Encrypted Vault on Windows using VeraCrypt
If you have a need to securely compartmentalise your data, for example if you want to keep personal and business files encrypted in seperate vaults with different passwords, and you want to be able to access those files on other computers running Windows, Mac or Linux, VeraCrypt can be a good choice. In this guide I'll show you how to set up a vault on your PC using VeraCrypt.
Why Choose VeraCrypt?
While Windows offers built-in tools like BitLocker for encryption, VeraCrypt is a fine open-source alternative with an interesting pedigree.
Originating from E4M (Encryption for the Masses), VeraCrypt has evolved as a successor to TrueCrypt.
It's not just limited to Windows; VeraCrypt is also available for macOS and Linux, offering a versatile solution for cross-platform security.
- Enhanced Security: It offers more complex cascaded encryption algorithms and a more secure system for password and key management.
- Cross-Platform Compatibility: Available on Windows, macOS, and Linux.
- Legacy of Trust: Building upon the open source foundations E4M and TrueCrypt, VeraCrypt has been independently audited for security vulnerabilities.
Setting Up a VeraCrypt Vault on Windows
Making a VeraCrypt container file (or Vault) on Windows is a user-friendly process:
Download and Install VeraCrypt: Visit the VeraCrypt website and download the latest installer for Windows.
Launch VeraCrypt: Open VeraCrypt from the Start menu or Desktop.
Create a New Volume: Click on
Create Volume and select
Create an encrypted file container.
VeraCrypt: Create Volume Window (Windows version)
Volume Type: Choose
Standard VeraCrypt volume.
VeraCrypt: Volume Type Selection (Windows version)
Volume Location: Click
Select File and choose where to store your container. Give it a name but do not use an existing file.
VeraCrypt: Selecting Volume Location (Windows version)
Encryption Options: Select your desired encryption and hash algorithms.
AES is a solid default choice, for higher security at the expense of speed, use the AES(Twofish(Serpent)) cascade, which is about as close as the general public can get to `military grade' encryption.
VeraCrypt: Encryption Options (Windows version)
Volume Size: Decide how large your container should be. It can be anything from just a few megabytes to several gigabytes.
Password: Set a strong, unique password. A strong password is critical for the security of your container.
VeraCrypt: Password Selection (Windows version)
Format the Volume: Follow the instructions to format the volume. Generally exFAT is a suitable choice. Move your mouse around to generate more entropy for the CSPRNG.
VeraCrypt: Vault Created OK (Windows version)
Accessing the Encrypted Container
- Mount the Container: Open VeraCrypt, click
Select File to load your container, then click
Mount and enter your password.
- Use it Like a Drive: Once mounted, the container acts like a regular drive. Store your sensitive files here for secure encryption.
VeraCrypt: An empty mounted vault (Windows version)
Please note that the contents of your vault is accessible to Windows, running applications and other users of your PC while your vault is open and mounted as a disk. For your safety, be sure to keep your PC up-to-date and free of malware. You should eject your vault (like you would any external disk or by clicking UNMOUNT in VeraCrypt) when it is not required or in-use.
If you don't disclose your password, your family or associates will not be able to access your vault in an emergency, for example in the event of your death or disappearance. It is important to have contingencies in place without compromising security, a fine choice would be to use Keycrypt and securely prepare, then distribute physical shares of your encryption passphrase.
VeraCrypt containers provide a flexible and secure way to protect specific data sets on your Windows PC, MacBook or Linux computer. This method is ideal for users who need encryption or partitioning and access control to certain groups of files, for example when keeping work information completely seperate from your personal documents, like your magnum opus, bank statements and wills. Remember, the security of your data is only as strong as your password, so choose one wisely.
`VeraCrypt's versatility with containers makes it a preferred choice for encrypting sensitive data into self-contained vaults, suitable for use across various platforms.'