This project has moved. For the latest updates, please go here.

Two boot-loader requests

Topics: Feature Requests
Feb 28, 2015 at 4:07 AM
Edited Feb 28, 2015 at 6:47 PM
VC has two very consistent problems in my business environment that are preventing me from switching everyone over from TrueCrypt to VeraCrypt.

1) When the user presses 'ENTER' to attempt a password, please write out something to the console letting the user know VeraCrypt is 'working'. Something like "Logging in...". If the password is correct, then TC normally says "Booting". If it is wrong it says something like "Incorrect password".

2) Allow the selection of a much lower iteration count. I cannot sell to my users an 80 second (that is 1 minute and 20 seconds) log in time to boot their laptops. Please remember that business-class users are not looking to protect our information from GCHQ & NSA. We use full disk encryption to protect against the common thief and some tech-savvy hackers only. There is a very big difference between business-class encryption and military-class encryption, and it would be nice if VeraCrypt understood this huge difference.
Coordinator
Feb 28, 2015 at 10:30 AM
Hi,

Thank you for giving feedback from the business point of view. This is something valuable and very much appreciated.
  1. I agree that the lack of a message indicating that VeraCrypt is processing the password can make users confused. Because the operation length, some TrueCrypt users think that the machine is frozen. I'll add a message "Verifying password..." to the bootloader processing.
  2. This has been already reported previously and I gave my answer to it in different other posts. The short answer is that this is being addressed through the introduction of a dynamic mode that will allow the selection of lower iterations count when the password is long enough (20+ characters, http://tinyurl.com/kssfpvj) and the rewrite of the bootloader which is 16-bit currently (inherited from TrueCrypt) in order to have a 32-bit bootloader that will give us full performance (https://veracrypt.codeplex.com/workitem/27). Hopefully, the dynamic mode will be ready for the next major release expected on April while the bootloader rewrite will certainly need more time.
Feb 28, 2015 at 1:48 PM
Edited Feb 28, 2015 at 1:48 PM
For tracking purposes, I have created a ticket for adding the message "Verifying password..." to the bootloader.

https://veracrypt.codeplex.com/workitem/99

Thank you!
Feb 28, 2015 at 6:41 PM
Thanks guys! I look forward to the upcoming changes :)
Coordinator
Mar 1, 2015 at 10:35 PM
Just to let you know that I implemented the password verification message in the code and it is available in the beta version of the upcoming 1.0f-2 release that can be downloaded from Sourceforge Nightly Builds directory: https://sourceforge.net/projects/veracrypt/files/VeraCrypt%20Nightly%20Builds/
Mar 2, 2015 at 11:21 PM
Thanks, I will install this at home to test it out!!
Mar 4, 2015 at 9:44 PM
Do I need to unencrypt my current system drives and re-encrypt them with the new version to get the new boot loader?
Coordinator
Mar 5, 2015 at 6:02 AM
Every time you install a new version of VeraCrypt, its installer automatically updates the bootloader of your system if it is encrypted with VeraCrypt.
So you don't need to decrypt/encrypt.


Mar 5, 2015 at 5:54 PM
Edited Mar 5, 2015 at 5:54 PM
Ah sweet, thanks. I will install it right now and give it a whirl.