Windows 10: VeryCrypt on machine that is UEFI boot
VeryCrypt on machine that is UEFI boot
Have just bought a new laptop which has both UEFI bootloader and Legacy BIOS.
Up until now I have always encrypted the whole system drive with Truecrypt but I understand that TC does not support UEFI boot.
Having looked at the other options, primarily bitlocker and VeraCrypt, my incliniation is to use VeraCrypt.
However I have picked up from my reading that there may be boot issues with VeraCrypt on UEFI booting machines as well. I have posted on the VeraCrypt forum but I have not yet received a response. Does anyone here have any information?
Thanks in advance.
I have UEFI on an HP laptop that 2 yrs old and have used TrueCrypt 7.1a from Day One which I carried over from many yrs prior on other computers. Note: I use for created partitions, not the entire drive, like you propose. Let me know your results. Good Luck
I think that may be the problem....the way manufacturers are implementing boot sequences from boot files is not following a standard path which is what is causing the problems when the boot drive/partition is encrypted. If I can't find out any more I'll give it a go.
How is the BIOS / UEFI configured? Looks like mine is configured for UEFI boot with possibility of enabling legacy BIOS mode. It may make a difference and on earlier laptops it maybe that the transition period configured things differently to laptops being sold now? I'm going to give it a go with Truecrypt first and see what happens. Will post back on results.
Well that was quick. Error message. "Your system drive has a GUID partition table (GPT). Currently, only drives with MBR partition table are supported."
Will try VeraCrypt. But from what I have read there are some people having similar problems with the UEFI boot.
Well that was a waste of time. VeraCrypt would not restart machine for the test verification of bootloader. When started up again got windows message, image not found or somesuch.
What I don't understand is that the big audit of Truecrypt, as I understand it, found little in the way of vulnerabilities. Truecrypt was always reliable and stable - it just worked. Veracrypt devs have apparently found that there are multiple vulnerabilities which are being fixed all the time, the code has ballooned to 8x that of Truecrypt, and now it seems that there are multiple problems and unreliability remaining.
"Well that was quick. Error message. "Your system drive has a GUID partition table (GPT)"
Are you trying to encrypt the entire disk or create a TrueCrypt partition for your data only ? Win10 Pro has Bitlocker disk encryption built in if you want to encrypt the entire system. Otherwise, here are screen shots showing that my disk is GPT and I can use TrueCrypt to mount a partition I created under OneDrive as a hidden partition. I had no issues, at all, either after an Upgrade or after a subsequent clean install. I'd suggest trying to make a TrueCrypt container and see if that works.
Truecrypt on GPT and UEFI bootloader
Was trying a system drive encryption which is what I have done before on old laptop. Truecrypt wouldn't do anything immediately throwing the message I relayed about not supporting GPT.
I have been able, obviously, to encrypt a separate partition on the same drive.
I don't at this stage want to use bitlocker as I do not want to be signed into a MSA all the time, if at all. I understand that bitlocker requires this.
I am at a loss to understand why you can do that and I do not appear to be able to encrypt my system drive....unless what you are doing does not effectively encrypt the system. I think what you are doing is encrypting a folder on C:// whereas what I was doing was encrypting from root C://. I think the latter may involve TC firing up at boot time the former not until after boot time.
TC kicking at boot time with GPT is the problem.
" I think what you are doing is encrypting a folder on C://"
Yes, that is what C;\Users\name\OneDrive\Storage is in my screenshot, a TrueCrypt container with the system drive where I place sensitive data. The computer is password protected out of standby so it's the data, I'm concerned with, not someone altering system files or settings. That's why I asked you to try to make a container/folder to test. It should work, just like in my case.
You can (and I do) use Bitlocker on a machine with entirely Local accounts. It doesn't cause a problem.
If you do have an MS Account setup (I think it may need to be Admin rather than Standard) then Bitlocker gives the option of backing up your recovery keys to the MS Account. But it's an option and not compulsory.
Some machines with Windows 10 Home and above (and indeed Windows 8.1 Core and above) also can have Device Encryption enabled, if the hardware meets the 'InstantGo' specifications. (Which is quite strict - for instance the machine must boot from a non-rotational disk.)
For Device Encryption to switch on, you *do* need a MS Account at Admin level.
But Device Encryption isn't Bitlocker (albeit the underlying encryption is the same, Bitlocker gives you more control) so if you have Win10 Pro, you don't need an MS Account to use Bitlocker.
I want to enable UEFI with Secure Boot and I do have an option to enable Secure Boot.
But how can I tell if I am running UEFI firmware version 2.3.1.c ?
Because to enable Secure Boot, machines must have UEFI firmware version 2.3.1.c
I went to...
Is there currently any way to configure a custom boot logo for UEFI booting? I can only find methods for Legacy users, but no luck with UEFI.
I'm kind of new to custom boot logos, so if anybody could give me some information as to if it's...
I have a Toshiba L755-S5368 Laptop that has no secure boot anywhere in the bios. My Laptop is about 4 years old , I am trying to change the boot graphic in my machine. Can I do this ? If so, How? John
Assume a computer with the UEFI firmware interface.
Assume that during or after a user has upgraded a W8.1 machine to W10 things go horribly wrong - Black screen, Blue screen, No screen. The user now tries to Boot from a USB Emergency Boot Disk...
Remember if you are using VMWARE you can try out a UEFI guest even if your HOST doesn't support it.
In the configuration file set the following
That's it !!!