The "Favorite Volumes.xml" file is only created when you successfully add a volume to either Favorites or System Favorites..
* Found at the time when you are mounting the volume, changing its password, or performing any other operation that involves re-encryption of the volume header.
** However, if you use an MP3 file as a keyfile, you must ensure that no program modifies the ID3 tags within the MP3 file (e.g. song title, name of artist, etc.). Otherwise, it will be impossible to mount volumes that use the keyfile.
To create a new VeraCrypt file-hosted volume or to encrypt a partition/device (requires administrator privileges), click on ‘Create Volume’ in the main program window. VeraCrypt Volume Creation Wizard should appear. As soon as the Wizard appears, it starts collecting data that will be used in generating the master key, secondary key (XTS mode), and salt, for the new volume. The collected data, which should be as random as possible, include your mouse movements, key presses, and other values obtained from the system (for more information, please see the section Random Number Generator). The Wizard provides help and information necessary to successfully create a new VeraCrypt volume. However, several items deserve further explanation:
Allows you to select which hash algorithm VeraCrypt will use. The selected hash algorithm is used by the random number generator (as a pseudorandom mixing function), which generates the master key, secondary key (XTS mode), and salt (for more information,
please see the section Random Number Generator). It is also used in deriving the new volume header key and secondary header key (see the sectionHeader Key Derivation, Salt, and Iteration Count).
For information about the implemented hash algorithms, see the chapter Hash Algorithms.
Note that the output of a hash function is never used directly as an encryption key. For more information, please refer to the chapterTechnical Details.
This allows you to select the encryption algorithm with which your new volume will be encrypted. Note that the encryption algorithm cannot be changed after the volume is created. For more information, please see the chapterEncryption Algorithms.
If unchecked, each sector of the new volume will be formatted. This means that the new volume will beentirely filled with random data. Quick format is much faster but may be less secure because until the whole volume has been filled with files, it may be possible to tell how much data it contains (if the space was not filled with random data beforehand). If you are not sure whether to enable or disable Quick Format, we recommend that you leave this option unchecked. Note that Quick Format can only be enabled when encrypting partitions/devices.
Important: When encrypting a partition/device within which you intend to create a hidden volume afterwards, leave this option unchecked.
Dynamic VeraCrypt container is a pre-allocated NTFS sparse file whose physical size (actual disk space used) grows as new data is added to it. Note that the physical size of the container (actual disk space that the container uses) will not decrease when
files are deleted on the VeraCrypt volume. The physical size of the container can onlyincrease up to the maximum value that is specified by the user during the volume creation process. After the maximum specified size is reached, the physical size of the container will remain constant.
Note that sparse files can only be created in the NTFS file system. If you are creating a container in the FAT file system, the optionDynamic will be disabled (“grayed out”).
Note that the size of a dynamic (sparse-file-hosted) VeraCrypt volume reported by Windows and by VeraCrypt will always be equal to its maximum size (which you specify when creating the volume). To find out current physical size of the container (actual disk
space it uses), right-click the container file (in a Windows Explorer window, not in VeraCrypt), then selectProperties and see the Size on disk value.
WARNING: Performance of dynamic (sparse-file-hosted) VeraCrypt volumes is significantly worse than performance of regular volumes. Dynamic (sparse-file-hosted) VeraCrypt volumes are also less secure, because it is possible to tell which volume sectors are unused. Furthermore, if data is written to a dynamic volume when there is not enough free space in its host file system, the encrypted file system may get corrupted.
Cluster is an allocation unit. For example, one cluster is allocated on a FAT file system for a one- byte file. When the file grows beyond the cluster boundary, another cluster is allocated. Theoretically, this means that the bigger the cluster size, the more disk space is wasted; however, the better the performance. If you do not know which value to use, use the default.
If you want a VeraCrypt volume to be stored on a CD or a DVD, first create a file-hosted VeraCrypt container on a hard drive and then burn it onto a CD/DVD using any CD/DVD burning software (or, under Windows XP or later, using the CD burning tool provided with the operating system). Remember that if you need to mount a VeraCrypt volume that is stored on a read-only medium (such as a CD/DVD) under Windows 2000, you must format the VeraCrypt volume as FAT. The reason is that Windows 2000 cannot mount NTFS file system on read-only media (Windows XP and later versions of Windows can).
VeraCrypt supports hardware/software RAID as well as Windows dynamic volumes.
Windows Vista or later: Dynamic volumes are displayed in the ‘Select Device’ dialog window as \Device\HarddiskVolumeN.
Windows XP/2000/2003: If you intend to format a Windows dynamic volume as a VeraCrypt volume, keep in mind that after you create the Windows dynamic volume (using the Windows Disk Management tool), you must restart the operating system in order for the volume to be available/displayed in the ‘Select Device’ dialog window of the VeraCrypt Volume Creation Wizard. Also note that, in the ‘Select Device’ dialog window, a Windows dynamic volume is not displayed as a single device (item). Instead, all volumes that the Windows dynamic volume consists of are displayed and you can select any of them in order to format the entire Windows dynamic volume.
