Flash drive as truecrypt password. How to set a password and encrypt the contents on a flash drive using VeraCrypt

Twitter

Professional and enterprise versions of Windows include an encryption program called BitLocker. Thanks to its tight integration with the operating system, using this program is in some aspects more convenient than using other encryption programs. In particular, if you encrypt a flash drive using BitLocker, then when you connect it to a computer, the system will automatically inform you that the information is encrypted and you must enter a password. This article will describe how to produce flash drive encryption using BitLocker and how to use such a flash drive in everyday work.

Features of using BitLocker

As already mentioned, BitLocker is a simple and convenient means of protecting information. However, its use is associated with a number of limitations. First of all, it is worth keeping in mind that this program does not come with all versions of Windows. This means that with a high degree of probability a situation may arise when an encrypted flash drive cannot be opened while visiting someone. Not to mention that even on your operating system, BitLocker may not be available.

Another unpleasant feature is that there is no way to somehow hide the fact that the flash drive is encrypted - the operating system directly and openly reports that the flash drive is encrypted and asks for a password. In addition, the program itself is closed source, which indicates the potential insecurity of the program - after all, developers can access users’ encrypted volumes through possible bookmarks in the code.

Based on the foregoing, it is worth weighing all the pros and cons, and if using BitLocker is undesirable, use free open source analogues, for example TrueCrypt (this program was produced).

Creating an encrypted flash drive

To start encrypting a flash drive, you need to open Windows Explorer, select the desired drive from the list of drives and select the “Enable BitLocker” menu item using the right mouse button.

After this, you will be asked to set a password to block hidden information. In addition to the password, the program includes the ability to use smart cards. But this type of device is not very common in our area, and therefore most users are unlikely to need this option.

The next step is to save the recovery key, which can be useful if the password is forgotten. If your computer is in a secure location and you need to encrypt the flash drive to access it outside of this secure location, then you can choose the option of saving the recovery key on disk. Otherwise, you should not save this key, but print it out and hide it in another safe place.

If the flash drive is used only for transferring files and the information stored on it does not need special protection and can be deleted at any time, then for security purposes you can delete the recovery key immediately after saving. And for greater reliability, you should first open it in a text editor and replace the text with some other one - so that an attacker who gains access to the computer cannot obtain this recovery key using programs for recovering deleted files.

When the issue with the key is resolved, it becomes possible to move on to the next stage - start directly encrypting the flash drive.

Depending on the size of the flash drive and the speed of operation via the USB port, the duration of this procedure can be from a couple of minutes to half an hour or more.

It is important to wait for a message indicating the successful completion of the operation. If you interrupt encryption without waiting for the process to complete, the disk may become inoperable.

At the end of the process, you can make sure that the flash drive is displayed in Windows Explorer as encrypted, as evidenced by the image of a lock on top of the disk.

Using an encrypted flash drive

Access to the encrypted volume on the flash drive is achieved by entering a password. It is worth noting that if access to files is open, it will remain so either until the system is rebooted or until the disk is unmounted. In our case, to see how it works, you just need to remove and reinsert the flash drive into the USB slot. After this operation, the disk will be indicated in Windows Explorer as encrypted without information about its name and size.

And the first time you try to access the disk, the system will ask for the password that was specified during encryption.

After entering the password correctly, the contents of the encrypted section will be available as usual. You will also be able to manage encryption settings. In particular, you can change the password, save the recovery key, and also enable automatic unlocking of the encrypted disk on this particular computer. To access these functions, you need to call up the context menu for the encrypted drive and select “Manage BitLocker.”

As a result, a window like this will appear with the choice of the desired option.

Unfortunately, among these options there is no option to disable disk encryption. Therefore, in order to return the flash drive to an unencrypted state, you will need to format it. In this case, all data on the disk will be lost. Accordingly, if you need them, you will need to save them first to your computer’s hard drive, and then transfer them back to an already unencrypted disk.

