Page 1 of 2 12 LastLast
  1.    14 Jan 2017 #1
    Join Date : Jun 2016
    Posts : 115
    Windows 10 Pro

    VeryCrypt on machine that is UEFI boot


    Hi

    Have just bought a new laptop which has both UEFI bootloader and Legacy BIOS.

    Up until now I have always encrypted the whole system drive with Truecrypt but I understand that TC does not support UEFI boot.

    Having looked at the other options, primarily bitlocker and VeraCrypt, my incliniation is to use VeraCrypt.

    However I have picked up from my reading that there may be boot issues with VeraCrypt on UEFI booting machines as well. I have posted on the VeraCrypt forum but I have not yet received a response. Does anyone here have any information?

    Thanks in advance.
      My ComputerSystem Spec
  2.    15 Jan 2017 #2
    Join Date : Jul 2015
    Posts : 832
    Windows 10 Home

    I have UEFI on an HP laptop that 2 yrs old and have used TrueCrypt 7.1a from Day One which I carried over from many yrs prior on other computers. Note: I use for created partitions, not the entire drive, like you propose. Let me know your results. Good Luck
      My ComputerSystem Spec
  3.    15 Jan 2017 #3
    Join Date : Jun 2016
    Posts : 115
    Windows 10 Pro
    Thread Starter

    Quote Originally Posted by mrgeek View Post
    I have UEFI on an HP laptop that 2 yrs old and have used TrueCrypt 7.1a from Day One which I carried over from many yrs prior on other computers. Note: I use for created partitions, not the entire drive, like you propose. Let me know your results. Good Luck
    I think that may be the problem....the way manufacturers are implementing boot sequences from boot files is not following a standard path which is what is causing the problems when the boot drive/partition is encrypted. If I can't find out any more I'll give it a go.
    Thanks
      My ComputerSystem Spec
  4.    17 Jan 2017 #4
    Join Date : Jun 2016
    Posts : 115
    Windows 10 Pro
    Thread Starter

    Quote Originally Posted by mrgeek View Post
    I have UEFI on an HP laptop that 2 yrs old and have used TrueCrypt 7.1a from Day One which I carried over from many yrs prior on other computers. Note: I use for created partitions, not the entire drive, like you propose. Let me know your results. Good Luck
    How is the BIOS / UEFI configured? Looks like mine is configured for UEFI boot with possibility of enabling legacy BIOS mode. It may make a difference and on earlier laptops it maybe that the transition period configured things differently to laptops being sold now? I'm going to give it a go with Truecrypt first and see what happens. Will post back on results.
      My ComputerSystem Spec
  5.    17 Jan 2017 #5
    Join Date : Jun 2016
    Posts : 115
    Windows 10 Pro
    Thread Starter

    Quote Originally Posted by kevvyb View Post
    How is the BIOS / UEFI configured? Looks like mine is configured for UEFI boot with possibility of enabling legacy BIOS mode. It may make a difference and on earlier laptops it maybe that the transition period configured things differently to laptops being sold now? I'm going to give it a go with Truecrypt first and see what happens. Will post back on results.
    Well that was quick. Error message. "Your system drive has a GUID partition table (GPT). Currently, only drives with MBR partition table are supported."

    Will try VeraCrypt. But from what I have read there are some people having similar problems with the UEFI boot.
      My ComputerSystem Spec
  6.    17 Jan 2017 #6
    Join Date : Jun 2016
    Posts : 115
    Windows 10 Pro
    Thread Starter

    Well that was a waste of time. VeraCrypt would not restart machine for the test verification of bootloader. When started up again got windows message, image not found or somesuch.

    What I don't understand is that the big audit of Truecrypt, as I understand it, found little in the way of vulnerabilities. Truecrypt was always reliable and stable - it just worked. Veracrypt devs have apparently found that there are multiple vulnerabilities which are being fixed all the time, the code has ballooned to 8x that of Truecrypt, and now it seems that there are multiple problems and unreliability remaining.
      My ComputerSystem Spec
  7.    17 Jan 2017 #7
    Join Date : Jul 2015
    Posts : 832
    Windows 10 Home

    "Well that was quick. Error message. "Your system drive has a GUID partition table (GPT)"

    Are you trying to encrypt the entire disk or create a TrueCrypt partition for your data only ? Win10 Pro has Bitlocker disk encryption built in if you want to encrypt the entire system. Otherwise, here are screen shots showing that my disk is GPT and I can use TrueCrypt to mount a partition I created under OneDrive as a hidden partition. I had no issues, at all, either after an Upgrade or after a subsequent clean install. I'd suggest trying to make a TrueCrypt container and see if that works.

