The TrueCrypt Volume Creation Wizard window should appear.
In this step you need to choose where you wish the TrueCrypt volume to be created. A TrueCrypt volume can reside in a file, which is also called container, in a partition or drive. In this tutorial, we will choose the first option and create a TrueCry...
As the option is selected by default, you can just click Next.
Note: In the following steps, the screenshots will show only the right-hand part of the Wizard window.
As the option is selected by default, you can just click Next.
Click Select File.
The file selector window should disappear.
In the following steps, we will return to the TrueCrypt Volume Creation Wizard.
In the Volume Creation Wizard window, click Next.
Click Select File.
In the file selector, browse to the container file (which we created in Steps 6-11) and select it.
Click Open (in the file selector window).
The file selector window should disappear.
In the main TrueCrypt window, click Mount.
Password prompt dialog window should appear.
Click OK in the password prompt window.
How to Create and Use a TrueCrypt-Encrypted Partition/Device
TrueCrypt Volume
Creating a New TrueCrypt Volume
Hash Algorithm
Encryption Algorithm
Quick Format
Dynamic
Cluster Size
TrueCrypt Volumes on CDs and DVDs
Hardware/Software RAID, Windows Dynamic Volumes
Additional Notes on Volume Creation
Favorite Volumes
System Favorite Volumes
System Encryption
Hidden Operating System
Operating Systems Supported for System Encryption
TrueCrypt Rescue Disk
Plausible Deniability
Hidden Volume
The layout of a standard TrueCrypt volume before and after a hidden volume was created within it.
Protection of Hidden Volumes Against Damage
Security Requirements and Precautions Pertaining to Hidden Volumes
Hidden Operating System
Example Layout of System Drive Containing Hidden Operating System
Process of Creation of Hidden Operating System
Plausible Deniability and Data Leak Protection
Possible Explanations for Existence of Two TrueCrypt Partitions on Single Drive
Safety/Security Precautions and Requirements Pertaining to Hidden Operating Systems
Main Program Window
Select File
Select Device
Mount
Auto-Mount Devices
Dismount
Dismount All
Wipe Cache
Never Save History
Exit
Volume Tools
Change Volume Password
See the section Volumes -> Change Volume Password.
Set Header Key Derivation Algorithm
See the section Volumes -> Set Header Key Derivation Algorithm.
Backup Volume Header
See the section Tools -> Backup Volume Header.
Restore Volume Header
See the section Tools -> Restore Volume Header.
Program Menu
Note: To save space, only the menu items that are not self-explanatory are described in this documentation.
Volumes -> Auto-Mount All Device-Hosted Volumes
See the section Auto-Mount Devices.
Volumes -> Dismount All Mounted Volumes
See the section Dismount All.
Volumes -> Change Volume Password
Volumes -> Set Header Key Derivation Algorithm
Volumes -> Add/Remove Keyfiles to/from Volume
Volumes -> Remove All Keyfiles from Volume
See the chapter Keyfiles.
Favorites -> Add Mounted Volume to Favorites
Favorites -> Organize Favorite Volumes
Favorites -> Mount Favorites Volumes
Favorites -> Add Mounted Volume to System Favorites
Favorites -> Organize System Favorite Volumes
System -> Change Password
System -> Mount Without Pre-Boot Authentication
Tools -> Clear Volume History
Tools -> Traveler Disk Setup
Tools -> Keyfile Generator
See section Tools -> Keyfile Generator in the chapter Keyfiles.
Tools -> Backup Volume Header
Tools -> Restore Volume Header
Settings -> Preferences
Cache passwords in driver memory
Open Explorer window for successfully mounted volume
Mounting TrueCrypt Volumes
Cache Password in Driver Memory
Mount Options
Mount volume as read-only
Mount volume as removable medium
Use backup header embedded in volume if available
Mount partition using system encryption without pre-boot authentication
Check this option, if you need to mount a partition that is within the key scope of system encryption without pre-boot authentication. For example, if you need to mount a partition located on the encrypted system drive of another operating system that...
Hidden Volume Protection
Parallelization
Pipelining
Hardware Acceleration
Hot Keys
Keyfiles
Keyfiles Dialog Window
Security Tokens and Smart Cards
Keyfile Search Path
Empty Password & Keyfile
Quick Selection
Volumes -> Add/Remove Keyfiles to/from Volume
Volumes -> Remove All Keyfiles from Volume
Tools -> Keyfile Generator
Settings -> Default Keyfiles
Security Tokens & Smart Cards
Portable Mode
Tools -> Traveler Disk Setup
Language Packs
Installation
To revert to English, select Settings -> Language. Then select English and click OK.
Encryption Algorithms
AES
Serpent
Twofish
AES-Twofish
AES-Twofish-Serpent
Serpent-AES
Serpent-Twofish-AES
Twofish-Serpent
Hash Algorithms
RIPEMD-160
SHA-512
Whirlpool
Supported Operating Systems
Syntax
Examples
Security Model
Security Requirements and Precautions
Data Leaks
Paging File
Memory Dump Files
Hibernation File
Unencrypted Data in RAM
Physical Security
Malware
Multi-User Environment
Authenticity and Integrity
Choosing Passwords and Keyfiles
Changing Passwords and Keyfiles
Trim Operation
Wear-Leveling
Reallocated Sectors
Defragmenting
Journaling File Systems
Volume Clones
Additional Security Requirements and Precautions
How to Back Up Securely
Non-System Volumes
System Partitions
General Notes
Miscellaneous
Using TrueCrypt Without Administrator Privileges
Sharing over Network
TrueCrypt Background Task
Volume Mounted as Removable Medium
TrueCrypt System Files & Application Data
Favorite Volumes.xml
How to Remove Encryption
Uninstalling TrueCrypt
Digital Signatures
Troubleshooting
Incompatibilities
You may keep the third-party software activated but you will need to boot your system from the TrueCrypt Rescue Disk CD/DVD every time. Just insert your Rescue Disk into your CD/DVD drive and then enter your password in the Rescue Disk screen.
