TrueCrypt User Guide

Cross platform desktop encryption made easy

Mr Mohamed Hansraj, OCIO
Dr Bill Worthington, OCIO

V7, August 2014

TrueCrypt User Guide
Introduction to TrueCrypt

• TrueCrypt is an opensource tool which was developed over a number of years. Development
ceased in May 2014 amid much mystery and speculation and a very un-professional
termination of the project by its opensource developers. There is nothing to suggest that
version 7.1a, the last distributed full version, is any less reliable or secure than was held
to be the case before the development ceased. It is currently the only good cross platform
desktop encryption solution, and our recommendation is to carry on using it.

• TrueCrypt is an all-in-one package which can be used to encrypt all of your important data and
allow you to work with encrypted files as you would with normal files.

• TrueCrypt creates an encrypted container which appears on the desktop as a mounted volume
(a drive on Windows), and functions much in the way as any normal attached storage device.
Files are encrypted on the fly as you drag and drop or cut and paste them in and out of the
mounted volume.

• Volumes are stored in container files. Unmounted containers are just single large binary files
that can be transferred between file systems, via the Internet, and by personal storage devices.
TrueCrypt User Guide
Downloading and installing TrueCrypt

• TrueCrypt can be downloaded from:

https://truecrypt.ch/downloads/

• You can download a copy of TrueCrypt for

Windows, Apple OSX and Linux.

• To install the package, run the installation

application; accept the terms of the user
agreement and the select INSTALL. Click finish once
the installation is complete. You have now
successfully installed TrueCrypt.

• Launch TrueCrypt by double-clicking on

TrueCrypt.exe or clicking on the TrueCrypt shortcut
in your Windows Start menu. On OSX and Linux
open the TrueCrypt application.
TrueCrypt User Guide
Creating a TrueCrypt volume
TrueCrypt User Guide
Start TrueCrypt and begin creating a TrueCrypt volume

• Launch TrueCrypt. The TrueCrypt application

window will appear on your screen.

• Click Create Volume (highlighted with a red

rectangle in this screenshot).
 TrueCrypt User Guide
Volume Creation Wizard: Step 1, container type

In almost all situations you will need to ‘Create an encrypted file container’.

This is the default option, so you can click ‘Next’.

Other  op)ons:  
 ‘Encrypt  a  non-­‐system  par00on/drive’  is  generally  to  
encrypt  an  en)re  device,  like  a  portable  hard  drive  or  
USB  s)ck.    There  is  no  need  to  do  this  in  most  
circumstances  and  the  most  flexible  solu)on  is  to  
create  a  standalone  container  using  the  first  op)on  
above.  
 
The  third  op)on,  ‘Encrypt  the  system  par00on  or  
en0re  system  drive’  will  encrypt  your  en)re  system.  
Only  an  expert  user  or  system  administrator  should  
aCempt  this.  

 
 TrueCrypt User Guide
Volume Creation Wizard: step 2, volume type

In almost all situations you will need to create a ‘Standard TrueCrypt volume’.

This is the default option, so you can click ‘Next’.

Other  op)ons:    ‘Hidden  TrueCrypt  volume’    

Unless  you  have  very  special  circumstances,  you  won’t  
need  to  create  a  hidden  volume.  
 

 
 TrueCrypt User Guide
Volume Creation Wizard: step 3, name the container file

Click ‘Select File’ and use your standard

system file selector to select the location
for your file and type in its name.
In this example, we will create a
container file called ‘secure-volume.tc’ on
the Desktop.
After selecting the path and naming the
file click ‘Next’

Important:  
unfortunately  TrueCrypt  does  not  fill  in  the  default  
file  extension  for  you,  so  you  need  to  explicitly  
type  .tc  on  the  end  of  your  filename.    
 
Take  care:  
if  you  select  an  exis)ng  file  TrueCrypt  will  
overwrite  it  without  asking  you  and  its  contents  
will  be  lost.    

 
 TrueCrypt User Guide
Volume Creation Wizard: step 4, encryption method

In almost all situations you can use the AES encryption algorithm.

This is the default option, so you can click ‘Next’.

Other  op)ons:    
The  other  algorithms  available  are  arguably  more  
secure  as  they  are  more  complicated    but  can  take  
significantly  longer  to  create  a  large  container  and  also  
impact  on  the  )me  to  encrypt  and  decrypt  files  in  an  
open  volume,  (which  with  AES    is  usually  so  fast  as  to  
be  not  no)ceable).  
 