Results

BitLocker is built into some versions of Windows and provides basic drive encryption capabilities. In particular, it can be used to encrypt a flash drive without installing additional software. At the same time, this ease of use also hides a number of disadvantages that are useful to know before making a choice between using BitLocker and other data encryption programs.

Good day! Today we will talk about the problem of unauthorized access to electronic information. Moreover, we will try to reliably protect our information, because if we do, then for sure. And we will do this using freeware (freely distributed) tools. Join our group on VK! Under repair! Smart workshop!

There are, of course, many simpler programs that do not require a large number of actions from the performer, but they all have the disadvantage of being paid for their work.

Also, when choosing which software product to contact, we considered the option of using not only Windows OS but also *nix. Therefore, after weighing all the pros and cons, I decided to write about TrueCrypt software, the main task of which is to encrypt storage media. This software is free and open source.

The task is simple, create an external medium that contains information in encrypted form, and you can only access this information by typing a password. The flash drive can be used on different computers.

We will use version 7.1a with you, as it has been tested by several independent auditors and found to be safe. You can download it. Also, just below the program itself there is a list of supported languages, where you should select Russian and download the localization too..

After downloading the installer, let's get started. Run the file TrueCrypt Setup 7.1a.exe.

We select Extract, since we are installing the program for a portable device, it is not necessary to have it on the computer. We choose a place to unpack it, let it be My documents. Next, we agree that it is still necessary to install the necessary drivers into the system for initial creation/encryption. And we complete the installation by checking that the Open the destination location when finished checkbox is checked. Once the installation is complete, the folder with the installed program will open, run the TrueCrypt.exe file.

In general, the program has many different capabilities, and in this article we will consider only one. As you remember, we need to create the most mobile “black box”.

Prepare the media, remove all information from it or copy it to your HDD. You also need to format it using standard Windows tools. Go to My Computer, RMB on the flash drive and select format.

We set the file system to NTFS, because we will create a file the size of the entire flash drive; files larger than 4GB will not be created in the FAT32 system. In the volume label, indicate the name of the media, or you may not indicate anything.

Let's return to our freshly installed Truecrypt program. First, let's localize it, in our case, Russify it. Remember we downloaded the Russification file from the site ? Now we go to it and unpack it, then we throw all the contents into the folder with TrueCrypt. File Language.ru.xml should end up in the same folder with TrueCrypt.exe. It should look like this:

After unpacking, let's return to the TrueCrypt program. In the top menu we look for the section Settings -> Language select from the list Russian and click OK.

Now let’s get down to actually creating an encrypted container on a flash drive. Let's create an empty file on the flash drive. In principle, it doesn’t matter what you call it and what extension you set. I only advise you to put the extension of files with large amounts of data like *.iso or .mkv and name them accordingly. In our case, the role of the “black box” container will be played by the file The_Matrix_Reloaded.iso. To create an empty file, right-click on any empty space on the flash drive and select Create -> Text document.txt, then change its name and extension. Once the file is created, let's make it portable. To do this, go to the top menu of the program Tools -> Set up portable media. In the file parameters field, carefully select your flash drive. Select the checkbox Automatically mount TrueCrypt volume and in the field below, using the Browse button, indicate the file we created earlier on flash media. In my case it is The_Matrix_Reloaded.iso.

Click Create, then Ok and Close. Now the autorun.inf file has been created on the flash drive with a written script for loading the TrueCrypt.exe file and mounting the container. But I would like to point out right away that if autorun from removable media is blocked or completely disabled, this will not work. To do this, you will have to do a feint with your ears, but more on that below. For now, let’s actually create an encrypted container in our file. Let's go to Tools -> Volume Creation Wizard.Select the top item: Create an encrypted file container.

Next, in the volume placement field, click browse and select our previously created file. In my case it is The_Matrix_Reloaded.iso. Click Next, change the encryption methods if desired, if you don’t want to, click Next. In the Volume size section, you must set the size of the encrypted container. Here it’s up to you to decide, it can be for the entire flash drive, or it can be half of it and lie, so to speak, along with the open data. Enter the number in MB and move on.

