• Tech
  • News
  • Health

How To Encrypt Your Windows Hard-Drive With VeraCrypt


VeraCrypt is a source-available freeware utility used for on-the-fly encryption (OTFE). It can create a virtual encrypted disk within a file or encrypt a partition or the entire storage device with pre-boot authentication. This guide explains how to encrypt your Windows Hard-Drive with VeraCrypt

1. How To Encrypt Your Windows Hard Drive To Keep Out Snoopers

Encrypting your Windows Hard-Drive is actually not too difficult to do. Just follow these steps in order. We’re assuming you already have VeraCrypt installed but if not, you can get it here.

First, open up VeraCrypt and click on “Create Volume”. You will then see three options. We have already done the first two in previous articles. Today we are going for option number three – “Encrypt the system partition or entire system drive.”

Click “Next” to proceed. In this case, we are going for normal encryption, not a “hidden operating system”. So choose the first option and click “Next” to move on.

COPYRIGHT_NOVA: Published on https://www.novabach.com/veracrypt-two-ways-of-using-veracrypt-to-secure-your-hard-drive/ by Daniel Barrett on 2022-08-26T22:58:05.000Z

“Encrypt the Windows system partition.” You may decide to choose the second option but if you do, you will get lots of warnings about the consequences if it all goes wrong.

If you only have Windows on your computer then you have a single-boot system. If you have multiple operating systems (say Windows and Linux for example) on your computer, then it’s a multi-boot system. So, choose which one you have.

It will now ask you which encryption option you want. But as I have indicated in the previous articles, unless you have a particular reason why, you should leave the encryption protocols on the defaults. This is the AES standard used by governments to encrypt secret documents. Also leave the hash-algorithm as it is.

Click “Next”.

After specifying your desired password, it is time to generate your encryption keys. To make them as strong as possible, you need to move your mouse or trackpad around the VeraCrypt window in a “random order”.

As you do so, the bar at the bottom will go from red to yellow to finally green. When the green bar is fully at the far right-hand end of the screen, click “Next”.

Since you are now encrypting a hard drive (or part of one), you need to take an extra cautionary step in case you lock yourself out of your hard drive. This is called the VeraCrypt Rescue Disk (VRD) which will repair any damage to the VeraCrypt boot loader or to Windows, allowing you to (hopefully) login.

However, it is not a security risk having this rescue disk as you will still need the encryption password for it to work.

VeraCrypt will select an area for your rescue disk to be placed once it is created. But you can easily move it to another location if you want, by clicking the “Browse” button. Do NOT deselect “Skip Rescue Disk verification” – that is essential.

Click “Next”.

This next step opens up the Windows Disc Image Burner. You will see that the rescue disk is an ISO file and you need to choose the disc burner on your hard drive. A normal 700MB CD disc is sufficient. Select “Verify disc after burning.”

Once the disc is in your burner drive, click “Burn” to start the process.

When the process has been finished, the disc burner will open its tray in the hard-drive. Close the tray again, let the disc run, so Disc Image Burner can verify the disc to make sure everything worked OK.

Hopefully, you will eventually see this.

Don’t miss: How To Enable Google Chrome Flags to Test Beta Features

It’s now time for VeraCrypt to do some pre-testing before it starts encrypting your hard-drive or partition (depending on what you chose).

As the next screenshot says, your Windows system will restart, the boot loader will be installed and assuming all went well, the system will begin encrypting. Click “Test” to begin that process.

When the computer restarts – before Windows loads – you will now see the following screen.

Enter your password in the space provided. You probably didn’t specify a PIM in the password settings (I didn’t) so in that case, leave it blank when it asks you for a PIM and hit enter.

Now wait for your system to log in. If it’s the first time you’re doing this, the log in process might be slightly delayed.

Once your password has been successfully verified, your system will begin encrypting. As you can see it takes a long time to encrypt the system, depending on how big it is, so this might be one of those times when you need to leave the computer on overnight in order for it to do its thing.

Downloading and Using VeraCrypt

Download VeraCrypt to get started. Run the installer and select the “Install” option. You can keep all the default settings in the installer—just click through it until VeraCrypt is installed on your computer.

Once VeraCrypt is installed, open your Start menu and launch the “VeraCrypt” shortcut.

Click System > Encrypt System Partition/Drive in the VeraCrypt window to get started.

You’ll be asked whether you want to use “Normal” or “Hidden” system encryption.

The Normal option encrypts the system partition or drive normally. When you boot your computer, you’ll have to provide your encryption password to access it. No one will be able to access your files without your password.

The Hidden option creates an operating system in a hidden VeraCrypt volume. You’ll have both a “real” operating system, which is hidden, and a “decoy” operating system. When you boot your PC, you can enter the real password to boot your hidden operating system or the password to the decoy operating system to boot the decoy operating system. If someone is forcing you to provide access to your encrypted drive—due to extortion, for example—you can provide them with the password to the decoy operating system and they shouldn’t be able to tell there’s a hidden operating system at all.

In terms of encryption, using “Normal” encryption keeps your files just as secure. A “Hidden” volume only helps if you’re forced to disclose your password to someone and want to maintain plausible deniability about the existence of any other files.