To  test  the  various  methods,  click  ‘Benchmark’  –  this  
will  open  a  new  window  and  will  display  the  
performance  for  other  algorithms  your  system.  
 TrueCrypt User Guide
Volume Creation Wizard: step 5, volume size
Next we specify the size of our TrueCrypt volume. This
allocates the space available inside the container for files.

Enter a number of kilobytes (KB), megabytes (MB), or

gigabytes (GB), then click ‘Next’.

Size  op)ons:    
Choose  a  size  commensurate  with  space  you  think  you  
are  likely  to  need  and  no  larger.    
The  larger  the  volume  -­‐  the  longer  it  will  take  to  create  
and  to  transfer  which  may  be  important  if  you  need  to  
share  a  container.    
 
 TrueCrypt User Guide
Volume Creation Wizard: step 6, set the password
Choose a good password - whatever encryption you use, security can be
compromised by a weak password.

IMPORTANT: Do not forget or lose your password as it will be impossible

to open the container and gain access to your files.

Good  password  op)ons  :    

• Avoiding  choosing  words  that  can  be  found  in  a  
dic)onary  
• Avoid  dates  or  names  
• Avoid  guessable  personal  details  
• Use  a  mix  of  upper  and  lower  case  leCers  and  
special  characters  (such  as  £  $  %  ^  &  #  etc.)  
• A  good  length  is  more  than  20  characters  (the  
longer  the  beCer)  
• The  limit  is  64  characters  

The  wizard  may  complain  about  your  password  if  it  

does  not  think  your  choice  is  good  enough  –  but  you  
can  override  this  objec)on    
 TrueCrypt User Guide
Volume Creation Wizard: step 7, format the volume
In almost all situations you should use ‘FAT’ for the file system, this works on all platforms.

This is the default option, so you can click ‘Format’ - but first, move your mouse around
randomly within the Volume Creation Wizard window. This randomises the encryption key.

Other  op)ons  :  
NTFS  is  a  special  file  system  for  Windows  only  and  
requires  admin  rights  to  mount.  
 
Randomising  the  encryp)on  key  is  important.  The  
longer  you  move  the  mouse  the  beCer  as  this  
increases  the  cryptographic  strength  of  the  encryp)on  
keys  (which  increase  security).    If  you  and  everyone  
else  just  selected  the  first  key  by  clicking  ‘format’  right  
away,  then  the  effec)veness  of  the  encryp)on  of  your  
volume  would  be  compromised.  
 
 
 
 
 TrueCrypt User Guide
Volume Creation Wizard: step 8, volume created
When you click ‘Format’ TrueCrypt will begin encrypting the volume container file. The time
this takes depends on the size of the volume you specified. A ‘successful’ dialog box will
appear when it finishes. Click OK to close the dialog box.

Click ‘Exit’ to close the Volume Creation Wizard or ‘Next’ to create another volume
container
TrueCrypt User Guide
Using your encrypted, password protected container
 TrueCrypt User Guide
Using your container: step 1, select a mount point and file
Start the TrueCrypt application and make sure the application window is in view.

Click on a drive letter to select a volume mount point (OSX and Linux users will select a
number). Then click ‘Select’ to use your standard system file selector to pick a TrueCrypt
container file.
TrueCrypt User Guide
Using your container: step 2, mount and enter password
With a container file and mount point selected, click ‘Mount’ and enter your password.
Ignore all the settings on the password dialog.
Note in this example we have selected drive M:

Short  cut:      
On  most  systems  you  should  be  able  simply  double  
click  a  TrueCrypt  container  file  (.tc),  whereupon  the  
applica)on  will  start,  select  the  file,  and  pick  the  next  
available  mount  point  -­‐  you  just  need  to  click  ‘mount’.  
 
(on  OSX  and  Linux  you  may  need  to  associate  the  
extension  .tc  with  the  TrueCrypt  applica)on  ader  
installa)on).    
 
TrueCrypt User Guide
Using your container: step 3, work with the mounted drive
Your secure volume is available to use just like any other storage attached to your computer
(in this example as M: ) Data is encrypted and decrypted without you noticing as you move
files in and out.
You can use your preferred way of working to drag and drop, or cut and paste, right click,
and save in the volume.