Next, we will need to create a password, and TrueCrypt supports both simple passphrases and key files, and even key files and phrases together. We will limit ourselves to a simple password by entering it in both fields and move on.

At the last step Formatting a Volume In the options section you should select the NTFS file system. Press the button Mark up and go have some tea. The time it takes to encrypt TrueCrypt depends on the size of the encrypted container, but in any case you will have time to drink tea :)

As a result, we have a portable medium on which are located: A folder with TrueCrypt, a file for autorun operation autorun.inf and a container file that actually contains all our data. When connecting the media to any computer from Windows XP to Windows 10, a window for entering a password pops up and after entering it, another disk is mounted, on which our encrypted data actually lies. But it happens that on some computers autorun is disabled. To do this, I suggest you use the bat file I created or create it yourself. Create a file on a flash drive. To create an empty file, right-click on any empty space on the flash drive and select Create -> Text document.txt. Rename it to start.bat or mount.bat as you like and right-click on it and select Edit. In the file itself we save the line:

truecrypt\truecrypt.exe /q background /e /m rm /v "The_Matrix_Reloaded.iso"

Where you change The_Matrix_Reloaded.iso to the name of your container file. Well, for unmounting, you can also create a batch file stop.bat or unmount.bat in the body of which you can enter the following:

truecrypt\truecrypt.exe /q /d

The procedure is actually very simple, and TrueCrypt has many features. And the level of encryption reliability is respectable. Below I attach an archive containing:

TrueCrypt Setup 7.1a.exe
langpack-ru-1.0.0-for-truecrypt-7.1a.zip
start.bat
stop.bat

Good day, dear friends, acquaintances, readers and other individuals.

I think that many of you, one way or another, use external media, such as flash drives or external hard drives. Some people store documents on them, some photographs, some something else, but one way or another, whatever one may say, files are often at least important for a person.

I suspect that at some point every owner of a portable storage device has thought about how to protect their data from unauthorized access to it by anyone. And even if you don’t suffer from paranoia (that is, you don’t worry about the fact that someone will simply steal it from you for their own purposes), the flash drive can simply be lost or forgotten somewhere, and this can have unpleasant consequences.

In general, as you already understood, in this material, I want to talk to you about how to encrypt data on your flash drive and set a password to access it.

Let's get started.

Introductory

There are a decent number of programs that allow you to perform a similar trick with your ears, and what can I say, you can use the long-suffering BitLocker built into Windows 7/8, but I prefer to use such a wonderful thing as TrueCrypt for these purposes.

There are plenty of reasons for this, even though the project was closed on May 28, 2014, development was curtailed and all old versions were deleted, cleaned up, and the circumstances of the project’s closure caused a lot of speculation and discussion in the IT community.

At least one of these very reasons is support for my beloved Linux. However, let's get to the point.

Encryption with TrueCrypt

TrueCrypt is software for encrypting data on the fly, supports 32 and 64 bit systems, is completely free and all that jazz. R

I'm glad that there is no need to install the program on each computer where the flash drive is inserted, i.e. it is enough to encrypt the data once and then use it anywhere.

It allows you to create a virtual encrypted logical disk stored as a file. Using TrueCrypt, you can also completely encrypt a partition of a hard drive or other storage medium, such as a floppy disk or USB flash memory. All data stored on a TrueCrypt volume is fully encrypted, including file and directory names. A mounted TrueCrypt volume is similar to a regular logical disk, so you can work with it using regular file system checking and defragmentation utilities.

This is how the pies are made.

Download and Install

You can download this joy of a programmer's thought. The kit includes a localization tool.

As for installation, everything is simple:

Now let's move on to such a thing as using this program, but before that it would be good to format the flash drive.

