= Veracrypt

:Author: Seth Kenlon
:Email: [email protected]

Many ago, there was some software called Truecrypt.
Its source code was available, although there were no major claims that anyone had ever audited or contributed to it.
Its author was, and remains to this day, anonymous.
Still, it was cross-platform, esay to use, and really really useful.
Truecrypt allowed you to create an encrypted file "vault", where you could store sensitive information of any kind (text, audio, video, images, PDFs, and so on).
The vault, with the correct passphrase, could be decrypted by Truecrypt running on any computer to provide read and write access again.
It was a useful technique, and provided, essentially, a virtual portable and  fully-encrypted drive (except it was a file) where you could safely store your data.

Truecrypt eventually closed down, but a replacement project called Veracrypt quickly sprang up to fill the void.
https://www.veracrypt.fr/en/Home.html[Veracrypt] is based on Truecrypt 7.1a, and features many improvements over the original (including significant algorithm changes for standard encrypted volumes as well as boot volumes).
Since Veracrypt version 1.12, it has been possible to use custom iterations for increased encryption security.
Better yet, VeraCrypt can load old TrueCrypt volumes, so if you were a Truecrypt user it's easy to transfer over to Veracrypt.

== Installing Veracrypt

You can install Veracrypt on all major platforms by downloading the appropriate installer file from the https://www.veracrypt.fr/en/Downloads.html[Veracrypt download page].

Alternately, you can build it yourself from source code.
On Linux, it requires wxGTK3, makeself, and the usual development stack (binutils, GCC, and so on).

Once you have it installed, launch Veracrypt from your application menu.

== Create a Veracrypt volume

If you're new to Veracrypt, then you must create a Veracrypt volume first (otherwise you have nothing to decrypt).
In the Veracrypt window, click the *Create Volume* button on the left.

image: verocrypt-create-volume.jpg

In the Veracrypt *Volume Creator Wizard* window that appears, choose whether you want to create an encrypted file container or whether you want to encrypt an entire drive.
The wizard steps you through creating a vault for your data, so follow along as prompted.

For this article, I created a file container.
A Veracrypt container is a lot like any other file: it exists on a hard drive, external drive, in cloud storage, or anywhere else you can think to store data.
Like other files, it can be moved and copied and deleted.
Unlike most other files, it can _contain_ more files, which is why I think of it as a "vault" and Veracrypt developers refer to it as a "container".
A Veracrypt file is only called a "container" by its developers because it can contain other data objects, and has nothing to do with the container technology made popular by LXC, Kubernetes, and other modern IT mechanisms.

=== Choose a file system

During the creation process, you're asked to select a file system to decide how the files you place inside your vault are stored.
The Microsoft FAT format is archaic, nonjournaled, and limits both volume and file sizes, but it's the one format that all platforms can read from and write to.
If your Veracrypt vault is intended to cross platforms, FAT is your best bet.

NTFS works for Windows and Linux.

The open source EXT series works for Linux.

== Mount a Veracrypt volume

Once you've created a Veracrypt volume, you can mount it from within the Veracrypt window.
To mount an encrypted vault, click the *Select File* button on the right.
Select your encrypted file, select one of the numbered slots in the upper half of the Veracrypt window, and then click the *Mount* button located in the lower left corner of the Veracrypt window.

image: veracrypt-volume.jpg

Your mounted volume is listed in the list of available volumes in the Veracrypt window, and you can now access that volume through your file manager as if it were an external drive.
For instance, on KDE, I open Dolphin and navigate to `/media/veracrypt1`, and then I'm able to copy files into my vault.

As long as you have Veracrypt on a device, you can always access your vault.
It's encrypted until you manually mount it in Veracrypt, where it remains decrypted until you close the volume again.

== Close a Veracrypt volume

To keep your data safe, it's important to close a Veracrypt volume when you don't need it open.
That keeps it safe from prying eyes and crimes of opportunity.

Closing up the Veracrypt container's about as easy as it is to open one: select the listed volume in the Veracrypt window and click *Dismount*.
You no longer have access to the files inside your vault, and neither does anyone else.

== Veracrypt for easy cross-platform encryption

There are many ways for you to keep your data secure, and Veracrypt tries to make it easy for you, regardless of what platform you need to use that data on.
If you want to experience easy and open source file encryption, try Veracrypt.

You are viewing proxied material from sdf.org. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.