Encrypted flash drives use either software or hardware encryption (or sometimes both) to prevent other people from accessing your personal data.
While this is becoming increasingly important in day-to-day life due to the number of complex passwords and login details needed for online banking and other essential activities, it’s also important when the SHTF. Your encrypted flash drive should be one of the items you keep with you when disaster strikes.
Standard USB flash drives are inexpensive and can hold a lot of data. But they’re also easy to lose and you don’t want your internet passwords or treasured family photos ending up in the wrong hands.
There are lots of companies making big claims about their products. In this article, we look past the marketing jargon to identify the most secure flash drives to keep your private data private.
Our Top Pick
Yes there’s a lot of jargon when it comes to encrypted USB drives!
We’ve summarized the most important points in the table below. (We also go into deeper detail in the buyers guide below the reviews.)
|Jargon||What It Means||What to Look For|
|Encryption standard||The method used to scramble data on your flash drive so it can’t be read by unauthorized people.||AES encryption.|
|AES||Advanced Encryption Standard – the encryption standard used and recommended by the US government.||128-bit encryption is sufficient but 256-bit is the gold standard.|
|XTS||This describes the block cipher mode that’s part of AES specification. Other modes include ECB and BCB.||XTS provides top-level protection.|
|FIPS levels||FIPS standards are the US federal benchmarks for cryptographic security.||FIPS 140-2 Level 2 or higher gives maximum security.|
|IP ratings||A standard that assesses how resistant a device is to dust and/or water.||IP67 offers a good all-around level of protection. IPX8 is the best.|
Secure Flash Drive Reviews
Best Encrypted Flash Drive: Apricorn Aegis Secure Key 3Z
Capacity: 8GB–128GB | FIPS 140-2 Level 3 | 256-bit AES XTS encryption | USB 3.1
This award-winning USB flash drive has top levels of protection, fast transfer speeds and is reasonably durable. It’s not the cheapest option, but there are a range of storage sizes available from 8GB up to 128GB.
Check Prices on Amazon
The Secure Key 3Z incorporates the most sophisticated encryption that’s readily available on the market – 256-bit AES XTS. It meets the FIPS 140-2 Level 3 standard, incorporating hardware encryption, tamper resistance and identity authentication. A coating of hardened epoxy protects the internal components from physical tampering.
The drive is unlocked by entering a pin number on the keypad. You can set the pin to be between 7 and 16 digits in length (the longer it is, the more secure) and you’re able to specify the number of incorrect attempts that can be made before the brute-force defense mechanism activates, deleting the encryption key and destroying the ability to decrypt stored data.
Because the device is so compact, you may find the keypad fiddly to operate if you have large fingers, which could be a downside over other unlocking methods.
The 3Z offers fast data transfer with speeds of up to 190MB/s read and 80MB/s write. This is significantly faster than the Secure Key 3NX which otherwise has a similar spec at a lower price (though is not currently FIPS 140-2 Level 3 accredited).
- Top levels of security protection
- Fast data transfer
- IP67 rating (dust and water resistant)
- Crush-proof casing
- Ability to set attempts figure for brute-force mechanism
- Keypad can be fiddly
- Device can get hot
Best Value: Kingston DataTraveler Vault Privacy 3.0
Capacity: 4GB–64GB | FIPS 197 | 256-bit AES XTS encryption | USB 3.0
The DataTraveler Vault Privacy USB stick is designed to meet business security standards but is just as good as a personal encrypted drive. It’s affordable, small and lightweight.
Check Prices on Amazon
The encryption standard is top-level 256-bit AES XTS, similar to the Aegis Secure Key 3Z. It also meets the FIPS 197 standard for hardware encryption. However, it isn’t designed to meet the FIPS 140-2 standards, meaning that the device could be more vulnerable to physical tampering.
There’s no fiddly keypad and the device is unlocked using a complex password. It’s also designed to lock down and reformat after 10 incorrect attempts.
