• Tech
  • News
  • Health

How To Encrypt Your Windows Hard-Drive With VeraCrypt


VeraCrypt is a source-available freeware utility used for on-the-fly encryption (OTFE). It can create a virtual encrypted disk within a file or encrypt a partition or the entire storage device with pre-boot authentication. This guide explains how to encrypt your Windows Hard-Drive with VeraCrypt

1. How To Encrypt Your Windows Hard Drive To Keep Out Snoopers

Encrypting your Windows Hard-Drive is actually not too difficult to do. Just follow these steps in order. We’re assuming you already have VeraCrypt installed but if not, you can get it here.

First, open up VeraCrypt and click on “Create Volume”. You will then see three options. We have already done the first two in previous articles. Today we are going for option number three – “Encrypt the system partition or entire system drive.”

Click “Next” to proceed. In this case, we are going for normal encryption, not a “hidden operating system”. So choose the first option and click “Next” to move on.

COPYRIGHT_NOVA: Published on https://www.novabach.com/i/veracrypt-two-ways-of-using-veracrypt-to-secure-your-hard-drive/ by Daniel Barrett on 2022-08-26T22:58:05.000Z

“Encrypt the Windows system partition.” You may decide to choose the second option but if you do, you will get lots of warnings about the consequences if it all goes wrong.

If you only have Windows on your computer then you have a single-boot system. If you have multiple operating systems (say Windows and Linux for example) on your computer, then it’s a multi-boot system. So, choose which one you have.

It will now ask you which encryption option you want. But as I have indicated in the previous articles, unless you have a particular reason why, you should leave the encryption protocols on the defaults. This is the AES standard used by governments to encrypt secret documents. Also leave the hash-algorithm as it is.

Click “Next”.

After specifying your desired password, it is time to generate your encryption keys. To make them as strong as possible, you need to move your mouse or trackpad around the VeraCrypt window in a “random order”.

As you do so, the bar at the bottom will go from red to yellow to finally green. When the green bar is fully at the far right-hand end of the screen, click “Next”.

Since you are now encrypting a hard drive (or part of one), you need to take an extra cautionary step in case you lock yourself out of your hard drive. This is called the VeraCrypt Rescue Disk (VRD) which will repair any damage to the VeraCrypt boot loader or to Windows, allowing you to (hopefully) login.

However, it is not a security risk having this rescue disk as you will still need the encryption password for it to work.

VeraCrypt will select an area for your rescue disk to be placed once it is created. But you can easily move it to another location if you want, by clicking the “Browse” button. Do NOT deselect “Skip Rescue Disk verification” – that is essential.

Click “Next”.

This next step opens up the Windows Disc Image Burner. You will see that the rescue disk is an ISO file and you need to choose the disc burner on your hard drive. A normal 700MB CD disc is sufficient. Select “Verify disc after burning.”

Once the disc is in your burner drive, click “Burn” to start the process.

When the process has been finished, the disc burner will open its tray in the hard-drive. Close the tray again, let the disc run, so Disc Image Burner can verify the disc to make sure everything worked OK.

Hopefully, you will eventually see this.

Don’t miss: How To Enable Google Chrome Flags to Test Beta Features

It’s now time for VeraCrypt to do some pre-testing before it starts encrypting your hard-drive or partition (depending on what you chose).

As the next screenshot says, your Windows system will restart, the boot loader will be installed and assuming all went well, the system will begin encrypting. Click “Test” to begin that process.

When the computer restarts – before Windows loads – you will now see the following screen.

Enter your password in the space provided. You probably didn’t specify a PIM in the password settings (I didn’t) so in that case, leave it blank when it asks you for a PIM and hit enter.

Now wait for your system to log in. If it’s the first time you’re doing this, the log in process might be slightly delayed.

Once your password has been successfully verified, your system will begin encrypting. As you can see it takes a long time to encrypt the system, depending on how big it is, so this might be one of those times when you need to leave the computer on overnight in order for it to do its thing.

Downloading and Using VeraCrypt

Download VeraCrypt to get started. Run the installer and select the “Install” option. You can keep all the default settings in the installer—just click through it until VeraCrypt is installed on your computer.

Once VeraCrypt is installed, open your Start menu and launch the “VeraCrypt” shortcut.

Click System > Encrypt System Partition/Drive in the VeraCrypt window to get started.

You’ll be asked whether you want to use “Normal” or “Hidden” system encryption.

The Normal option encrypts the system partition or drive normally. When you boot your computer, you’ll have to provide your encryption password to access it. No one will be able to access your files without your password.

The Hidden option creates an operating system in a hidden VeraCrypt volume. You’ll have both a “real” operating system, which is hidden, and a “decoy” operating system. When you boot your PC, you can enter the real password to boot your hidden operating system or the password to the decoy operating system to boot the decoy operating system. If someone is forcing you to provide access to your encrypted drive—due to extortion, for example—you can provide them with the password to the decoy operating system and they shouldn’t be able to tell there’s a hidden operating system at all.

