Once upon a time, there was an encryption protocol called TrueCrypt. It was said to be totally impregnable with the FBI unable to break in. Then the TrueCrypt project was suddenly shut down and rumors started flying that the FBI had finally busted its encryption.
TrueCrypt has now been replaced by VeraCrypt which, from the outside, looks more or less identical. But unless your enemy is a government or an evil emperor on a fully operational Death Star, VeraCrypt is more than sufficient to keep nosy parents, spouses, and roommates from reading your private business (porn).
In this first part of a three-part article, I will be
showing you how to set up an encrypted volume with VeraCrypt. In part two, I
will show you how to hide a hidden section inside
the encrypted volume for extra super-special security. In part three, I will explain
how to encrypt your entire operating
system with the program.
Setting Up VeraCrypt For The Very First Time
First, head on over to the Veracrypt website and choose your operating system. I particularly like the portable Windows version which stays on my USB stick.
Now install the program as you usually would with any
Opening It Up
When you open up the program, this is what you will
The first step is to click “Create Volume”. This now
Today, we’re going with door number one. So click on
“Create an encrypted file container” and then “Next”.
The hidden volume option will be discussed in more
depth in part two. So for the moment, choose “Standard VeraCrypt volume” and
The next step is to specify the location of the
encrypted volume and the name of it. Click on “Select File” and navigate to the
folder where you want to put it. Then type the name of it. Both the location
and the name can be changed later if need be.
The next screen now asks you to choose your encryption
algorithm. It will default to AES, which is perfectly fine. If it’s good enough
for the US Government’s Top Secret files, then it’s good enough for your Katy
Perry albums. No need to overthink this one.
Equally, don’t touch the hash algorithm, unless you
absolutely know what you’re doing.
You now need to decide how big the volume has to be.
You have to take two considerations into account.
- What will the encrypted
volume be used for? Videos and music for example will need a larger volume than
just purely files.
- How much free space do you
have on your computer? VeraCrypt volumes can be moved onto removable media such
as USB sticks and portable hard-drives. Or cloud storage. But you need to find
out in advance if you have the storage space needed, as changing the volume
size later is not possible.
For the purposes of this article, I went with 1GB. But
my main VeraCrypt volume is 150GB.
Now the most important part of all – the password.
Before choosing a password, you have to remember the
following. VeraCrypt does not, for the sake of security, do password resets or
password reminders. So if you forget your password, you are quite literally up
the creek without the proverbial paddle.
So although the password should not be something
stupid like “12345”, it should also be something you will always remember.
I would avoid keyfiles and PIM’s for the moment. They
have the potential to make your volume much more secure but you need to have a
solid understanding of how they work. I am still trying to figure it out so I
am not going to expect you to suddenly become an expert in it. Let’s keep it
simple for now.
Last of all, it’s time to generate your encryption
Move your mouse randomly around the VeraCrypt window
until the red bar at the bottom gets to the other end and turns green. As the
window says, the longer you move it and the more random the moves, the better
the encryption strength.
When the bar at the bottom is green, click “Format”
and your volume will be made and placed in the location you specified.
Opening Up Your VeraCrypt Volume
Now that you have your nice shiny new volume, it’s
time to open it up and hide some files in there.
Go back to the VeraCrypt main window, highlight a
drive letter with your mouse, click “Select File”, and double-click the volume.
Remember not to use any drive letters currently being used by other drives,
portable media or software. When the volume is showing, click “Mount”.
I would advise you to keep “Never save history”
ticked. Otherwise, VeraCrypt will keep a record of all the volume locations on
your computer that were recently accessed.
Now enter your password. “TrueCrypt Mode” is only for
people who had old TrueCrypt volumes which were suddenly rendered useless when
the software was abandoned. But you can ignore that if you have never used
Once the password has been successfully entered, go to
Windows Explorer (or Finder if you are using MacOS) and you will see the volume
“mounted” as a drive.
Or you can double-click on the volume in VeraCrypt to
be taken directly there.
Now you can just drag files into the volume and they
will show up.
To close the volume and secure the files, click
“Dismount” on the VeraCrypt window.
And that is how to make an encrypted folder/volume.
You can create as many of these as you want – VeraCrypt does not impose any
limits. Of course, the more volumes you have on the go, the more passwords you
have to remember. So maybe don’t go too
Next time, we’ll look at hidden volumes within normal
volumes. Stay tuned for that.