If you do not want to boot your system from the TrueCrypt Rescue Disk CD/DVD every time, you can restore the TrueCrypt Boot Loader on the system drive. To do so, in the Rescue Disk screen, select Repair Options > Restore TrueCrypt Boot Loader. However...
For information on how to use your TrueCrypt Rescue Disk, please see the chapter TrueCrypt Rescue Disk.
Possible permanent solution: Upgrade to TrueCrypt 5.1 or later, decrypt the system partition/drive, and then re-encrypt it using a non-cascade encryption algorithm (i.e., AES, Serpent, or Twofish).* Please note that this not a bug in TrueCrypt (the ...
Known Issues & Limitations
Known Issues
Limitations
Frequently Asked Questions
I forgot my password – is there any way (‘backdoor’) to recover the files from my TrueCrypt volume?
Is there a "Quick Start Guide" or some tutorial for beginners?
Will TrueCrypt be open-source and free forever?
Can I configure TrueCrypt to mount automatically whenever Windows starts a non-system TrueCrypt volume that uses the same password as my system partition/drive (i.e. my pre-boot authentication password)?
Yes. To do so, follow these steps:
Mount the volume (to the drive letter to which you want it to be mounted every time).
Right-click the mounted volume in the drive list in the main TrueCrypt window and select ‘Add to System Favorites’.
The System Favorites Organizer window should appear now. In this window, enable the option ‘Mount system favorite volumes when Windows starts’ and click OK.
For more information, see the chapter ‘System Favorite Volumes’.
Can a volume be automatically mounted whenever I log on to Windows?
Can my pre-boot authentication password be cached so that I can use it mount non-system volumes during the session?
Yes. Select ‘Settings’ > ‘System Encryption’ and enable the following option: ‘Cache pre-boot authentication password in driver memory’.
Can I encrypt my system partition/drive if I don’t have a US keyboard?
Yes, TrueCrypt supports all keyboard layouts.
Can I save data to the decoy system partition without risking damage to the hidden system partition?
Yes. You can write data to the decoy system partition anytime without any risk that the hidden volume will get damaged (because the decoy system is not installed within the same partition as the hidden system). For more information, see the section Hi...
Can I use TrueCrypt in Windows if I do not have administrator privileges?
Does TrueCrypt save my password to a disk?
How does TrueCrypt verify that the correct password was entered?
See the chapter Technical Details, section Encryption Scheme.
Can I run TrueCrypt if I don’t install it?
Some encryption programs use TPM to prevent attacks. Will TrueCrypt use it too?
No. Those programs use TPM to protect against attacks that require the attacker to have administrator privileges, or physical access to the computer, and the attacker needs you to use the computer after such an access. However, if any of these conditi...
If the attacker has administrator privileges, he can, for example, reset the TPM, capture the content of RAM (containing master keys) or content of files stored on mounted TrueCrypt volumes (decrypted on the fly), which can then be sent to the attacke...
If the attacker can physically access the computer hardware (and you use it after such an access), he can, for example, attach a malicious component to it (such as a hardware keystroke logger) that will capture the password, the content of RAM (contai...
The only thing that TPM is almost guaranteed to provide is a false sense of security (even the name itself, “Trusted Platform Module”, is misleading and creates a false sense of security). As for real security, TPM is actually redundant (and implement...
For more information, please see the sections Physical Security and Malware.
Why does Windows Vista (and later versions of Windows) ask me for permission to run TrueCrypt every time I run it in ‘portable’ mode?
Do I have to dismount TrueCrypt volumes before shutting down or restarting Windows?
No. TrueCrypt automatically dismounts all mounted TrueCrypt volumes on system shutdown/restart.
Which type of TrueCrypt volume is better – partition or file container?
What’s the recommended way to back up a TrueCrypt volume?
See the chapter How to Back Up Securely.
What will happen if I format a TrueCrypt partition?
See the question “Is it possible to change the file system of an encrypted volume?” in this FAQ.
Is it possible to change the file system of an encrypted volume?
Is it possible to mount a TrueCrypt container that is stored on a CD or DVD?
Is it possible to change the password for a hidden volume?
Can I mount my TrueCrypt volume under Windows, Mac OS X, and Linux?
Yes, TrueCrypt volumes are fully cross-platform.
Yes.
What will happen when a part of a TrueCrypt volume becomes corrupted?
Technical Details
Notation
Encryption Scheme
Modes of Operation
Header Key Derivation, Salt, and Iteration Count
Random Number Generator
Keyfiles
TrueCrypt Volume Format Specification
Compliance with Standards and Specifications
Source Code
Future Development
Contact
Legal Information
License
Copyright Information
For more information, please see the legal notices attached to parts of the source code.
