an accidental power loss results in fewer consequences, insuring consistency of data stored on removable devices.
  3. BestCrypt automatically saves network shares created by network administrator on BestCrypt virtual drive. After dismounting a container and mounting it again - administrator does not have to create network shares again.

    Additional Utilities

  1. BCWipe utility. To avoid an unauthorized restoration of deleted files from your disks, you can run BCWipe utility to wipe deleted files from the disk. The utility may also wipe all free space and file slacks on the specified disk.
  2. CryptoSwap utility. BestCrypt can encrypt the Windows swap file. The swap file is the Windows system file that is used for virtual memory support, and it can store parts of documents that you are working with in an opened form on a hard drive. Even if an original document is encrypted by some powerful encryption program, Windows can put a whole document or part of it into the swap file in an unencrypted form. Encryption keys, passwords, and other sensitive information can also be swapped to the hard drive. Even if you use all of the security advantages of the latest Windows versions, simply investigating the swap file on a sector level may allow someone to extract a lot of interesting information from the file.
  3. Container Guard utility. This utility prevents users from accidental deleting an encrypted file-container. As well, it prevents from deleting your file-container by an unauthorized person who has network access to your computer. Container Guard can be disabled only by an administrator.
  4. BestCrypt includes Algorithm Benchmark Test utility that calculates time needed to encrypt and decrypt data on your system for every installed algorithm and encryption mode.
  5. BestCrypt offers Public Key Manager to create and operate with your public keys . The utility supports key pairs in standard formats like PKCS #12, and X.509. It supports PGP keys. It means, for example, that users can use the public key of some other person to allow him/her to access data inside an encrypted container.
  6. Plugin Manager: BestCrypt has been designed with an extensible architecture: any third-party encryption software or hardware developers can insert security extensions into the BestCrypt software - for example, additional encryption algorithms, proprietary procedures of entering the passwords, or additional hashing algorithms. To get additional information about the architecture, visit the Jetico webpage.
  7. Get the latest updates of the software automatically with Automatic Update utility.
  8. BCArchive. The software compresses group of files or folders to encrypted archive (i.e. a single compressed file). To get more information, read Help documentation for the utility. Besides, the encrypted archive can be created as a self-extracting program. It means that recipient of the archive may do not have any encryption software installed to access secret data inside the archive. To get more information, read Help documentation for BCArchive.
  9. BCTextEncoder (installed together with BCArchive). BCTextEncoder utility intended for fast encoding and decoding text data. Plain text data are compressed, encrypted and converted to text format. The result of such conversion may be copied to the clipboard or saved as a text file.

See also:

New Features in BestCrypt v9
Public Key Encryption
Secret Sharing Scheme
BestCrypt Utilities
Hidden Containers
BestCrypt Container Encryption - encrypt selected files and folders in containers