This project has moved. For the latest updates, please go here.

Favorite Volumes Slower To mount.

Topics: Technical Issues
Dec 7, 2014 at 6:31 AM
I have two containers (files) of equal size (10GB) and different passwords but of same length.
One is on the PC the other on a USB thumb drive.

Before attaching the Thumb Drive I use my hotkey set-up to launch Favorites.
The PC container takes about 25 secs to mount.

I then attach the Thumb Drive and use the Favorites hotkey.
The Thumb Drive container also takes about 25 secs to mount.

(Entering the wrong password takes about 75 secs before I'm advised of it).

Now when I attach the Thumb Drive and use the Favorites hotkey this is what happens.
About 25 secs to mount the PC container.
I now wait about 75 secs for the next window to pop up to enter the password for the Thumb Drive container.
The Thumb Drive container then takes the expected 25 secs or so to mount.

Would it be possible to reduce that 75 sec wait before the second password pop-up window.

The longer wait if incorrect passwords are entered is that normal/expected.
Dec 7, 2014 at 10:42 AM
Reading / writing to a flash drive is always slower than a hard disk.

The time taken when you input an incorrect key is because VeraCrypt has to check all hash types before knowing you have supplied the wrong password.

Enjoy the wait :) The time taken should fill you with confidence, certainly not a concern. VeraCrypt has an anti brute force feature which is much stronger than competitors. The time delay may seem a lot to you but imagine how an attacker feels having to wait that amount of time to try each password candidate in their multi million entry password list ???

If you want faster access then you could choose a less secure product like TrueCrypt, otherwise wait until VeraCrypt offers the ability for the user to select hash type on entering the password.

Either way, VeraCrypt will always take longer to open a container, I for one am VERY grateful for that.
Dec 7, 2014 at 2:50 PM
Hello Mr Flot,

From your description, it appears that you enabled the "Cache passwords and keyfiles in memory" option when you entered the password for the file container located on the PC. When you attempted to mount the file container on the USB drive, you had to wait for the cached password to fail trying each of the three hash algorithms before being prompted for the password.

You can avoid the password wait for the USB drive by not using the cache feature or use the same password for both file containers if want to use the cache passwords option.

After you mount the file containers with cache passwords, it is recommended that you clear the cache from the GUI or setup a hot key to clear the cached passwords.

Kind Regards,
Enigma2Illusion
Dec 9, 2014 at 11:56 PM
Edited Dec 9, 2014 at 11:57 PM
Thank you L0ck but I think you missed the point. The longer wait when incorrect passwords are entered is acceptable - I just wanted to make sure that there was nothing wrong at my end (e.g. interference from other programs).

Thank you Enigma2Illusion. I do not have "Cache passwords and keyfiles in memory" enabled for either file. Could it be that Veracrypt is caching passwords and keyfiles in memory although I do not have it enabled.

In case I was being ambiguous the main point is if I mount the two files separately they take an equal amount of time to mount, regardless whether or not I go through "Mount Favorite Volumes". Total about 50 secs to have volumes mounted.
If I want to mount both files by totally relying on "Mount Favorite Volumes" there will be an additional 75 sec delay between the time when the first volume mounts and the time the window pops up requesting the password for the second volume. Total about 125 secs to have both volumes mounted.


In Preferences I do not have "Cache passwords in driver memory" enabled.
I do have "Open explore window for successfully mounted volumes" enabled. That's how I know when to time how long it takes to mount the volume.
Dec 9, 2014 at 11:59 PM
What version of VeraCrypt are you running and what version of Windows including 32 or 64 bit is running on your PC?
Dec 10, 2014 at 12:06 AM
Veracrypt 1.0e, Windows 7 Pro on the PC and Windows 7 Home Premium on a laptop, both 32 bit.
Dec 10, 2014 at 12:18 AM
Edited Dec 10, 2014 at 2:27 PM
I have recreated the problem on my PC using VC 1.0e with Windows 7 Pro 64 bit.

Let me check if TrueCrypt behaves the same way. I will update this post with my findings.

UPDATE:
I concur with Mr Flot. Both TC and VC have the same behavior. However, TC's delay is only .5 to 1 second due to its low iteration count for the hashes.

