VeraCrypt is a free, open-source disk encryption software that evolved from the discontinued TrueCrypt project. Providing enhanced security features beyond its predecessor, VeraCrypt enables creation of encrypted volumes to protect sensitive files and offers full-disk encryption for complete system protection.
The software supports multiple encryption algorithms including AES, Serpent, Twofish, Camellia, and Kuznyechik. Cascading encryption combines multiple algorithms (e.g., AES-Twofish-Serpent) for defense-in-depth approaches. Hash algorithms include SHA-256, SHA-512, Whirlpool, and Streebog.
VeraCrypt creates encrypted containers that mount as virtual drives, appearing as normal drive letters in Windows. This approach allows protecting specific files without full-disk encryption. Container files can be backed up, copied, and moved like regular files while maintaining encryption.
Full-disk encryption protects entire system drives with pre-boot authentication. Without the correct password, the encrypted drive appears as unformatted space. Multi-boot configurations handle systems with multiple operating systems.
Hidden volumes provide plausible deniability by creating secret volumes within standard volumes. Under coercion, the outer volume password reveals decoy data while the hidden volume remains undetectable. Hidden operating systems extend this concept to bootable systems.
VeraCrypt includes protection against cold-boot attacks, memory-only keys that don't persist on disk, and keyfile support combining something you know with something you have. The portable mode runs without installation for secure computing on shared computers.