VeraCrypt volume level encryption is perhaps one of the most common ways in which this program is utilized. It is also how I first became acqauinted with this TrueCrypt, it’s predecessor. If you are just starting with VeraCrypt, creating a working with a few volumes is a great way to ease into using encryption. If you don’t already have VeraCrypt, your first step will be to download and install it. This tutorial was created using Windows 7. The procedure is very similar on Mac OS X, Linux, and Windows 10 computers. If you have issues, please consult the VeraCrypt User’s Guide by clicking “Help” and selecting “User’s Guide”.
VeraCrypt Volume Level Encryption
To begin creating a volume open VeraCrypt and click the “Create Volume” button. A popup will appear. It will ask you what type of volume you would like to create. Select “Create an encrypted file container” and click Next. You will be asked if you wish to create a standard volume or a hidden volume. Select “Standard VeraCrypt Volume” (hidden volumes will be discussed later). Finally, you will be asked where you would like to save the volume. Clicking the “Select File” button will open a Mac Finder or Windows Explorer pane. Choose where you would like to put it and what you would like to call it. The name doesn’t matter but it should be something that you can remember so you can find the volume later.
Next, choose your encryption algorithm and hash algorithm. Though VeraCrypt offers a host of options, I recommend sticking with the tried and true: AES with SHA-512. Click “Next” and you will be asked to choose the volume size. This is up to you and what you wish to use the volume for. If you are making a large volume for long-term, persistent storage, make it a bigger than you think you will need. If you are making a volume to transmit a handful of files, make it just large enough to hold the files.
On the next page you will be asked to choose a password. I recommend choosing a good, strong password. This MUST be a password that you can manually enter. VeraCrypt will not allow you to paste a password into the password field, either during the volume creation process, or later when you are actually mounting the volume. Finally you will be asked to create some entropy for your new volume by moving your mouse around randomly. Move the mouse until the progress bar at the bottom is completely filled. When this is done click “Format”.
Upon completion you will be shown a message telling you that the volume has been successfully created. Close this message and close the Volume Creation Wizard. Now let’s move on to actually using your new volume.
Using VeraCrypt Volume Level Encryption
Currently, the volume itself is encrypted. Files cannot be accessed, or added to it. To make the volume cryptographically accessible you must mount it. On the VeraCrypt interface click the “Select File” button. Navigate to your encrypted volume and select it. Next, choose a drive letter from the upper part of the VeraCrypt interface by clicking on it. When you have selected a drive letter or number click “Mount”. You will be prompted to enter your password. When you have entered your password click “OK” and the volume will mount. It may take a few moments for the volume to be successfully mounted.
When your volume has mounted, some information will appear beside it’s drive letter or number. This includes the file pathway, the size, encryption, and type (standard or hidden). Now it is time to access your volume. You can do so by clicking directly on the drive letter in the VeraCrypt interface. This will open a Mac Finder or Windows Explorer pane as shown in the lower right image below. VeraCrypt volumes behave like virtual hard drives, so you can now copy files to the volume or save files directly to it.You can open multiple volumes at once (you are only limited by the number of drive letters available), so you can copy files between encrypted volumes or encrypted external media.
When you are finished working inside the volume, you should dismount. To do so, first ensure that all of the files stored in the volume are closed. Select the volume by clicking on the appropriate drive letter and click “Dismount”. The drive will be ejected and your files are once again secured.
VeraCrypt volume level encryption has one major advantage over FileVault volumes. They are truly cross-platform and can be used by any computer with VeraCrypt installed. There are a great many features to VeraCrypt that we haven’t discussed yet, but stay tuned!
If you enjoyed this article and would like exclusive content, sign up for the Operational-Security Newsletter.