    Click image for larger version. 

Name:	Screenshot_1.jpg 
Views:	20 
Size:	36.8 KB 
ID:	117527Click image for larger version. 

Name:	Screenshot_2.jpg 
Views:	1 
Size:	86.1 KB 
ID:	117528
      My ComputerSystem Spec
  8.    17 Jan 2017 #8
    Join Date : Jun 2016
    Posts : 115
    Windows 10 Pro
    Thread Starter

    Truecrypt on GPT and UEFI bootloader


    Was trying a system drive encryption which is what I have done before on old laptop. Truecrypt wouldn't do anything immediately throwing the message I relayed about not supporting GPT.

    I have been able, obviously, to encrypt a separate partition on the same drive.

    I don't at this stage want to use bitlocker as I do not want to be signed into a MSA all the time, if at all. I understand that bitlocker requires this.

    I am at a loss to understand why you can do that and I do not appear to be able to encrypt my system drive....unless what you are doing does not effectively encrypt the system. I think what you are doing is encrypting a folder on C:// whereas what I was doing was encrypting from root C://. I think the latter may involve TC firing up at boot time the former not until after boot time.

    TC kicking at boot time with GPT is the problem.
      My ComputerSystem Spec
  9.    17 Jan 2017 #9
    Join Date : Jul 2015
    Posts : 832
    Windows 10 Home

    " I think what you are doing is encrypting a folder on C://"

    Yes, that is what C;\Users\name\OneDrive\Storage is in my screenshot, a TrueCrypt container with the system drive where I place sensitive data. The computer is password protected out of standby so it's the data, I'm concerned with, not someone altering system files or settings. That's why I asked you to try to make a container/folder to test. It should work, just like in my case.
      My ComputerSystem Spec
  10.    17 Jan 2017 #10
    Join Date : Jan 2014
    Posts : 1,385
    Windows 10 Pro (32-bit) Insider 16291

    Quote Originally Posted by kevvyb View Post
    I don't at this stage want to use bitlocker as I do not want to be signed into a MSA all the time, if at all. I understand that bitlocker requires this.
    You can (and I do) use Bitlocker on a machine with entirely Local accounts. It doesn't cause a problem.

    If you do have an MS Account setup (I think it may need to be Admin rather than Standard) then Bitlocker gives the option of backing up your recovery keys to the MS Account. But it's an option and not compulsory.

    Some machines with Windows 10 Home and above (and indeed Windows 8.1 Core and above) also can have Device Encryption enabled, if the hardware meets the 'InstantGo' specifications. (Which is quite strict - for instance the machine must boot from a non-rotational disk.)

    For Device Encryption to switch on, you *do* need a MS Account at Admin level.

    But Device Encryption isn't Bitlocker (albeit the underlying encryption is the same, Bitlocker gives you more control) so if you have Win10 Pro, you don't need an MS Account to use Bitlocker.
      My ComputerSystem Spec

 
Page 1 of 2 12 LastLast


Similar Threads
Thread Forum
Custom Boot Logo Windows 10 UEFI Boot Method? (Non-Legacy)
Is there currently any way to configure a custom boot logo for UEFI booting? I can only find methods for Legacy users, but no luck with UEFI. I'm kind of new to custom boot logos, so if anybody could give me some information as to if it's...
Customization
UEFI with Secure Boot (UEFI version) ?
I want to enable UEFI with Secure Boot and I do have an option to enable Secure Boot. But how can I tell if I am running UEFI firmware version 2.3.1.c ? Because to enable Secure Boot, machines must have UEFI firmware version 2.3.1.c I went to...
General Support
Change Boot graphic on machine without UEFI
I have a Toshiba L755-S5368 Laptop that has no secure boot anywhere in the bios. My Laptop is about 4 years old , I am trying to change the boot graphic in my machine. Can I do this ? If so, How? John
Customization
After W10 upgrade revert to W8.1 on UEFI machine
Assume a computer with the UEFI firmware interface. Assume that during or after a user has upgraded a W8.1 machine to W10 things go horribly wrong - Black screen, Blue screen, No screen. The user now tries to Boot from a USB Emergency Boot Disk...
Installation and Upgrade
Solved UEFI VM in non UEFI machine - Yes its possible
Hi there Remember if you are using VMWARE you can try out a UEFI guest even if your HOST doesn't support it. In the configuration file set the following firmware="efi" That's it !!!
Virtualization
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 11:21.
Find Us
Twitter Facebook Google+ Ten Forums iOS App Ten Forums Android App



Windows 10 Forums