After you click the ‘Format’ button in the Volume Creation Wizard window (the last step), there will be a short delay while your system is being polled for additional random data. Afterwards, the master key, header key, secondary key (XTS mode),
and salt, for the new volume will be generated, and the master key and header key contents will be displayed.
For extra security, the portions of the randomness pool, master key, and header key can be prevented from being displayed by unchecking the checkbox in the upper right corner of the corresponding field:
Note that only the first 128 bits of the pool/keys are displayed (not the entire contents).
You can create FAT (whether it will be FAT12, FAT16, or FAT32, is automatically determined from the number of clusters) or NTFS volumes (however, NTFS volumes can only be created by users with administrator privileges). Mounted VeraCrypt volumes can be reformatted
as FAT12, FAT16, FAT32, or NTFS anytime. They behave as standard disk devices so you can right-click the drive letter of the mounted VeraCrypt volume (for example in the ‘Computer’ or ‘My Computer’ list) and select‘Format’.
For more information about creating VeraCrypt volumes, see also the section Hidden Volume.
Note: %windir% is the main Windows installation path (e.g., C:\WINDOWS)
%windir%\SYSTEM32\DRIVERS\veracrypt.sys
Note: This file is not present when VeraCrypt is run in portable mode.
WARNING: Note that VeraCrypt does not encrypt any of the files listed in this section (unless it encrypts the system partition/drive).
The following files are saved in the folder %APPDATA%\VeraCrypt\. In portable mode, these files are saved to the folder from which you run the file VeraCrypt.exe (i.e., the folder in which VeraCrypt.exe resides):
The following files are saved in the folder %ALLUSERSPROFILE%\VeraCrypt\:
The following files are saved in the folder %windir%\system32 (32-bit systems) or %windir%\SysWOW64 (64-bit systems):
VeraCrypt is a free disk encryption software brought to you by IDRIX (https://www.idrix.fr) and that is based on TrueCrypt.
Online Documentation (click here for latest User Guide PDF)
Windows / MacOSX / Linux / Source Downloads
Contributed Resources & Downloads (PPA, RPM, ARM, Raspberry Pi...)
VeraCrypt adds enhanced security to the algorithms used for system and partitions encryption making it immune to new developments in brute-force attacks.
VeraCrypt also solves many vulnerabilities and security issues found in TrueCrypt. The following post describes parts of the major enhancements and corrections done so far:https://veracrypt.codeplex.com/discussions/569777#PostContent_1313325
As an example, when the system partition is encrypted, TrueCrypt uses PBKDF2-RIPEMD160 with 1000 iterations whereas in VeraCrypt we use327661. And for standard containers and other partitions, TrueCrypt uses at most 2000 iterations but VeraCrypt uses655331 for RIPEMD160 and
500000 iterations for SHA-2 and Whirlpool.
This enhanced security adds some delay only to the opening of encrypted partitions without any performance impact to the application use phase. This is acceptable to the legitimate owner but it makes it much harder for an attacker to gain access to the encrypted
data.
Starting from version 1.0f, VeraCrypt can load TrueCrypt volume. It also offers the possibility to convert TrueCrypt containers and non-system partitions to VeraCrypt format.
UPDATE January 5th 2015 : Support of the old TrueCrypt 6.0 has been included inVeraCrypt 1.0f-1, which is a minor update of VeraCrypt 1.0f.
UPDATE December 30th 2014 : VeraCrypt 1.0f is out with many new features and enhancements. The most notable ones are the support of mounting and converting TrueCrypt volumes, and the speedup of the mounting process through the manual selection of the correct PRF algorithm. Download for Windows is here.
As usual, a MacOSX version is available in the Downloads section or by clicking on
the following link. It supports MacOSX 10.6 and above and it requires OSXFUSE 2.3 and later(https://osxfuse.github.io/).MacFUSE compatibility layer must checked during OSXFUSE installation.
Also a Linux version is available in the Downloads section or by clicking on
the following link. The package contains the installation scripts for 32-bit and 64-bit versions, and for GUI and console-only version (choose which script is adapted the best to your machine).
All released files are signed with a PGP key available on the following link :https://www.idrix.fr/VeraCrypt/VeraCrypt_PGP_public_key.asc . It's also available on major key servers with ID=0x54DDD393.
Please check that its fingerprint is 993B7D7E8E413809828F0F29EB559C7C54DDD393.
SHA256 and SHA512 sums for all released files are available in the Downloads section.
VeraCrypt on the fly encrypting the system partition :
VeraCrypt creating an encrypted volume :
Changing the GUI language of VeraCrypt
Here you'll find useful resources contributed by VeraCrypt users.
Here you'll find useful resources contributed by VeraCrypt users.