Setting up false volumes in TrueCrypt

TrueCrypt is a free tool to create virtual encrypted disks housed within individual files, or a ‘volume within a volume’ – a hidden operating system and set of files that is invisibly housed in an encrypted file.

1. Inner and hidden volumes
A hidden volume is hidden inside another file with a separate password. This might smack of paranoia, and it’s crucial to manage it carefully, but if your customer is concerned about being forced to reveal their decryption key by customs
or immigration officials – which the US Department 
of Homeland Security can now require – they can hand over the outer volume and password without revealing the hidden one, which is protected using stenography.

-- click image to enlarge --

2. Choose a password

Multiple key files can be used in conjunction with a password to make the system more secure by stopping key loggers and brute force attacks. Any type of file including a MP3 can be a key file. During key generation, TrueCrypt asks you to move your mouse randomly in the window to create a random pool of data that it then uses to generate a cryptographic key for your data.

-- click image to enlarge --

3. The finished outer volume
The outer volume has been created in the form of a file, which can be mounted as a disk image. Decoy data is then copied onto this ‘disk’.

-- click image to enlarge --

4. Creating the hidden volume
Set the password and size for the hidden volume, which will be inside the file but which will not show when the disk is mounted. You’ll also need to create a TrueCrypt Rescue Disk on CD or DVD – and if the password changes, you’ll need to make a new recovery disc.

-- click image to enlarge --

Link to a Relevant Feature Click here to go to the main feature - Specifying and Supporting Disk Encryption


Show other articles by this author

Share |
Write comment
security image
smaller | bigger



Subscribe and get the magazine in the post before it's online

Subscribe and get access to all of the back issues

To read a sample eMagazine - March 2010



If you're supporting en users who need to transfer files by FTP occasionally, explaining how to use FTP every time can get frustrating. Map an FTP site as a custom network location and they can do it through the familiar Explorer window. If you only have a couple of machines you can choose Tools >Map Network Drive… in Explorer and click the link 'Connect to a Web site that you can use to store your documents and pictures' to open a wizard that creates a network location. Select 'Choose a custom network location', type in the FTP address and fill in the user name and password. You can also create mapped drives and network places on the Environment tab of the user's Active Directory object - but if you have a lot of users to set up, put it in the logon script for the user profile under Active Directory Users and Computers.
If you're running into problems with Group Policy Objects, check this handy summary of the rules at read more


Unified communications


The #1 Bestseller for Only 77p

Key resources

Login to view Key Resources