This project has moved and is read-only. For the latest updates, please go here.

Basic Questions on Converting TrueCrypt Volumes

Topics: Users Discussion
Apr 27, 2016 at 8:44 PM
I've only just discovered there were two TrueCrypt and VeraCrypt vulnerabilites discovered some months back regarding their drivers, which have since been patched in VeraCrypt. As I have learned, one way to convert TrueCrypt volumes to VeraCrypt volumes is to change the password via VeraCrypt (with TrueCrypt Mode selected).

Question: How distinct must the new password be from the old password? In other words, are there any issue(s) having the new password near-identical to the old password (so I don't have to commit to memory a new long string of characters)?

Regarding the vulnerability, must TrueCrypt be uninstalled from the PC, or is it okay simply never to use TrueCrypt when connected to a network/internet? (I ask this as I have yet to use VeraCrypt.)

Apr 27, 2016 at 9:23 PM
You can keep the same password when converting from TrueCrypt to VeraCrypt, there is no issue in this: even if you keep the same password, a different random volume header key is generated.

As for the vulnerabilities, you have to uninstall TrueCrypt since they can be exploited even of you never use TrueCrypt: what counts is the presence of the TrueCrypt driver on the machine and a malware can use the vulnerability on TrueCrypt driver to get administrative rights and cause more harm.
Apr 27, 2016 at 9:28 PM
Edited Apr 27, 2016 at 9:36 PM

You can convert the TrueCrypt non-system volumes to VeraCrypt as long the TrueCrypt volumes are using format 2.

Mount the volumes in TrueCrypt, using the TrueCrypt GUI, right click on the mounted volumes and select properties. Look for "Volume Format Version".

You must uninstall TrueCrypt and manually remove the TrueCrypt driver from your C:\Windows\System32\drivers directory.