A poor password is by far the weakest link in any encryption. Password selection is perhaps the single most important aspect of this entire operation. When encrypting an entire hard disk, the Volume Size dialog simply reports the size of the drive you’re operating on. It’s typically best to accept the defaults and click Next. VeraCrypt actually supports a number of different encryption algorithms, and you can select among the variations here if you want. If you wish to retain your data, choose “Encrypt partition in place”. My example external drive is full of data I no longer need, so I’ll choose “Create encrypted volume and format it”. This takes more time, as every sector (used or not) is read, encrypted, and written back out to the drive. This is generally fastest, but erases all data currently on the drive or partition. It can erase the drive, creating a new, empty encrypted volume to contain your data.When encrypting an external drive, VeraCrypt can operate one of two ways: This returns us to the Volume Location dialog with the location filled in. Click Next. ![]() You can see that each hard disk on my machine is listed, including the external one. On hard drives that have multiple partitions, each partition is listed as well. In my case, I’ll click \Device\Harddisk2\Partition1, also labeled as F:, which is my external drive, and click OK. (Hidden volumes are beyond the scope of what we need to do here.)Ĭlick the Select Device… button on the following dialog (not shown). Select Standard VeraCrypt volume and click Next. Since we’re encrypting an external drive, make sure “Encrypt a non-system partition/drive” is selected, and click on Next. Since this is the partition from which the machine boots, it takes additional steps (and complexity) to encrypt the entire drive and still be able to boot from it. A system partition/drive: this is the partition containing Windows itself.A non-system partition/drive: this is a separate partition or drive that will be completely encrypted.It’s useful if you don’t want to encrypt an entire hard disk, or if you want to copy the file container from machine to machine. It appears on unencrypted drives as a large file containing random data, and must be “mounted” to make its contents accessible. An encrypted file container: this is a stand-alone file that contains the volume.There are three types of encrypted volumes you can create using VeraCrypt: In general, you can accept the default settings, and when the installation is complete, double-click the VeraCrypt icon on your desktop to start the program.Ĭlick on the Create Volume button to begin. The setup is fairly standard, so I won’t walk through all the steps here. Installing VeraCryptĭownload VeraCrypt from its primary site. If someone does walk away with the drive, they’ll have a nice, empty-looking drive they can do whatever they want with – except access the encrypted data. Once mounted, it operates like any other drive, until you shut down the computer or explicitly dismount the drive, at which point it again appears to be an empty drive. When you encrypt an entire drive, it initially looks like an empty, unformatted drive containing “RAW” data. To access the contents of the drive, you must first “ mount” it, providing the proper pass phrase to enable its unencrypted access. ![]() ![]() ![]() In a forehead-slapping moment, I realized I was going about this all wrong. If that conveniently small, portable drive walked off in someone’s pocket, they’d have access to a lot of my stuff. Some of the data on that drive is encrypted in various ways, but the vast majority is completely unencrypted. Some time ago, I realized the external hard drive I carry with me when traveling was an easy thing to lose.
0 Comments
Leave a Reply. |