Transfer speeds are reasonable (the larger capacity flash drives have faster data transfer). The DataTraveller has a high level of waterproofing and can be submerged in up to four feet of water.
The biggest downside is installation and use. Windows users have reported that the USB drive isn’t always automatically recognized (though you can change your settings to get around this). Mac users have the additional challenge of downloading software to get it to work. If you have a Mac, you may decide it’s worth paying a bit extra to avoid potential setup hassle.
- Top-level encryption
- Small and lightweight
- IPX8 rating
- Optional anti-virus protection
- 5-year warranty
- Not FIPS 140-2 certified
- Not ideal for Mac users
- Can be tricky to set up
Most Durable: Kingston IronKey D300
Capacity: 4GB–128GB | FIPS 140-2 Level 3 | 256-bit AES XTS encryption | USB 3.0
IronKey is a well-respected brand when it comes to encrypted devices and the D300 was a top contender for our best buy. It just lost out to the Aegis Secure Key by being more expensive and not so compatible for Mac users.
The IronKey beats the Aegis Secure Key hands down in durability. There’s no keypad and therefore no battery to run down. The zinc casing is rugged and secure and it’s waterproof down to four feet. You can freeze it, stand on it, heat it up and chuck it around to your heart’s content and it’ll still work.
Unfortunately, there is a price to pay for this rugged security. It’s a lot more expensive per gigabyte than other devices and it’s not plug and play – you need to go through a setup procedure on your computer.
- Top-level security
- Excellent durability
- Waterproof (IPX8)
- Not plug and play
Best for Storage: iStorage diskAshur PRO2
Capacity: 500GB–5TB | FIPS 140-2 Level 2 | 256-bit AES XTS encryption | USB 3.1
Technically, the diskAshur Pro 2 is a portable hard drive not a flash drive, but it’s compact and lightweight, so if you’re looking for a high-storage, portable, encrypted device this is the one we’d recommend.
Check Prices on Amazon
It has top-level AES XTS encryption and a Level 2 FIPS 140-2 validation. This means it’s protected from physical tampering as well as brute force attacks. However, the brute-force hack defense system is designed to activate after 15 incorrect attempts which you may feel is too high a threshold.
The device is unlocked using a pin of between 7 and 15 digits. The epoxy-coated keypad is designed to hide key usage and help avoid worn keys.
It works across all operating systems and data transfer is reasonably fast. On the downside, it’s bulkier than a USB flash drive and expensive. But if you want a secure way to store large files, that’s the price you pay.
- High storage capacity
- Works on all operating systems
- FIPS 140-2 Level 2 certified
- Fast data transfer
- Bulkier than other USB flash drives
Best for Photos and Videos: SanDisk Extreme Pro
Capacity: 128GB–256GB | 128-bit AES encryption | USB 3.1
The SanDisk Extreme Pro doesn’t offer the same level of security as the other flash drives we’ve reviewed, but its setup and competitive price make it the best option for certain users.
Check Prices on Amazon
It’s designed primarily with fast data transfer in mind. The read speed of up to 420MB/s and write speed of up to 380MB/s is more than twice that of the other devices we’ve looked at. It also has a much larger capacity. This makes it ideal for storing photos and videos.
The reason it’s so much faster is because, unlike the other flash drives, the whole device isn’t encrypted. Instead, you use the SanDisk Secure Access software to create a specific folder for the files you want to keep secure. The software has 128-bit AES encryption, giving an additional level of security beyond password protecting individual files.
If you want a flash drive to store family photos and some personal data, then this offers a cost-effective compromise. It just won’t be as resistant to hackers as more expensive options.
- Very fast transfer speeds
- Large capacity
- Ability to separate encrypted data
- Very affordable
- Lifetime limited warranty
- Not as secure as other models
- Software download required for Mac
Best Fingerprint Encryption: Verbatim Fingerprint Secure
Capacity: 32GB–128GB | 256-bit AES encryption | USB 3.0
This tiny device uses 256-bit AES encryption and fingerprint recognition to secure your data. It isn’t as secure as FIPS validated devices (for example, it doesn’t have physical tamper protection), but it offers a method of protecting your data which doesn’t require you to remember a password.
