Creating a Hidden Drive in VeraCrypt - Tutorial

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
hello and welcome to creating a hidden volume in veracrypt to execute this tutorial you will need to have veracrypt installed there'll be a card that appears up in the top corner of this video plus there's a link right below in the description to go get veracrypt so if you need to install it please go ahead and do so before you do this tutorial if you're going to follow along of course and of course one thing we should probably talk about is why you might want to make an encrypted hidden volume rather than just an encrypted volume an encrypted drive the reason is actually quite simple if you just make an encrypted drive and it is protected by a password there may come a time when someone will make you give your password up and if that is the case they will then have all your secrets and the idea behind this is laid out pretty well in this cartoon the idea is no matter how good your encryption algorithm is no matter how awesome the hundred character password is let's just say if that was possible it wouldn't matter in the end because someone could just beat you with a wrench until you give them the password and that's a legit thing there's gonna be times when you have to give up your password and we would rather not have to do that but you might if that's the case a hidden volume allows us to give up the password to the outer volume the thing that holds the hidden volume by giving that up Hey look we got into their hidden stuff we got into their quote quote you know encrypted hidden content yeah but you're not giving up your actual hidden volumes password only the outer volume the one that holds it so basically your actual secrets are still secure because you haven't given up the password to that volume it's a great idea and it works quite well actually so I will give you a link right below in the description about rubber-hose cryptanalysis if you're shouldn't going and reading about it it's an interesting topic and it is important to realize that this is pretty normal in the business of the human fails whereas the cryptographic algorithm does not fail and if that's the case we want to have some way to protect our stuff even if we have to give up the password so we have plausible deniability as they call it hey this is my password here's my secret stuff and there's no way for someone to detect that hidden volume exists it's a great idea all right without further ado let's go do it let's go make one so you'll need to run veracrypt in my case I already have it installed so I just clicked on its icon down here in the taskbar it's a run veracrypt and you will see its GUI pop up we want to click on create a volume so we're gonna create an encrypted file container we're not going to do this on the drive we're just gonna do this in a file to keep it simple you can do this on an actual non system drive if you wish you can also do it on your actual system partition but that gets a little hairy unless you know what you're doing and you have a really good discipline so we're just gonna do an encrypted file container and call it good so go ahead and select create an encrypted file container and click Next we select hidden veracrypt volume because we're going to make a hidden one it is generally recommended that you make it in this fashion you don't just add a hidden volume to one that already exists but we'll go ahead and start off with hidden veracrypt volume right here and click Next if you want to add the hidden volume to a volume that already exists you can you can just use direct mode and add it but in our case we're gonna use a normal mode because we're just letting the wizard do our work for us so we have to first make an outer volume and then we will make the hidden volume click next we need to select the file location click select file now I have made a folder on my desktop called encrypted drives so I'm just gonna store it in my encrypted drives folder you could store the file anywhere you want to in our case I'm just gonna put it here then we're gonna call it the outer volume making it very clear that this is the actual file that will contain our hidden drive and that it is the outer one that there is no file that you will see quote quote for the hidden driver volume click Save click Next now we need to setup the options for that outer volume click Next we will leave the encryption options at AE s and sha-512 they're fine for what we're doing click Next free space now this is a biggie you need to give it enough space to hold your hidden volume and give that hidden volume enough room to actually store the stuff that you're going to need to store so we're gonna do a hundred megabytes because that's a good round number and it makes it quick for the demo obviously if you don't give it enough space in the outer volume it isn't gonna be able to contain what you want to contain in the hidden one and don't forget there has some you know it's got some overhead in that outer volume too because you're gonna want to put some files in there but we'll get to that in a second so I'm gonna go ahead and pick a hundred megabytes to keep it simple click Next password needs to be a decent password no matter how you slice it I'm just gonna use password literally the word password never use that in the real world obviously but in our case password is just fine we'll go ahead and use password click Next it's gonna complain but it's fine for tutorial we're fine so hit click yes now file format matters here if I drop down my selection box NTFS does not deal well with this it has some issues so generally you should use fat or X fat we will pick X fat because that is a more modern system that will work okay for what we're doing you also cannot do dynamic drives for this type of thing like I was saying in one of my other tutorials you know dynamic drives are okay there's nothing particularly wrong with them but especially for this kind of thing you cannot use them it has to actually allocate