Procedures To Recreate Delay
  1. Create a 10 MB file container on HDD using AES, SHA512 and NTFS format. Password: 123456789
  2. Create a 10 MB file container on thumb drive using AES, SHA512 and NTFS format. Password: 987654321
  3. Manually mount both volumes and add them to Favorites.
  4. Dismount the two volumes.
  5. Mount Favorite volumes. (I had the HDD as the first volume.)
  6. Enter the password 123456789 (The volume mounts, however there is extra delay before being prompted for the second volume's password.)
  7. When prompted for the second volume, enter the password 987654321 which will mount in the same time as manually mounting the volume.
Changing the password of the USB file container to match the HDD container and using Mount Favorites resulted in both mounting in the same time as if you mounted them manually back-to-back.

So it would appear that the Favorites does temporarily cache the password of the first volume to be mounted for the remaining volumes even when you have not selected the "Cache passwords and keyfiles in memory" option.

I created a third volume to confirm this by making the first two volumes with the same password and the last volume with a different password.

Bug or feature?

The documentation hints that it caches the password for System Favorites, but does not explicitly outline this behavior for Favorites.
Note: VeraCrypt will not prompt you for a password if you have enabled caching of the pre-boot authentication password (Settings > ‘System Encryption’) and the volumes use the same password as the system partition/drive.
.
Edited to clarify statement about TC having the same behavior to avoid confusion.
Dec 10, 2014 at 2:08 AM
FYI: Actually I used the same method with Truecrypt and did not encounter that additional delay. As a matter of fact the second password requesting window was instantaneous, as soon as I entered my password in the first window and hit return the second window would pop up.

Though Veracrypt is still my preferred program now. No longer use Truecrypt and have no intentions of using it in the future.
Dec 10, 2014 at 2:25 PM
Edited Dec 10, 2014 at 2:28 PM
Sorry, I should have clarified by statement about TC. TC does have the same behavior but with a very short delay. More like a .5 to 1 second pause due to the low iteration counts for the hash.

I will modify my post to clarify my statement. Sorry for the misunderstanding.
Dec 10, 2014 at 11:14 PM
Thank you for clarifying that.
When I posted initially, like you I wondered if the post should be entered under Technical Issues or Feature Requests.

I'm happy to keep mounting the files individually to save time if it means greater security.
Dec 11, 2014 at 12:23 AM
Edited Dec 11, 2014 at 5:56 PM
My thinking is that Favorites should not cache the password unless you explicitly select the option during the mounting phase. I understand the System Favorites has a different process as it is expected to first try to mount the volume using the system password entered at boot-up prompt.

Does anyone think this should be reported in the Issues?

Edited: I open a ticket regarding this issue. It does not seem proper that auto caching should occur unless you have enabled the opinion for either System Favorites or Favorites respectively.

https://veracrypt.codeplex.com/workitem/22
Jan 3, 2015 at 5:32 PM
I tend to disagree that having a 50 second delay in mounting a volume is necessarily a good feature, especially for those users who are just starting. A delay that long with little or sometimes not feedback does not give the user a comfortable feeling that VC actually is working properly. There have been at least a couple of times when VC did not open the encrypted volume at all. A delay perriod of around 5 seconds should be sufficiently adequate to prevent any type of brute force keyword attack.

Before I entrust my files completely to VC, I want to have a warm and fuzzy feeling that it will always work as expected. so far, I have not gotten that feeling.
Jan 3, 2015 at 6:01 PM
Edited Jan 3, 2015 at 6:02 PM
drhynard wrote:
I tend to disagree that having a 50 second delay in mounting a volume is necessarily a good feature, especially for those users who are just starting.
.
Why should users "just starting" not be provided with the good quality security this "delay" represents ?

.
There have been at least a couple of times when VC did not open the encrypted volume at all.
.
VC can not be held responsible for user error, you need to supply the correct password, unless you are claiming there is a reproducible bug ?

.
A delay perriod of around 5 seconds should be sufficiently adequate to prevent any type of brute force keyword attack.
.
How have you arrived at this arbitrary figure ?

.
Before I entrust my files completely to VC, I want to have a warm and fuzzy feeling that it will always work as expected. so far, I have not gotten that feeling.
.
VC always works as expected for me, what reproducible errors have you found ?
Coordinator
Mar 5, 2015 at 11:18 PM
This has been fixed as discussed in the corresponding ticket: https://veracrypt.codeplex.com/workitem/22
Mar 6, 2015 at 3:31 AM
L0ck, why are you being so antagonistic in your replies?

You are not being helpful.

These are discussion forums, they offer feedback, negative or positive it guides the professionals working on Veracrypt.

I don't know if drhynard has donated to the project or has any intention to but after your last post I could understand it if he did not.