Setting up false volumes in TrueCrypt

TrueCrypt is a free tool to create virtual encrypted disks housed within individual files, or a ‘volume within a volume’ – a hidden operating system and set of files that is invisibly housed in an encrypted file.

1. Inner and hidden volumes
A hidden volume is hidden inside another file with a separate password. This might smack of paranoia, and it’s crucial to manage it carefully, but if your customer is concerned about being forced to reveal their decryption key by customs
or immigration officials – which the US Department 
of Homeland Security can now require – they can hand over the outer volume and password without revealing the hidden one, which is protected using stenography.

-- click image to enlarge --

2. Choose a password

Multiple key files can be used in conjunction with a password to make the system more secure by stopping key loggers and brute force attacks. Any type of file including a MP3 can be a key file. During key generation, TrueCrypt asks you to move your mouse randomly in the window to create a random pool of data that it then uses to generate a cryptographic key for your data.

-- click image to enlarge --

3. The finished outer volume
The outer volume has been created in the form of a file, which can be mounted as a disk image. Decoy data is then copied onto this ‘disk’.

-- click image to enlarge --

4. Creating the hidden volume
Set the password and size for the hidden volume, which will be inside the file but which will not show when the disk is mounted. You’ll also need to create a TrueCrypt Rescue Disk on CD or DVD – and if the password changes, you’ll need to make a new recovery disc.

-- click image to enlarge --

Link to a Relevant Feature Click here to go to the main feature - Specifying and Supporting Disk Encryption


Show other articles by this author

Share |
Write comment
security image
smaller | bigger



Subscribe and get the magazine in the post before it's online

Subscribe and get access to all of the back issues

To read a sample eMagazine - March 2010



You want the PCs you support to have the right time for more reasons than keeping the users happy; for one thing, if every PC has a slightly different time, finding which version of a file was updated most recently gets much more complicated. Get your head around the Windows Time Service at, get the commands for making a PC get its time from the domain at and if you want a an alternative time server use to get the time from a random time server in the NTP Pool Project (read about the project at read more


Unified communications


The #1 Bestseller for Only 77p

Key resources

Login to view Key Resources