all the space otherwise an adversary could actually figure out where your encrypted data is and that would be bad so we want to make sure it takes up all the space we've told it to use in one fell swoop so we give some movements here for our mouse to make sure that we're as random as we can be you know at least as random as we can collect here and click format it'll ask for administrator rights click yes and it will now mount the outer volume that we just made so as you can see here it's saying hey I've mounted this click open outer volume and you will see that Windows has mounted this to drive Z this is the outer volume that will hold no for lack of better noting that you really care about this is the stuff you want to put on there so that people think they've gotten into your secret stuff so put fake secret stuff in here or you know secret stuff that isn't that secret in this case we're just gonna cheat and add a text document that says I'm a secret and maybe we'll do another one another text document here and we'll say I'm a password file or something you know bottom line is you put some fake stuff in there some pictures some text files whatever you want to put in there but the idea is that this stuff isn't actually the stuff you're trying to protect it's just stuff to make people happy that they got that password once you're done adding some fake files remember don't add so many files you have no room left for your hidden volume that would be bad part two of that though don't mess with the outer drive outer volume after you've created the hidden volume or you could end up with problems it could actually destroy the hidden volume so you want to put your fake stuff in here now and then not use the outer volume again so I'll say it one more time just to be real clear you want to put the files that you're going to use to appease someone in here now and then once that's done and the hidden volume is created you do not go back and use that outer volume again because it is possible that can corrupt the hidden volume and that ruins everything so once you've got some files in there to fake people out close my Explorer here and we need to go and make the hidden vine click next and it'll take a second it'll ask for user account you don't ask for administrator again click yes alright now it's time to make the hidden volume basically veracrypt went in looked at what it made before in this outer volume and figured out what its size for the hidden volume could be after you've put in those other files obviously it changes the size of the space available click next we'll go ahead and use AES again there's no reason to change the algorithm for encryption we're good click Next maximum size now here's where things get interesting if you actually try to make this say ninety megabytes let's say it might complain let's click Next and see what happens so we'll put in ninety megabytes and click Next aha so it's going to basically complain because if you tried to use the outer volume if you're going to actually add stuff to it this could definitely be problematic cuz you've taken up so much space for the hidden volume that it's made it so you can do almost nothing with the outer volume at all so it's gonna definitely complain if you do that I'm gonna go ahead and click no I will now pick 80 megabytes so this is ten megabytes less but it's enough that veracrypt will no longer complain about that probably so 80 megabytes will pick that click Next now this is important you need to pick a really good password for this like you did for the other one but it needs to be a different password so if you take this volume and you mount it with the outer volumes password it will mount the outer volume but if you take this volume and you mount it with the hidden volumes password it will mount the hidden volume instead so I'm gonna use a different password in this I'm going to use I'm a secret I am a secret I'm a secret obviously in the real world use a proper password or passphrase please but in this case it needs to you need to be sure that it's a different password than the one you used for the outer volume click Next again veracrypt will complain you should always use 20 or more characters click yes select exFAT for the file system do not select NTFS select exFAT chances are you do not want to use NTFS for this type of file system so click exFAT move your mouse randomly as usual got to get some random stuff in there so it makes it harder for people to brute-force once that bar fills up all the way click format again it will ask for administrator permissions click yes and after a short time it will show that you are squared away and the volume has been created I have placed a link in the description below to that security requirements and precautions page on very crypts documentation it's like I recommend highly that you go and read that because hidden volumes need special care so make sure you go read that click OK and you're good if you click next it'll just take you back to the beginning of the wizard again go ahead and click cancel now you'll see this time it has not actually mounted your drive so go ahead and pick a drive letter to mount it to it doesn't matter which one I'm just gonna pick F I will click select file so if I select my file I gotta go to my desktop gotta go to encrypted drives the folder where I place that and select the outer volume click open to mount our new hidden folder remember that we need to enter I'm the secret as the password not password so click mount and enter I'm a secret click OK your new Drive should mount it might take a little bit and there it is and we can verify that this is a hidden volume by noticing where it says type right there says hidden so veracrypt knows this is a hidden volume it understands that if you want to use that hidden volume we can open file explorer scroll down and you should now see the F Drive click on that and here is my hidden volume please note that the files that we placed in the outer volume are not seen here that's because