This project has moved. For the latest updates, please go here.

User profile encryption for Windows (remember TCGina?)

Topics: Feature Requests, Users Discussion
Jan 12, 2015 at 9:33 AM
Hi guys,

on typical multi user computers usually you cannot do FDE with strong passwords (Family PC for instance). But with Trucrypt/XP, we were able to mount Truecrypt volumes while logging in.

With TCGina.

-> Windows login directly passed the windows password to truecrypt
-> TC mounted a drive
-> Windows loads the %userprofile% from that drive (user profile path as set in registry)

Any plans to revive this? We have never seen this technique for Vista/7, because to my knowledge GINA was replaced by something else.

Would be really great,

thx and best regards.
Coordinator
Jan 12, 2015 at 11:29 AM
Hi,

I was not aware of TCGina nor this type of usage for encrypting the user profile.

In order to have a similar functionally, a credential provider must be implemented for Vista/7/8 in order to add fields and options to mount the volume containing the profile.

More generally, the same approach can be used to mount a specific partition before the user login. There was feature request for this on Sourceforge: http://sourceforge.net/p/veracrypt/discussion/features/thread/bdc843b0/ . For this user, the idea was to load programs installed on a VeraCrypt and that are configured to autostart when a session is opened.

Developing a credential provider takes time, so it can't be dealt with in VeraCrypt currently. But contributions are welcomed on this side as it was the case in TrueCrypt.