Pre-formatting

To do this, actually, go to “Explorer” (aka “My Computer”), right-click on the flash drive and select “Format”.

Having selected the required format (it is best to choose NTFS, since large files cannot be stored on FAT32, and we will create just a solid-sized volume), click on the “Start” button.

When the process is completed, we return to our TrueCrypt, where we click on "Service - Volume Creation Wizard":

Next, I will tell you the simplest encryption method and take the shortest path. You can practice the remaining options yourself, fortunately, the program has comments in Russian for everything you need.

Volume creation and first encryption

Nus, let's go.

To begin, select the item " Create an encrypted file container" and click on the "Next" button.

Here I usually create a hidden volume, but since you and I are following the simplest path so far, we select the item " Regular TrueCrypt volume" and click on "Next" again.

Here we need to use the “File” button, select our flash drive, come up with a file name and click the “Save” button and then “Next” again.
On this tab we will need to select the encryption type. For now, let's leave everything by default, although of course there are nuances here in terms of reliability and speed, but I think that the basic settings will be enough for the average user.
Next we will be asked to select the volume size. In principle, see for yourself which of them is most convenient for you, because it all depends on how much data you want to encrypt and how much you want to leave open. For example, I set it to 20 GB.
Now you need to come up with a password. The program warns in advance that you need to come up with a good password (and this is important!), but I already know how to do this, so I think you’ll figure it out. Let's move on.
Here we will be asked about file sizes, what you are going to store and encrypt. I think that everyone will decide for themselves the answer.
Well, on the last tab, all you have to do is click the “Mark” button and wait for the process to complete. The process itself may not be fast (although it all depends on the speed of the flash drive, the chosen type of encryption, volume size and some other nuances), so you should have a little patience.

When the process is over (unless of course you want to create another volume), click on the “Exit” button. Now our encrypted volume is ready.

Loading onto a flash drive, flash drives, etc.

Now let’s load the key program files onto the flash drive so that you can use it on any computer. To do this, click in the program window: " Tools -> Setting up a portable drive" to open a settings wizard that will help us: Here, to begin with, you need to select our flash drive or some empty folder on the flash drive (you can create it and call it TrueCrypt), and also configure the autorun settings when inserting the flash drive (you don’t have to do this, but then the program will have to be launched from the folder all the time on a flash drive manually, then mount the volume, etc.).

As for the parameters, I recommend setting everything as in the screenshot above, i.e. " Automounting a TrueCrypt volume" and using the "Browse" button, select the volume file that now lives on the flash drive (with the name you chose).

Well, finally, all that remains is to click the “Create” button after reading the useful message, which you can see in the screenshot above and will see on your computer, I think, too. That's it, the flash drive is ready. We pull it out, go to another computer (although you can try on the same one) and insert our encrypted miracle of technology.

Process of using encrypted media

If you have autoload enabled, then all you have to do is wait for the mounting process, get a password and use the encrypted partition (that is, your flash drive with an unencrypted partition will appear in Explorer and the encrypted one will appear separately), loading files onto it.

If autoloading is not enabled, then we independently launch TrueCrypt from the flash drive, which we got there as a result of our last actions.
Where (in the main program window):

File

Mount

We enjoy the result.

At the output we get the picture that you saw in the picture earlier, that is, an additional (also encrypted) section has appeared where you can dump your files and where you can take these files from and all this will be in encrypted form.

When you finish working with the partition, all you have to do is click the “Unmount” button and, voila!, everything is hidden and encrypted again.

That's probably all for now.

Afterword

So we have a flash drive that is encrypted with a reliable algorithm and is ready to work on any, even unprepared, computer. Of course, there is no perfect defense, but now a potential attacker will need many orders of magnitude more time, money and experience to get to your data.

Keep in mind that after editing or viewing, your sensitive data may remain in temporary files or in the operating system's page file.