If you’re not sure which you want, select “Normal” and continue. We’ll be going through the process of creating a normal encrypted system partition here, as that’s what most people will want. Consult VeraCrypt’s documentation for more information about hidden operating systems.

You can choose to either “Encrypt the Windows system partition” or “Encrypt the whole drive”. It’s up to you which option you prefer.

If the Windows system partition is the only partition on the drive, the options will be basically the same. If you just want to encrypt your Windows system partition and leave the rest of the drive alone, choose “Encrypt the Windows system partition”.

If you have multiple partitions with sensitive data—for example, a system partition at C: and a files partition at D:—select “Encrypt the whole drive” to ensure all your Windows partitions are encrypted.

VeraCrypt will ask how many operating systems you have on your PC. Most people only have a single operating system installed and should choose “Single-boot”. If you have more than one operating system installed and you choose between them when you boot your computer, select “Multi-boot”.

You’ll then be asked to choose which type of encryption you want to use. While there are multiple options available, we recommend sticking with the default settings. “AES” encryption and the “SHA-256” hash algorithm are good choices. They’re all solid encryption schemes.

You’ll then be asked to enter a password. As VeraCrypt’s wizard notes, it’s very important to choose a good password. Choosing an obvious or simple password will make your encryption vulnerable to brute-force attacks.

The wizard recommends choosing a password of 20 more characters. You can enter a password of up to 64 characters. An ideal password is a random combination of different types of characters, including upper- and lower-case letters, numbers, and symbols. You’ll lose access to your files if you ever lose the password, so make sure you remember it. Here are some tips for creating a strong, memorable password if you need them.

There are a few more options here, but they’re not necessary. You can leave these options alone unless you want to use them:

Using keyfiles:You can choose to enable “Use keyfiles” and provide some files that must be present—for example, on a USB drive—when unlocking your drive. If you ever lose the files, you’ll lose access to your drive.Display password:This option just unhides the password in the password fields in this window, allowing you to confirm that what you’ve typed is correct.Use PIM:VeraCrypt allows you to set a “Personal Iterations Multiplier” by enabling the “Use PIM” checkbox. A higher value can help prevent against brute force attacks. You’ll also need to remember whatever number you enter and enter it alongside your password, giving you something else to remember in addition to your password.Select any of these options if you want them and click Next.

VeraCrypt will ask you to move your mouse randomly around inside the window. It uses these random mouse movements to increase the strength of your encryption keys. When you’ve filled up the meter, click “Next”.

The wizard will inform you it’s generated the encryption keys and other data it needs. Click “Next” to continue.

The VeraCrypt wizard will force you to create a VeraCrypt Rescue Disk image before continuing.

If your bootloader or other data ever gets damaged, you must boot from the rescue disk if you want to decrypt and access your files. The disk will also contain a backup image of the contents of the beginning of the drive, which will allow you to restore it if necessary.

Note that you’ll still need to provide your password when using the rescue disk, so it isn’t a golden key that allows access to all your files. VeraCrypt will simply create a rescue disk ISO image at C:\Users\NAME\Documents\VeraCrypt Rescue Disk.iso by default. You’ll need to burn the ISO image to a disc yourself.

Also read: How To Update Google Chrome On Android, iPhone And PC

Be sure to burn a copy of the rescue disk so you can access your files if there’s ever a problem. You can’t just reuse the same VeraCrypt rescue disk on multiple computers. You need a unique rescue disk for each PC! Consult VeraCrypt’s documentation for more information about VeraCrypt rescue disks.

Next, you’ll be asked for the “wipe mode” you want to use.

If you have sensitive data on your drive and you’re concerned someone might attempt to examine your drive and recover the data, you should select at least “1-pass (random data)” to overwrite your unencrypted data with random data, making it difficult to impossible to recover.

If you’re not concerned about this, select “None (fastest)”. It’s faster not to wipe the drive. The larger the number of passes, the longer the encryption process will take.

This setting only applies to the initial setup process. After your drive is encrypted, VeraCrypt won’t need to overwrite any encrypted data to protect against data recovery.

VeraCrypt will now verify everything is working correctly before it encrypts your drive. Click “Test” and VeraCrypt will install the VeraCrypt bootloader on your PC and restart. You’ll have to enter your encryption password when it boots.

VeraCrypt will provide information about what to do if Windows doesn’t start. If Windows doesn’t start properly, you should restart your PC and press the “Esc” key on your keyboard at the VeraCrypt bootloader screen. Windows should start and ask if you want to uninstall the VeraCrypt bootloader.

If that doesn’t work, you should insert the VeraCrypt rescue disk into your PC and boot from it. Select Repair Options > Restore Original System Loader in the rescue disk interface. Restart your PC afterwards.

Click “OK” and then click “Yes” to restart your PC.

You’ll have to enter your VeraCrypt encryption password when your PC boots. If you didn’t enter a custom PIM number, just press “Enter” at the PIM prompt to accept the default.

Sign into your PC when the normal welcome screen appears. You should see a “Pretest Completed” window.

