This project has moved. For the latest updates, please go here.

Boot Password Verification Sluggish

Topics: Technical Issues
Sep 7, 2016 at 3:56 PM
Morning All,

We've deployed VeraCrypt to several of the laptops in our environment and we are seeing a 45-150 second delay after entering the encryption password. We are not using PIM and only using AES to encrypt the drive. I read that using multiple encryption strings causes delays so we only used one.

These delays in verification seemed overly long to me. Any thoughts?
Sep 7, 2016 at 6:59 PM
The delay in boot times has nothing to do with the encryption algorithms, it is due to VeraCrypt uses a higher number of iterations for the hash.

You can read about hash iterations at the link below along with steps to reduce the PIM value by using as password that is 20 or more characters to reduce the mount time for VeraCrypt volumes and boot times.

https://veracrypt.codeplex.com/wikipage?title=Personal%20Iterations%20Multiplier%20(PIM)

Starting with 1.18a version, you can benchmark system encryption for the various hashes with default or custom hashes to determine the estimated boot times for your PC.
Sep 8, 2016 at 9:30 PM
@ Enigma2Illusion

So leaving PIM to default make it highest security? 20+ characters password + default PIM is the best way to go?
Sep 8, 2016 at 10:27 PM
VCuser wrote:
@ Enigma2Illusion

So leaving PIM to default make it highest security? 20+ characters password + default PIM is the best way to go?
I cannot answer your questions since I am not a cryptographer.