The very fact of using encryption will not be secret. There may be log or registry entries left on the computer. The contents of the flash drive openly indicate the use of encryption technology. To hide the fact of encryption, TrueCrypt offers technologies for an encrypted disk with a double bottom and a hidden operating system, but that’s a completely different story.

As always, if there are any questions, additions or other things, then comments are at your service.

All important data must be stored in encrypted form. Flash drives are lost more often, so let’s look at the simplest and most effective ways to protect information on USB drives, reports Tech Today.

Use a flash drive with hardware encryption

This is the simplest and at the same time the most expensive method of protection. Such drives are designed to securely store corporate secrets and will only allow access to the owner and, possibly, intelligence agencies. Devices of this class, for example, DataTraveler 2000 Metal Security from Kingston, support the most advanced encryption algorithms and have keys for entering a password. Conveniently, cryptographic protection is provided by the flash drive itself and does not depend on the type of operating system on the computer and installed programs.

Just enter the numeric code, and you can work with files on the flash drive as usual. After disconnecting from the computer, access to data will be blocked. The disadvantage of secure flash drives is that if you forget the password or enter it incorrectly, for example, 10 times in a row, the encryption key and data will be destroyed and the drive will return to factory settings.

BitLocker - built-in encryptor of Windows 7/8/10
If you use the maximum version of Windows, standard BitLocker cryptographic protection is at your service.

To encrypt a flash drive, in the “my computer” window, right-click on the disk icon and select “Encryption” from the context menu. The disk encryption procedure will start.

Choose password encryption and create a strong password. Depending on the size of the flash drive, the encryption procedure lasts from ten minutes to several hours. After the encryption process is completed, the flash drive is ready for use.

When connecting it to a computer, each time you will need to enter a password to access the data. In the settings, you can disable the mandatory password entry for a specific computer.

VeraTrueCrypt - free data encryption
The small utility VeraCrypt is a descendant of another popular data encryption tool, TrueCrypt, which was discontinued last year. There are versions of VeraCrypt for Windows, Mac OS X, Linux, and even Raspbian (the OS for Raspberry Pi microcomputers).

After installation, it does not require additional settings to start working. To encrypt a flash drive, in the “Volumes” menu, select “Create a new volume”. Next, we sequentially indicate “Encrypt a non-system partition/disk” - “Regular VeraCrypt volume”, indicate the path to what corresponds to the flash drive. Next, select “Create an encrypted volume and format.”

All files on the flash drive will be deleted, so encrypt the drive before you start storing data on it. After creating the password, the encryption process will begin.

To access an encrypted flash drive, you need to select a free drive letter in the main VeraCrypt window, specify the path to it (something like Device\Harddisk3\Partition1) and click the “Mount” button. The process will last from a few seconds to a minute. Then the disk with the selected letter will appear in the system, and you can work with it. Before disconnecting the flash drive, the encrypted volume must be unmounted.

Disadvantages of the method: VeraCrypt must be installed on all computers where it is necessary to have access to encrypted data. The system displays the flash drive as unformatted.

And finally: if you need to restrict access to files, but encryption is not available, use an archiver. The most common archivers allow you to protect archives with a password. If you are not hiding state secrets, then, as practice shows, this is usually enough to limit access to important files.

This article is devoted to the reliable protection of vital information, as well as any files that you want to protect from access by others, even if your computer or storage media (flash drive, hard drive) falls into the hands of unauthorized persons, including those who are technically advanced and have access to powerful computing resources.

Why you shouldn't trust closed-source encryption software

Closed-source programs can include “bookmarks” (and don’t hope they aren’t there!) and the ability to open encrypted files using a master key. Those. you can use any, even the most complex password, but your encrypted file can still be opened with ease, without brute-forcing passwords, using a “bookmark” or the owner of the master key. The size of the encryption software company and the name of the country do not matter in this matter, since this is part of the government policy of many countries. After all, we are surrounded by terrorists and drug dealers all the time (what can we do?).

Those. Truly strong encryption can be achieved by properly using popular open source software and a crack-proof encryption algorithm.

