Secure Sensitive Files on Your PC with VeraCrypt - - Windows Tips and Tricks with Geek

Thursday, August 5, 2021

Secure Sensitive Files on Your PC with VeraCrypt


How to Install VeraCrypt

For this tutorial, you’ll only need a few simple things:

  • A free copy of VeraCrypt.
  • Administrative access to a computer.

That’s it! You can grab a copy of VeraCrypt for Windows, Linux, or Mac OS X and then settle in at a computer that you have administrative access to (you can’t run VeraCrypt on a limited-privilege/guest account). For this tutorial we’ll be using the Windows version of VeraCrypt and installing it on a Windows 10 machine.

Download and install VeraCrypt as you would any other application. Just double-click the EXE file, follow the instructions in the wizard, and select the “Install” option (The extract option is of interest to those who wish to extract a semi-portable version of VeraCrypt; we will not be covering that method in this beginner’s guide.) You’ll also be given a battery of options like “Install for all users” and “Associate .hc file extension with VeraCrypt”. We left all of them checked for the sake of convenience.

How to Create an Encrypted Volume

Once the application finishes installing, navigate to the Start Menu and launch VeraCrypt. You’ll be greeted with the screen below.


The very first thing you’ll need to do is create a volume, so click on the “Create Volume” button. This will launch the Volume Creation Wizard and prompt you to choose one of the follow volume types:

Volumes can be as simple as a file container you place on a drive or disk or as complex as a whole-disk encryption for your operating system. We’re going to keep things simple for this guide and focus on getting you set up with an easy-to-use local container. Select “Create an encrypted file container”.

Next, the Wizard will ask you if you want the create a Standard or a Hidden volume. Again, for the sake of simplicity, we’re going to skip messing around with Hidden Volumes at this point. This is no way lowers the encryption level or security of the volume we’re creating as a Hidden Volume is simply a method of obfuscating the location of the encrypted volume.

Next, you’ll need to pick a name and location for your volume. The only important parameter here is that your host drive have enough space for the volume you with to create (i.e. if you want a 100GB encrypted volume you’d better have a drive with 100GB of free space). We’re going to throw our encrypted volume on a secondary data drive in our desktop Windows machine.

Now it’s time to pick your encryption scheme. You really can’t go wrong here. Yes there are a lot of choices, but all of them are extremely solid encrypt schemes and, for practical purposes, interchangeble. In 2008, for example, the FBI spent over a year trying to decrypt the AES encrypted hard drives of a Brazilian banker involved in a financial scam. Even if your data-protection-paranoia extends up the level of acronym agencies with deep pockets and skilled forensics teams, you can rest easy knowing your data is secure.


In the next step, you’ll select the volume size. You can set it in KB, MB, or GB increments. We created a 5GB test volume for this example.

Next stop, password generation. There is one important thing to keep in mind here: Short passwords are a bad idea. You should create a password at least 20 characters long. However you can create a strong and memorable password, we suggest you do it. A great technique is to use a passphrase instead of a simple password. Here’s an example: In2NDGradeMrsAmerman$aidIWasAGypsy. That’s better than password123 any day.

Before you create the actual volume, the creation Wizard will ask if you intend to store large files. If you intend to store files larger than 4GB within the volume, tell it so—it will tweak the file system to better suit your needs.

On the Volume Format screen, you’ll need to move your mouse around to generate some random data. While just moving your mouse is sufficient you could always follow in our footsteps—we grabbed our Wacom tablet and drew a picture of Ricky Martin as an extra on Portlandia. How’s that for random? Once you’ve generated enough random goodness, hit the Format button.

Once the format process is complete, you’ll be returned to the original VeraCrypt interface. Your volume is now a single file wherever you parked it and ready to be mounted by VeraCrypt.

How to Mount an Encrypted Volume

Click the “Select File” button in VeraCrypt’s main window and navigate to the directory where you stashed your VeraCrypt container. Because we’re extraordinarily sneaky, our file is in D:\mysecretfiles. Nobody will ever think to look there.

Once the file is selected, pick from one of the available drives in the box above. We selected J. Click Mount.

Enter your password and click OK.

Let’s go take a look at My Computer and see if our encrypted volume was successfully mounted as a drive…

Success! One 5GB volume of sweet encrypted goodness, just like the kind mom used to make. You can now open the volume and pack it full of all the files you’ve been meaning to keep from prying eyes.

Don’t forget to securely wipe the files once you’ve copied them into the encrypted volume. Regular file system storage is insecure and traces of the files you’ve encrypted will remain behind on the unencrypted disk unless you properly wipe the space. Also, don’t forget to pull up the VeraCrypt interface and “Dismount” the encrypted volume when you aren’t actively using it.

No comments:

Post a Comment