Encrypted flash drives
-
@aaronstuder said in Encrypted flash drives:
@BBigford Why can't the password be a PIN? Can't you just set the password to 8596? I assume your doing 4 digits?
Yeah I'm just using 0000 as a test right now. BtG doesn't allow for a PIN so that's cool that VeraCrypt does.
-
I think I am missing something... Bitlocker to Go allows you to plug a flash drive in, and asks for the password. I can't get VeraCrypt to do the same. Not all systems with VeraCrypt protected drives would have the VeraCrypt software on the computer. Do computers have to have VeraCrypt installed to read the content?
-
Did you select automount? Is your AV blocking it?
-
@aaronstuder said in Encrypted flash drives:
Did you select automount? Is your AV blocking it?
Yeah I got it to work, but unless I'm missing something, you must have VeraCrypt installed on the PC to decrypt the drive?
-
@BBigford No, you run VeraCrypt from the USB drive.
-
@aaronstuder said in Encrypted flash drives:
@BBigford No, you run VeraCrypt from the USB drive.
I am clearly missing something then...
-
@aaronstuder said in Encrypted flash drives:
@BBigford No, you run VeraCrypt from the USB drive.
How are you running it from the external drive? I keep going back to the same issue where the drive mounts but looks like this...
So I have to mount it in the VeraCrypt installation on my workstation...
So that I can see the new volume (in this case, S:)
Where am I going wrong? I just want to plug it in on a Mac or Windows PC and have it prompt for a PIN to unlock the drive.
-
@aaronstuder said in Encrypted flash drives:
@BBigford No, you run VeraCrypt from the USB drive.
How does it run if it is encrypted? Do you have two partitions?
-
Maybe I am asking for something that doesn't exist...
For instance, Bitlocker to Go is functionally exactly what we need (minus the PIN option), but doesn't work for Macs. But it relies on software that is already installed on the PC (Bitlocker).
-
@BBigford Format the USB Drive and start again.
First, run the VeraCrypt Volume Creation Wizard to create a Volume on the USB drive. You can make it as large as you want, just leave a little space for VeraCrypt itself.
Now, run the VeraCrypt Traveler Disk Setup. In the first box, select your USB drive letter. Then select auto-mount, and select the VeraCrypt Volume you created.
-
@scottalanmiller You can use two partitions too, but it's much easier to use a VeraCrypt Volume.
-
So to be clear, you not really encrypting the drive itself, your encrypting the data your putting on the drive.
-
Remember that a VeraCrypt Volume is just a file. It can have no extension or it can have a fake one. I normally fill the flash drive with a bunch of unimportant unencrypted documents, as well some VeraCrypt Volume's named TPS_Report.xls, pics.zip, etc. Any normally person finding the USB drive, just assumes that those files at corrupted, and deletes then or better yet just wipes the drive and reuses it.
-
@aaronstuder said in Encrypted flash drives:
So to be clear, you not really encrypting the drive itself, your encrypting the data your putting on the drive.
Oh I see, that makes more sense then.
-
@aaronstuder said in Encrypted flash drives:
Remember that a VeraCrypt Volume is just a file. It can have no extension or it can have a fake one. I normally fill the flash drive with a bunch of unimportant unencrypted documents, as well some VeraCrypt Volume's named TPS_Report.xls, pics.zip, etc. Any normally person finding the USB drive, just assumes that those files at corrupted, and deletes then or better yet just wipes the drive and reuses it.
Don't you trust VC to do its job?
-
Decided to just use the built in tools (Bitlocker to Go and HFS+ encryption), for each device respectively. The Corsair Padlocks are cheaper than, say, IronKey. But still too spendy when we can get thumb drives for $3 apiece for regular 8GB drives.
VeraCrypt is awesome, but it's going to be too cumbersome for end users. Going with the built in options are just going to be the easiest method instead of fighting with it, since it allows for plug in and prompt for password.
-
@BRRABill said in Encrypted flash drives:
@aaronstuder said in Encrypted flash drives:
Remember that a VeraCrypt Volume is just a file. It can have no extension or it can have a fake one. I normally fill the flash drive with a bunch of unimportant unencrypted documents, as well some VeraCrypt Volume's named TPS_Report.xls, pics.zip, etc. Any normally person finding the USB drive, just assumes that those files at corrupted, and deletes then or better yet just wipes the drive and reuses it.
Don't you trust VC to do its job?
I'm not sure what you're asking?
-
@Dashrender said
Don't you trust VC to do its job?
I'm not sure what you're asking?
He said he obscures his VC container on the disk. I guess a little extra security is OK, but isn't that the point of VC, that if someone gets their hands on your container they can't get into it?
An average user wouldn't know what it was anyway, and a hacker wouldn't be thrown off by the renaming.
-
@BRRABill said in Encrypted flash drives:
@Dashrender said
Don't you trust VC to do its job?
I'm not sure what you're asking?
He said he obscures his VC container on the disk. I guess a little extra security is OK, but isn't that the point of VC, that if someone gets their hands on your container they can't get into it?
An average user wouldn't know what it was anyway, and a hacker wouldn't be thrown off by the renaming.
That would be my thought. It's just obscurity. The casual hacker is already thwarted. The determined one is not affected.
-
@scottalanmiller said
That would be my thought. It's just obscurity. The casual hacker is already thwarted. The determined one is not affected.
My thoughts exactly.
