Prior in this chapter we have already shown you how to install TrueCrypt and VeraCrypt and compared the advantages and disadvantages of each program. In this section we will walk you through the steps to ensure you can create and use encrypted file-hosted volumes with the help of TrueCrypt and VeraCrypt on-the-fly encryption software.
The key functionality and appearance of these applications are identical, so we are going to show how they work by guiding you through the windows version of VeraCrypt running it on a Windows 10 machine. This instruction is helpful for users of any of the two programs launched in any operating system,
Creating an encrypted file-hosted volume in TrueCrypt / VeraCrypt
Let’s start by creating a volume. Run VeraCrypt / TrueCrypt and in the main screen click on the “Create Volume” button.
This will launch the VeraCrypt Volume Creation Wizard that will prompt you to select one of the three options.
Create an encrypted file container – create a common encrypted file-hosted volume. That’s what we are going for.
Encrypt a non-system partition/drive – encrypt a non-system partition on a hard drive, USB flash drive or SD card.
Encrypt the system partition or entire system drive – encrypt a drive where the operating system is installed or create an additional system drive. If you choose this option, you will need to enter the password every time the operating system boots up, and you will learn about it in one of the next sections of the chapters.
On the next screen, you have to select the type of the volume you wish to create: standard or hidden. In this course you will learn how to create hidden encrypted file-hosted volumes. But for now select the first option - Standard VeraCrypt volume.
The Wizard will ask you to select the location for your file, name and file extension.
You can choose any extension and location for the file you wish to save, however we don’t recommend choosing a name that doesn’t differ from existing files.
Below on the screenshot you can see that we have chosen the name data1.dat for our encrypted file-hosted volume and saved it to the “Desktop” folder.
Do you know why we created a file with the extension .dat? This is an important detail you can read about in the chapter exploring TrueCrypt.
Next, you will need to choose an encryption option. An encryption option is a method used for encrypting your data.We would delve into comparing the encryption schemes, but it would be tiring and tedious, so you won’t go wrong if you choose Serpent-Twofish-AES.
Next, the system will ask you to choose the volume size for your encrypted file-hosted volume. When creating a volume, be aware to allocate 5% (but not over 100 MB) of its size for system information and the key for data decryption.
After you choose the volume size, we need to generate a password for decrypting your volume. We strongly recommend you use both password and keyfile to ensure maximum security. To do so, check the box Use keyfiles.
Before creating a password and keyfile, we suggest you read this chapter. To add a key, click on the Keyfiles button.
In the window that appears, choose Add Files if you want to add your file as a key or Generate Random Keyfile if you want to create keyfile.
We recommend you generate a new key. Move your mouse cursor around the screen until your key is generated, then choose its name and click Generate and Save Keyfiles. The system will prompt you to specify the location where you want the keyfile you’ve just generated to be saved.
After you create the key, click on Add Files… and add this key to the list of VeraCrypt / TrueCrypt keys. Then select it from the list and click OK.
Next, the Wizard will ask you to choose the filesystem. If you are a Windows user, we suggest you go for NTFS. After you select the filesystem for your encrypted file-hosted volume, click Format.
Make sure you sufficiently move your mouse around to increase the security of the volume you’ve just created (though in an indirect way).
The time it takes to create an encrypted file-hosted volume depends on its size and selected encryption algorithms. Once the process is complete, the program will ask you if you wish to create another encrypted volume. Many beginn