In terms of encryption, using “Normal” encryption keeps your files just as secure. A “Hidden” volume only helps if you’re forced to disclose your password to someone and want to maintain plausible deniability about the existence of any other files.

If you’re not sure which you want, select “Normal” and continue. We’ll be going through the process of creating a normal encrypted system partition here, as that’s what most people will want. Consult VeraCrypt’s documentation for more information about hidden operating systems.

You can choose to either “Encrypt the Windows system partition” or “Encrypt the whole drive”. It’s up to you which option you prefer.

If the Windows system partition is the only partition on the drive, the options will be basically the same. If you just want to encrypt your Windows system partition and leave the rest of the drive alone, choose “Encrypt the Windows system partition”.

If you have multiple partitions with sensitive data—for example, a system partition at C: and a files partition at D:—select “Encrypt the whole drive” to ensure all your Windows partitions are encrypted.

VeraCrypt will ask how many operating systems you have on your PC. Most people only have a single operating system installed and should choose “Single-boot”. If you have more than one operating system installed and you choose between them when you boot your computer, select “Multi-boot”.

You’ll then be asked to choose which type of encryption you want to use. While there are multiple options available, we recommend sticking with the default settings. “AES” encryption and the “SHA-256” hash algorithm are good choices. They’re all solid encryption schemes.

You’ll then be asked to enter a password. As VeraCrypt’s wizard notes, it’s very important to choose a good password. Choosing an obvious or simple password will make your encryption vulnerable to brute-force attacks.

The wizard recommends choosing a password of 20 more characters. You can enter a password of up to 64 characters. An ideal password is a random combination of different types of characters, including upper- and lower-case letters, numbers, and symbols. You’ll lose access to your files if you ever lose the password, so make sure you remember it. Here are some tips for creating a strong, memorable password if you need them.

There are a few more options here, but they’re not necessary. You can leave these options alone unless you want to use them:

Using keyfiles:You can choose to enable “Use keyfiles” and provide some files that must be present—for example, on a USB drive—when unlocking your drive. If you ever lose the files, you’ll lose access to your drive.Display password:This option just unhides the password in the password fields in this window, allowing you to confirm that what you’ve typed is correct.Use PIM:VeraCrypt allows you to set a “Personal Iterations Multiplier” by enabling the “Use PIM” checkbox. A higher value can help prevent against brute force attacks. You’ll also need to remember whatever number you enter and enter it alongside your password, giving you something else to remember in addition to your password.Select any of these options if you want them and click Next.

VeraCrypt will ask you to move your mouse randomly around inside the window. It uses these random mouse movements to increase the strength of your encryption keys. When you’ve filled up the meter, click “Next”.

The wizard will inform you it’s generated the encryption keys and other data it needs. Click “Next” to continue.

The VeraCrypt wizard will force you to create a VeraCrypt Rescue Disk image before continuing.

If your bootloader or other data ever gets damaged, you must boot from the rescue disk if you want to decrypt and access your files. The disk will also contain a backup image of the contents of the beginning of the drive, which will allow you to restore it if necessary.

Note that you’ll still need to provide your password when using the rescue disk, so it isn’t a golden key that allows access to all your files. VeraCrypt will simply create a rescue disk ISO image at C:\Users\NAME\Documents\VeraCrypt Rescue Disk.iso by default. You’ll need to burn the ISO image to a disc yourself.

Also read: How To Update Google Chrome On Android, iPhone And PC

Be sure to burn a copy of the rescue disk so you can access your files if there’s ever a problem. You can’t just reuse the same VeraCrypt rescue disk on multiple computers. You need a unique rescue disk for each PC! Consult VeraCrypt’s documentation for more information about VeraCrypt rescue disks.

Next, you’ll be asked for the “wipe mode” you want to use.

If you have sensitive data on your drive and you’re concerned someone might attempt to examine your drive and recover the data, you should select at least “1-pass (random data)” to overwrite your unencrypted data with random data, making it difficult to impossible to recover.

If you’re not concerned about this, select “None (fastest)”. It’s faster not to wipe the drive. The larger the number of passes, the longer the encryption process will take.

This setting only applies to the initial setup process. After your drive is encrypted, VeraCrypt won’t need to overwrite any encrypted data to protect against data recovery.

VeraCrypt will now verify everything is working correctly before it encrypts your drive. Click “Test” and VeraCrypt will install the VeraCrypt bootloader on your PC and restart. You’ll have to enter your encryption password when it boots.

VeraCrypt will provide information about what to do if Windows doesn’t start. If Windows doesn’t start properly, you should restart your PC and press the “Esc” key on your keyboard at the VeraCrypt bootloader screen. Windows should start and ask if you want to uninstall the VeraCrypt bootloader.

If that doesn’t work, you should insert the VeraCrypt rescue disk into your PC and boot from it. Select Repair Options > Restore Original System Loader in the rescue disk interface. Restart your PC afterwards.