Check Prices on Amazon
You can register up to six authorized users and grant them administrator or access-only rights. This makes it a great option for families as it allows you to store emergency information securely that can be easily accessed by both adults and older children.
The flash drive is compatible with both Windows and Mac and offers more storage space for your money than higher security devices.
- Doesn’t require a password to access
- Good option for multiple users
- 256-bit AES encryption
- Not as secure as other flash drives
- Slow data transfer speeds
What You Need to Know About Encrypted Flash Drives
Levels of Protection
An encrypted flash drive is a lot more secure than keeping personal data on your laptop or desktop computer. But not all secure flash drives offer the same level of protection.
FIPS 140-2 (Federal Information Processing Standard) provides a benchmark for assessing the level of protection for cryptographic hardware. If a product carries a FIPS 140-2 standard, you know it’s been tested and approved by the US and Canadian governments.
There are four levels of protection with each level building on the previous one:
- Level 1 – some form of encryption
- Level 2 – encryption plus tamper-proof technology
- Level 3 – additional physical tamper-resistance and identity-based authentication
- Level 4 – more stringent physical security requirements, including the automatic erasure of data if environmental attack is detected
An encryption algorithm takes raw data and transforms it into encrypted text that can’t be deciphered using the same machine. Of course, it’s a bit more complicated than that, but the details can get a bit mind-boggling.
What you need to know is what to look out for. “AES” stands for “Advanced Encryption Standard” and is the most common encryption methodology you’ll see. 256-bit AES is the gold standard, though 128-bit is also effective – a hacker would need a lot of computer power to crack the cipher.
You may see additional letters that refer to the block cipher mode used in the AES specification. ECB (Electronic Code Block) is the most basic, CBC (Cipher Block Chaining) is the next level up and XTS is the latest and most secure mode.
As well as paying for the level of protection offered, the capacity of the drive will affect how much it costs. Small USB flash drives will typically have a capacity of between 8GB and 128GB, but encrypted hard drives allow you to store up to several terabytes of data.
Durability and Resilience
It’s not just protection from data thieves that you need to consider when buying a flash drive. They may be small and light, but that also makes them easy to drop.
A tough, waterproof casing will help protect your data from accidental damage, floods or that time it falls out of your pocket and into the toilet bowl.
IP ratings assess how resistant a device is to dust and water ingress. If there are two numbers (e.g. IP67) then the device has been assessed for BOTH dust and water ingress. If there’s an “X” before the number (e.g. IPX8) this means it has only been tested for water resistance (but in practice, is likely to also be dust resistant). Read more about waterproof ratings.
While most encrypted flash drives currently on the market fit Type-A USB ports, it’s worth bearing in mind that many new, ultra-thin laptops are moving to USB Type-C ports only.
At the moment, encrypted flash drives that are compatible with Type-C ports aren’t readily available, perhaps because the market isn’t big enough. This should change in the future, but it’s worth bearing in mind if you’re shopping for a new computer.
What to Store
As encrypted drives are more expensive than standard USB drives, you’ll need to prioritize what you save on them. Transferring the thousands of unedited photos from your phone is not the best use of the limited storage you have available.
So what do you need on your flash drive?
- Details on how to access essential online sites, for example, banking, government and health services and pension and investment platforms.
- Financial information on your savings and investments.
- Emergency contact details.
- Scanned copies of identification documents such as passports, birth certificates and marriage certificates.
- Copies of life insurance documents and wills.
- Important information about your pets, such as vets details and microchip numbers.
To keep all this information organized and make sure you haven’t forgotten everything, download our handy emergency binder template.
You may also want to keep digital copies of photos or videos that are particularly precious.