Is it worth switching from TrueCrypt to VeraCrypt?

The reference program that has been providing very secure file encryption for many years is TrueCrypt. This program still works great. Unfortunately, development of the program has currently been discontinued.

Its best successor was the VeraCrypt program.

VeraCrypt is free disk encryption software based on TrueCrypt 7.1a.

VeraCrypt continues the best traditions of TrueCrypt, but adds enhanced security to the algorithms used to encrypt systems and partitions, making your encrypted files immune to new advances in brute-force attacks.

VeraCrypt has also fixed many of the vulnerabilities and security issues found in TrueCrypt. It can work with TrueCrypt volumes and offers the ability to convert TrueCrypt containers and non-system partitions to the VeraCrypt format.

This improved security only adds some latency to opening encrypted partitions, without any performance impact during the encrypted drive phase. For a legitimate user this is an almost imperceptible inconvenience, but for an attacker it becomes almost impossible to gain access to encrypted data, despite the presence of any computing power.

This can be clearly demonstrated by the following benchmarks for cracking (brute force) passwords in Hashcat:

For TrueCrypt:

Hashtype: TrueCrypt PBKDF2-HMAC-RipeMD160 + XTS 512 bit

Speed.Dev.#1.: 21957 H/s (96.78ms)

Speed.Dev.#2.: 1175 H/s (99.79ms)

Speed.Dev.#*.: 23131 H/s

Hashtype: TrueCrypt PBKDF2-HMAC-SHA512 + XTS 512 bit

Speed.Dev.#1.: 9222 H/s (74.13ms)

Speed.Dev.#2.: 4556 H/s (95.92ms)

Speed.Dev.#*.: 13778 H/s

Hashtype: TrueCrypt PBKDF2-HMAC-Whirlpool + XTS 512 bit

Speed.Dev.#1.: 2429 H/s (95.69ms)

Speed.Dev.#2.: 891 H/s (98.61ms)

Speed.Dev.#*.: 3321 H/s

Hashtype: TrueCrypt PBKDF2-HMAC-RipeMD160 + XTS 512 bit + boot-mode

Speed.Dev.#1.: 43273 H/s (95.60ms)

Speed.Dev.#2.: 2330 H/s (95.97ms)

Speed.Dev.#*.: 45603 H/s

For VeraCrypt:

Hashtype: VeraCrypt PBKDF2-HMAC-RipeMD160 + XTS 512 bit

Speed.Dev.#1.: 68 H/s (97.63ms)

Speed.Dev.#2.: 3 H/s (100.62ms)

Speed.Dev.#*.: 71 H/s

Hashtype: VeraCrypt PBKDF2-HMAC-SHA512 + XTS 512 bit

Speed.Dev.#1.: 26 H/s (87.81ms)

Speed.Dev.#2.: 9 H/s (98.83ms)

Speed.Dev.#*.: 35 H/s

Hashtype: VeraCrypt PBKDF2-HMAC-Whirlpool + XTS 512 bit

Speed.Dev.#1.: 3 H/s (57.73ms)

Speed.Dev.#2.: 2 H/s (94.90ms)

Speed.Dev.#*.: 5 H/s

Hashtype: VeraCrypt PBKDF2-HMAC-RipeMD160 + XTS 512 bit + boot-mode

Speed.Dev.#1.: 154 H/s (93.62ms)

Speed.Dev.#2.: 7 H/s (96.56ms)

Speed.Dev.#*.: 161 H/s

Hashtype: VeraCrypt PBKDF2-HMAC-SHA256 + XTS 512 bit

Speed.Dev.#1.: 118 H/s (94.25ms)

Speed.Dev.#2.: 5 H/s (95.50ms)

Speed.Dev.#*.: 123 H/s

Hashtype: VeraCrypt PBKDF2-HMAC-SHA256 + XTS 512 bit + boot-mode

Speed.Dev.#1.: 306 H/s (94.26ms)

Speed.Dev.#2.: 13 H/s (96.99ms)

Speed.Dev.#*.: 319 H/s

As you can see, cracking encrypted VeraCrypt containers is several orders of magnitude more difficult than TrueCrypt containers (which are also not at all easy).