Click “OK” and then click “Yes” to restart your PC.

You’ll have to enter your VeraCrypt encryption password when your PC boots. If you didn’t enter a custom PIM number, just press “Enter” at the PIM prompt to accept the default.

Sign into your PC when the normal welcome screen appears. You should see a “Pretest Completed” window.

VeraCrypt advises that you have backup copies of the files you’re encrypting. If the system loses power or crashes, some of your files will be irreversibly corrupted. It’s always important to have backup copies of your important files, especially when encrypting your system drive. If you need to back up your files, click the “Defer” button and back up the files. You can then relaunch VeraCrypt later and click System > Resume Interrupted Process to resume the encryption process.

Click the “Encrypt” button to actually encrypt your PC’s system drive.

VeraCrypt will provide information about when you should use the rescue disk. After it does, it will begin the process of encrypting your hard drive.

When the process is complete, your drive will be encrypted and you’ll have to enter your password each time you boot your PC.You are now safe from invasive-nosy-do-gooders.If you decide you want to remove the system encryption in the future, launch the VeraCrypt interface and click System > Permanently Decrypt System Partition/Drive.

Editor’s picks:

Share: Twitter | Facebook | Linkedin

About The Authors

Daniel Barrett

Daniel Barrett

Recent Articles

  • 9 Superior Ways How To Connect IPhone To MacBook Without USB


    9 Superior Ways How To Connect IPhone To MacBook Without USB

    How to connect iPhone to MacBook without USB is essential for transferring files, backing up data, or simply charging your device. Traditionally, we use a USB cable to connect the two devices, but what if you don't have a USB cable on hand?

  • 10 Ways To Disconnect Iphone From Mac


    10 Ways To Disconnect Iphone From Mac

    How to disconnect iphone from mac is an essential task that should be done properly to avoid any potential data loss or damage to your device. There are several ways to disconnect your iPhone from your Mac, each with its own advantages and disadvantages.

  • How To Fix “Updating Cloud Music Library” Error On Apple Music

    How Tos

    How To Fix “Updating Cloud Music Library” Error On Apple Music

    How to Fix Updating Cloud Music Library Error on Apple Music. If you are an Apple Music user and you encounter the error message "Updating Cloud Music Library" that stays stuck and won't go away, you may find yourself feeling frustrated and unsure of what to do.

  • How To Set Up Output To Multiple Speakers On MacOS

    How Tos

    How To Set Up Output To Multiple Speakers On MacOS

    If you are someone who enjoys listening to music or watching movies on your Mac, you may have considered setting up multiple speakers to enhance your audio experience. However, the process of how to set up output to multiple speakers on MacOS may seem daunting at first.

  • UK Is Developing Its Own ‘BritGPT’ AI Model


    UK Is Developing Its Own ‘BritGPT’ AI Model

    According to recent reports, the UK government has committed to investing £900 million ($1.1 billion) into the development of a cutting-edge supercomputer. This supercomputer, known as "BritGPT," is intended to create the UK's own Generative Pre-trained Transformer (GPT) AI model. It will be the first uk's own britgpt ai model.

  • ChatGPT Vs Bing - Which Search Engine Comes Out On Top?


    ChatGPT Vs Bing - Which Search Engine Comes Out On Top?

    When it comes to search engines, Google and Bing are arguably the most well-known platforms. But now that AI-based language models like ChatGPT are out there, the search landscape is changing. Among the numerous search engines available, ChatGPT vs Bing are two of the most popular.

  • Upgrade Your Tech Game - Tips For Staying Ahead In The Digital World


    Upgrade Your Tech Game - Tips For Staying Ahead In The Digital World

    Whether you're a tech enthusiast or a casual user, if you upgrade your tech game it can help you enhance productivity, efficiency, and convenience.

  • Top Affordable Premium Tablets - Affordable Luxury For Tech Enthusiasts

    Editor's Pick

    Top Affordable Premium Tablets - Affordable Luxury For Tech Enthusiasts

    Top affordable premium tablets have become a popular choice for people who want to experience the benefits of a high-end tablet without breaking the bank. These tablets offer advanced features, high-quality displays, powerful processors, and long battery life at a lower cost compared to the more expensive models.

  • A 36-year-old Man Warned By His Apple Watch Of An Unknown Heart Problem


    A 36-year-old Man Warned By His Apple Watch Of An Unknown Heart Problem

    A 36-year-old man warned by his Apple Watch of an unknown heart problem. According to BBC News, a man who had been experiencing dizziness went to bed and woke up the next morning to notifications from his Apple Watch informing him that he had a cardiac ailment.

  • Messenger Is Returning To The Facebook Application

  • Using Tasker To Talk With ChatGPT On Your Phone Looks Equal Parts Powerful And Terrifying

  • Snapchat Launches "My AI," Its Own ChatGPT-powered Chatbot

  • Xnxubd 2023 Nvidia New - The Future Of Graphics Technology

  • How To Delete A Youtube Channel On IPhone?