this is the hidden one not the outer one so I can right click new text document on my hidden file and hit enter to finish the file name so now here I have a text file that is in my hidden volume not in the outer volume unless I use I'm a secret for the password people cannot see this but it's important to note that not only can they not see it they cannot even tell that this Drive or this volume exists in the file that you created for the outer one there's plausible deniability there you can just say hey I don't have hidden stuff go ahead and close File Explorer and we'll go ahead and dismount our hidden volume and just for fun let's go ahead and mount the outer volume so it will still remember what we're talking to it already it knows what the file is that we're gonna use so just click mount again and this time put in the password for the outer boy password now before you click OK click on mount options and you'll see that if you go to mount options you actually have a way that you can select protect the hidden volume against damage technically you should always select this if you are opening your outer volume and you're gonna try and change its contents if you don't do this there is nothing that will stop the outer volume from screwing up your hidden volume that would be bad so I'm gonna go ahead and select this and we have to put in the password to the hidden volume I'm a secret and click OK and click okay again and now it will actually mount the outer volume now the outer volume is set to protect the hidden volume at this point because of what we did it's not gonna mount the hidden volume with that password it just goes and checks up some headers and things to make sure that it knows where it can and cannot write to so as you can see veracrypt tells us hey you know we're gonna check and make sure that you're not gonna damage anything but understand that if you actually do get the warning that it's protecting it basically that's bad and you may have to restart windows once you get that warning because it's basically blocking Windows from writing to that drive so go ahead and click OK and you'll see that it actually says it's the outer volume here now just for fun let's go ahead and try and hose this thing up if you have some stuff that you can copy into here you can or you can just watch if you don't want to do this one yourself I'm gonna go ahead and open up file explorer one more time scroll down go find my local disk and as you can see my outer volume stuff is showing up right there I'm a password I'm a secret remember these are the files from our outer volume so we know we're talking to the outer volume not the hidden one I'm gonna go ahead and open up file explorer one more time in a new window go to my pictures directory here and I'll go grab some bunch of pictures and I will attempt to copy all these pictures into the outer volume and you'll see it'll fail miserably because I don't think there's enough space for all this stuff so I'll just drag it over and I'll drop it and it'll give me the complaint because I'm using exFAT and I'm using NTFS is my main filesystem it's ok just means there's some properties aren't gonna copying it's giving you a warning about that we can go ahead and copy it doesn't matter so do this for all current items click yes and it will fail miserably so not the best grammar in the world but as you can see data were attempted to be saved to the hidden volume area so I protected it so basically the whole thing is an outright protected so you can't go mess with it and you basically made it so you're gonna probably have to restart windows because windows hates having that kind of an error come up it basically is getting write fail errors and windows does not like that you probably don't really have to restart modern windows operating systems but Windows 7 and below yeah maybe you'd better restart but it's not bad advice it's not bad advice just have you restart so I'll go ahead and click OK and you'll see that you now have an exclamation point I'll close my file explorer windows we don't need those open anymore you'll see you now have an exclamation point next to the outer because it's telling you that oops something went horribly wrong it had to use its protection so again when you mount the outer volume make sure you always use that protection option because otherwise you literally can overwrite your hidden volume and that's probably not what you want to do all right very good we're good to go I'm gonna go ahead and dismount my volume here we're just mounted and closed veracruz thank you very much make sure to subscribe if you enjoyed and tell your friends and I hope to see you again thank you
Info
Channel: Jim Parshall πŸ‡²πŸ‡½ πŸ‡ΊπŸ‡Έ
Views: 39,405
Rating: undefined out of 5
Keywords: VeraCrypt, hidden volume, hidden drive, Windows, Jim Parshall, tutorial, howto, creating, making
Id: _bsZA_Rbar4
Channel Id: undefined
Length: 21min 11sec (1271 seconds)
Published: Thu Apr 20 2017
Related Videos
VeraCrypt Encrypted USB Drive
ExplainingComputers
198K
How to Encrypt USB flash drive or hard drive - VeraCrypt
Cyber Moose
47K
I Built This From A 1972 Popular Mechanics Magazine Plan. Does It Work?
Fireball Tool
2.2M
Special Lecture: F-22 Flight Controls
MIT OpenCourseWare
2.2M
Former CIA Officer Will Teach You How to Spot a Lie l Digiday
Digiday
14M
Attacking Encrypted USB Keys the Hard(ware) Way
Black Hat
34K
How To Speak by Patrick Winston
MIT OpenCourseWare
5.1M
How Hidden Technology Transformed Bowling
Veritasium
8.5M
Veracrypt full disk encryption.
Asid's Tech Tips
30K
How to Install a Hidden Windows 7 Operating System with VeraCrypt - Guide
Open Source Technology Improvement Fund
16K
How to Create an Encrypted USB with VeraCrypt
Make Tech Easier
37K
Inside the mind of a master procrastinator | Tim Urban
TED
45M
How does a USB keyboard work?
Ben Eater
1M
Ink Cartridges Are A Scam
AustinMcConnell
9.9M
Glitterbomb Trap Catches Phone Scammer (who gets arrested)
Mark Rober
50M
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.