The second important issue is reliability. No one wants to lose valuable and important files and information due to a software error. I knew about VeraCrypt as soon as it appeared. I followed her development and constantly looked closely at her. Over the past year I have completely switched from TrueCrypt to VeraCrypt. Over the course of a year of daily use, VeraCrypt has never let me down.

Thus, in my opinion, it is now worth switching from TrueCrypt to VeraCrypt.

How VeraCrypt works

VeraCrypt creates a special file called a container. This container is encrypted and can only be connected if the correct password is entered. After entering the password, the container is displayed as an additional disk (like an inserted flash drive). Any files placed on this disk (i.e., in the container) are encrypted. As long as the container is connected, you can freely copy, delete, write new files, and open them. Once a container is disconnected, all files on it become completely inaccessible until it is connected again, i.e. until the password is entered.

Working with files in an encrypted container is no different from working with files on any other drive.

When opening a file or writing it to a container, there is no need to wait for decryption - everything happens very quickly, as if you were really working with a regular disk.

How to install VeraCrypt on Windows

There was a half-spy story with TrueCrypt - sites were created to “download TrueCrypt”, on them the binary file (well, of course!) was infected with a virus/Trojan. Those who downloaded TrueCrypt from these unofficial sites infected their computers, allowing attackers to steal personal information and help spread malware.

The official locations for VeraCrypt installation files are:

Installing VeraCrypt on Windows

There is an installation wizard, so the installation process for VeraCrypt is similar to that of other programs. Is it possible to clarify a few points?

The VeraCrypt installer will offer two options:

Install(Install VeraCrypt on your system)
Extract(Extract. If you select this option, all files in this package will be extracted, but nothing will be installed on your system. Do not select this if you intend to encrypt the system partition or system drive. Selecting this option may be useful, for example, if you want to run VeraCrypt in what is called portable mode. VeraCrypt does not require installation on the operating system it will run in. Once all the files have been extracted, you can run the extracted file 'VeraCrypt.exe' directly (VeraCrypt will open in portable mode))

If you select the checked option, i.e. file association .hc, then this will add convenience. Because if you create a container with the .hc extension, then double-clicking on this file will launch VeraCrypt. But the downside is that third parties may know that .hc are encrypted VeraCrypt containers.

The program reminds you to donate:

VeraCrypt Instructions for Beginners

VeraCrypt has many different features and advanced features. But the most popular feature is file encryption. The following shows step by step how to encrypt one or more files.

Let's start by switching to Russian. Russian language is already built into VeraCrypt. You just need to turn it on. To do this in the menu Settings select Language…:

There, select Russian, after which the program language will immediately change.

As already mentioned, files are stored in encrypted containers (also called “volumes”). Those. you need to start by creating such a container; to do this, in the main interface of the program, click on the button “ Create Volume».

The VeraCrypt Volume Creation Wizard appears:

We are interested in the first option (“ Create an encrypted file container"), so we, without changing anything, press Further,

VeraCrypt has a very interesting feature - the ability to create a hidden volume. The point is that not one, but two containers are created in the file. Everyone knows that there is an encrypted partition, including possible ill-wishers. And if you are forced to give out your password, then it is difficult to say that “there is no encrypted disk.” When creating a hidden partition, two encrypted containers are created, which are located in the same file, but are opened with different passwords. Those. you can place files that look “sensitive” in one of the containers. And in the second container there are really important files. For your needs, you enter a password to open an important section. If you cannot refuse, you reveal the password for a not very important disk. There is no way to prove that there is a second disk.

For many cases (hiding not very critical files from prying eyes) it will be enough to create a regular volume, so I just click Further.

