This project has moved and is read-only. For the latest updates, please go here.

Changing password of non-system volume requires wipe mode - does it just wipe the header or the entire drive/partition?

Topics: Technical Issues, Users Discussion
Dec 22, 2016 at 11:22 PM
Edited Dec 23, 2016 at 1:42 AM
Hello,

I'm looking to change the password of a non-system volume (an internal hard drive that is fully encrypted). I want to allow it to auto-mount so that I can have the majority of my programs run from it instead of my SSD.

The only concerning thing is that during the process it makes me choose a "Wipe Mode" (at the bottom): Image

Does that just wipe the header (I believe that is what its called?) or does it wipe the entire drive? I've been searching for answers but can only find somewhat related topics.

I feel like it does not wipe the whole drive, but I figure I should be 100% sure before risking it.

Thank you!

--Edit--

After doing some more digging, I'm like 100% sure that it doesn't wipe the data. According to https://veracrypt.codeplex.com/wikipage?title=Program%20Menu (I don't know why it took so long for that result to show up lol):

"Allows changing the password of the currently selected VeraCrypt volume (no matter whether the volume is hidden or standard). Only the header key and the secondary header key (XTS mode) are changed – the master key remains unchanged. This function re-encrypts the volume header using a header encryption key derived from a new password. Note that the volume header contains the master encryption key with which the volume is encrypted. Therefore, the data stored on the volume will not be lost after you use this function (password change will only take a few seconds).

Note: When VeraCrypt re-encrypts a volume header, the original volume header is first overwritten many times (3, 7, 35 or 256 depending on the user choice) with random data to prevent adversaries from using techniques such as magnetic force microscopy or magnetic force scanning tunneling microscopy [17] to recover the overwritten header (however, see also the chapter Security Requirements and Precautions)."

--Edit 2--

Password changed and all of my data is still there. A suggestion would be to add some information when hovering over the wipe mode option. It would be helpful for it to offer clarification that the data won't be erased (in the volume change password option). Because when I read "Wipe Mode" I think that it will wipe the entire disk, and I'm sure I'm not the only one. Either way, I'm just happy it worked!
Dec 23, 2016 at 4:16 AM
Edited Dec 23, 2016 at 4:18 AM
I am writing this as a reply since I am not 100% sure if it is related to me changing my password or not.

When I look at "This PC" it shows the mounted drive as a floppy disk drive:

Image.

I believe this happened on my second reboot after changing the password. From what I can tell so far, it is perfectly functional. I can't seem to find any cause for this, does anyone have any ideas?