To prevent the issues described above , encrypt the system partition/drive (for information on
how to do so, see the chapter
System Encryption ) and make sure that the hibernation file is
located on one of the partitions within the key scope of system encryption (which it typically is, by
default), for example, on the partition where Windows is installed. When the computer hibernates,
data will be encrypted on the fly before they are written to the hibernation file.
Note: You may also want to consider creating a hidden operating system (for more information, see the section Hidden Operating System
) .
Alternatively, if you cannot use system encryption, disable or prevent hibernation on your computer
at least for each session during which you work with any sensitive data and during which you
mount a TrueCrypt volume.
*
Disclaimer: As Windows XP and Windows 2003 do not provide any API for encryption of hibernation files, TrueCrypt
has to modify undocumented components of Windows XP/2003 in order to allow users to encrypt hibernation files.
Therefore, TrueCrypt cannot guarantee that Windows XP/2003 hibernation files will always be encrypted. In response to
our public complaint regarding the missing API, Microsoft began providing a public API for encryption of hibernation files
on Windows Vista and later versions of Windows (for more information, see the
Version History
, section TrueCrypt 5.1a).
Since version 7.0, TrueCrypt has used this API and therefore has been able to safely encrypt hibernation files under
Windows Vista and later versions of Windows. Therefore, if you use Windows XP/2003 and want the hibernation file to
be safely encrypted, we strongly recommend that you upgrade to Windows Vista or later and to TrueCrypt 7.0 or later.