Select file location:

The VeraCrypt volume can be located in a file (VeraCrypt container) on a hard drive, USB flash drive, etc. A VeraCrypt container is no different from any other regular file (for example, it can be moved or deleted like other files). Click the ‘File’ button to specify the name and path to the container file to be created to store the new volume.

NOTE: If you select an existing file, VeraCrypt will NOT encrypt it; this file will be deleted and replaced with the newly created VeraCrypt container. You can encrypt existing files (later) by moving them to the VeraCrypt container you are creating now.

You can choose any file extension; this does not affect the operation of the encrypted volume in any way. If you select the extension .hc, and also if you associated VeraCrypt with this extension during installation, then double-clicking on this file will launch VeraCrypt.

The history of recently opened files allows you to quickly access these files. However, entries in your history like “H:\My offshore accounts of stolen dollars worth of dollars.doc” may raise doubts in the minds of outsiders about your integrity. To prevent files opened from an encrypted disk from going into history, check the box next to “ Don't save history».
Selecting encryption and hashing algorithms. If you are not sure what to choose, then leave the default values:

Enter the volume size and select units of measurement (kilobytes, megabytes, gigabytes, terabytes):

A very important step is setting a password for your encrypted disk:

A good password is very important. Avoid passwords with one or more words found in the dictionary (or combinations of 2, 3 or 4 such words). The password must not contain names or dates of birth. It should be difficult to guess. A good password is a random combination of upper and lower case letters, numbers and special characters (@ ^ = $ * + etc.).

Now you can again use Russian letters as passwords.

We help the program collect random data:

Note that here you can check the box to create a dynamic disk. Those. it will expand as it is filled with information.

As a result, I have created a test.hc file on my desktop:

If you created a file with the extension .hc, then you can double-click on it, the main program window will open, and the path to the container will already be inserted:

In any case, you can open VeraCrypt and select the path to the file manually (To do this, click the "File" button).

If the password is entered correctly, a new disk will appear in your system:

You can copy/move any files to it. You can also create folders there, copy files from there, delete them, etc.

To close the container from outsiders, press the button Unmount:

To regain access to your secret files, remount the encrypted drive.

Setting up VeraCrypt

VeraCrypt has quite a few settings that you can change for your convenience. I highly recommend checking the " Automatically unmount volumes when inactive for a period»:

And also set a hotkey for " Immediately unmount everything, clear the cache and exit»:

Portable version of VeraCrypt on Windows

As of version 1.22 (which is in beta at the time of writing), a portable option was added for Windows. If you read the installation section, you should remember that the program is already portable and allows you to simply extract your files. However, the separate portable package has its own peculiarities: you need administrator rights to run the installer (even if you just want to unpack the archive), and the portable version can be unpacked without administrator rights - the only difference is that.

Official beta versions are only available. In the VeraCrypt Nightly Builds folder, the portable version file is VeraCrypt Portable 1.22-BETA4.exe.

The container file can be placed on a flash drive. You can copy a portable version of VeraCrypt onto the same flash drive - this will allow you to open the encrypted partition on any computer, including those without VeraCrypt installed. But be aware of the dangers of keystroke hijacking—an on-screen keyboard can probably help in this situation.

How to Use Encryption Software Properly

Some tips to help you keep your secrets better:

Try to prevent unauthorized persons from accessing your computer, including not checking laptops in luggage at airports; if possible, send computers for repair without a system hard drive, etc.
Use a complex password. Don't use the same password you use for mail etc.
Don't forget your password! Otherwise, the data will be impossible to recover.
Download all programs only from official sites.
Use free or purchased programs (do not use hacked software). And also do not download or run dubious files, since all such programs, among other malicious elements, may have kilologgers (keystroke interceptors), which will allow an attacker to find out the password from your encrypted container.
Sometimes it is recommended to use an on-screen keyboard as a means of preventing keystrokes from being intercepted - I think this makes sense.