Op)ons:  
You  can  minimise  or  even  close  the  TrueCrypt  
applica)on  window  while  you  work.  
 
Short  cut:      
On  Windows  –  press  the  Windows/Microsod  Key  +  E    
to  open  ‘My  computer’  to  see  your  drives.  
On  OSX  –  press  Apple/Cmd  -­‐  shid-­‐  F  to  open  a  new  
Finder  window  to  see  your  volumes.  
 
 
TrueCrypt User Guide
Using your container: step 4, dismount your drive/volume
When you have finished working, return to the TrueCrypt application window and click ‘Dismount All’.
All TrueCrypt drives/volumes will be closed and saved.

Op)ons:      
If  you  only  want  to  dismount  one  drive,  select  its  drive  
leCer  and  click  ‘Dismount’      
 
If  you  shut  down  or  restart  or  log  off  TrueCrypt  will  
deal  with  this  gracefully  and  dismount  all  drives/
volumes  (unless  you  have  led  any  files  open,  in  which  
case  it  will  pause  the  opera)on  in  the  usual  way).    
 TrueCrypt User Guide
Using your container: backup and tips

You should keep a backup of your TrueCrypt container files just as you would with any other data,
because –
• container files are only as good the hardware they are stored on – one damaged byte and
everything inside will be lost
• (this is another good reason for making them as only as large as necessary)

Never keep the only copy of something in a TrueCrypt container, because –

• you may lose or forget the password – there is no way around the encryption, everything inside
will be lost

If you send your TrueCrypt container files to someone make sure you send the password by a separate
secure route – encryption is only as good as your password security

Avoid blocking up mail systems by sending container files using https://www.exchangefile.herts.ac.uk

TrueCrypt User Guide
Appendix: Traveler Disks (Windows Only)

we are sorry – we know it is spelt incorrectly, but we will stick with what is on the application interface L
TrueCrypt User Guide
Traveler Disks: step 1, start the setup
Although getting and installing TrueCrypt is easy, there may be times when you (or a collaborator) need
to open a container on a machine where TrueCrypt is not installed. On Windows systems you can
create a Traveler Disk to achieve this.
With the TrueCrypt application window in view, select ‘Tools > Traveler Disk Setup’

Op)ons:      
Traveler  disks  do  not  work  on  OSX  or  Linux  so  you  will  
need  to  get  and  install  the  applica)on  to  use  
TrueCrypt  
TrueCrypt User Guide
Traveler Disks: step 2, select target portable media
Browse and select the destination directory for your Traveler disk. This might be a USB data stick or a
portable hard drive.

Op)ons:  
The  des)na)on  directory  may  even  be  a  folder  which  
you  can  add  a  container  file  to  and  then  zip  up  and  
transfer  electronically  
 
TrueCrypt User Guide
Traveler Disks: step 3, create the Traveler disk
Often you will use general purpose portable media which contains other things in addition to TrueCrypt,
so you will not want it to start automatically.

Autorun ‘Do Nothing’ is the default option, so you can click ‘Create’.

Op)ons:  
In  some  circumstances,  you  might  want  TrueCrypt  to  
start  and  mount  a  container  Automa)cally.  You  can  do  
this  using  the  Autorun  sekngs.    If  you  do  this  never  
)ck  ‘cache  password  in  driver  memory’  –  this  is  a  
security  risk.    
TrueCrypt User Guide
Traveler Disks: using you Traveler Disk
The Traveler Disk shows up on portable media as a folder called ‘TrueCrypt’. This contains four or five
files including two executables.

To open a TrueCrypt container drag and drop it onto the TrueCrypt(.exe) application.

Op)ons:  
Most  of  the  0me  you  probably  want  to  transport  a  
container  file  with  the  Traveler  Disk,  so  don’t  forget  to  
copy  it  to  the  portable  media.  It  is  okay  to  put  it  in  the  
TrueCrypt  folder.  
 
Op)ons:  
The  TrueCrypt  Format  applica)on  is  also  included  by  
default,  so  unless  you  un)cked  this  op)on  earlier,    you  
can  also  use  your  Traveller  Disk  to  create  containers.    
TrueCrypt User Guide
Support

TrueCrypt is easy to use, but if in doubt contact

[email protected] x4678