VeraCrypt advises that you have backup copies of the files you’re encrypting. If the system loses power or crashes, some of your files will be irreversibly corrupted. It’s always important to have backup copies of your important files, especially when encrypting your system drive. If you need to back up your files, click the “Defer” button and back up the files. You can then relaunch VeraCrypt later and click System > Resume Interrupted Process to resume the encryption process.

Click the “Encrypt” button to actually encrypt your PC’s system drive.

VeraCrypt will provide information about when you should use the rescue disk. After it does, it will begin the process of encrypting your hard drive.

When the process is complete, your drive will be encrypted and you’ll have to enter your password each time you boot your PC.You are now safe from invasive-nosy-do-gooders.If you decide you want to remove the system encryption in the future, launch the VeraCrypt interface and click System > Permanently Decrypt System Partition/Drive.

Editor’s picks:

Share: Twitter | Facebook | Linkedin

About The Authors

Daniel Barrett

Daniel Barrett

Recent Articles

  • Here Are A Number Of Easy Tips To Secure A Crypto Wallet!


    Here Are A Number Of Easy Tips To Secure A Crypto Wallet!

    There are different ways in which one can generate a side income along with permanent income, and there is one way that is popular in this modern world is a crypto investment.

  • Some Top Tips For Selecting The Best Crypto Wallet!


    Some Top Tips For Selecting The Best Crypto Wallet!

    Bitcoin is an asset that is the most acceptable thing in this modern world, and it contains all that a user needs in the payment mode or investment.

  • IoT Has Shaken Up The IGaming Industry In An Immensely Positive Way: Here Is How


    IoT Has Shaken Up The IGaming Industry In An Immensely Positive Way: Here Is How

    The Internet of Things is gradually gaining traction in our everyday lives. We are now living in a world where our cars can talk to us, our thermostats can be controlled remotely, and even our homes can be monitored while we are away.

  • Logitech Quickcam Vision Pro Driver Windows 7 - Video Chat With A Single Click


    Logitech Quickcam Vision Pro Driver Windows 7 - Video Chat With A Single Click

    If you want to know more about the Logitech Quickcam Vision Pro Driver Windows 7, then this is the article for you. Logitech QuickCam Vision Pro, which is one of the company's most high-end models of webcams, as well as our analysis of its performance, benefits, and technical specifications in greater detail. Make a video call with the click of a button using Logitech QuickCam Vision Pro with 720p HD quality that will provide pure picture sharpness and clarity that is so real all thanks to Carl Zeiss optical technology.

  • Blackberry Z10 Software Problem - Easy Steps To Fix Them


    Blackberry Z10 Software Problem - Easy Steps To Fix Them

    Just like any other phones, you probably have encountered a Blackberry Z10 software problem. In this article we will discuss more about it. The BlackBerry Z10 runs the new BlackBerry 10 (currently 10.3.3) QNX-based mobile operating system. BB 10's user interface is based on the concept of direct manipulation, which employs multi-touch gestures. Interaction with the OS includes a variety of multi-touch gestures, each with its own definition in the context of the BB10 operating system and its multi-touch interface.

  • Best Gaming Chair On Amazon - Find The Best Chair Online


    Best Gaming Chair On Amazon - Find The Best Chair Online

    If you are curious about the best gaming chair on Amazon, then continue reading. There's no reason to overlook the importance of a good desk chair, whether you're a gamer or an office worker. If you have an ergonomic chair instead of a lumpy couch, you will be more relaxed and at ease. If the chair you're sitting in isn't providing neck and back support, you should get a new one right away. Long periods of sitting in an uncomfortable chair could be hazardous to one's health. Furthermore, your backbone will undoubtedly suffer. Aside from the obvious issue of your health, there are other potential consequences of an uncomfortable chair.

  • OSRS Unlocking Guardians Of The Rift


    OSRS Unlocking Guardians Of The Rift

    Welcome to yet another of our gamer guides! One page at a time, we offer gamers the opportunity to better their skills and soar to new heights of excellence.

  • All The Different Ways To Gamble Online: Why People Prefer To Gamble On Their Smartphones


    All The Different Ways To Gamble Online: Why People Prefer To Gamble On Their Smartphones

    Technology has blessed us with an infinite number of options. Today, nearly everything exists on the internet.

  • 4 Best Apps For Budgeting

    Software & Apps

    4 Best Apps For Budgeting

    Keeping a personal budget is a great idea. You will be aware of the movement of money, optimize expenses and find a source for investments. The main thing is to choose a convenient way to manage your personal budget and always remember what you are doing it for. You'll learn what budgeting apps are available for Mac, iPad, and iPhone in this article. Without further ado, let's get started.

  • New Technology Is Restoring Cells In Pigs After Death

  • Ultra-Processed Foods - How It Can Lead To Colorectal Cancer

  • New Pneumonia-fighting Microbots that Could Spell The End Of The Disease

  • Big Pharmas Are Developing New Treatments To Prevent Blood Clots For A $55 Billion Prize

  • A Drug From Two Biotech Companies Slowed Cognitive Decline By 27%