TrueCrypt v7.1a

Tutorial and Full Review of TrueCrypt, a Free Disk Encryption Program

TrueCrypt is the best free full-disk encryption program you can download. A password combined with one or more keyfiles can secure every file and folder on an internal or external hard drive.

It also supports encrypting the system partition.

The big "selling" point for TrueCrypt is its ability to hide an encrypted volume inside another, both secured with a unique password, and both accessible without revealing that the other one exists.

TrueCrypt's official website states that the program is no longer secure and that you should look elsewhere for a disk encryption solution. This is repeated by Gibson Research Corporation, which recommends VeraCrypt as a replacement (it's based on TrueCrypt 7.1a). That said, if you want to take the risk, you can still download it above.

More About TrueCrypt

TrueCrypt does everything you'd expect a really good whole drive disk encryption program to do:

  • Works with Windows (10/8/7/Vista/XP), Mac, and Linux operating systems
  • Virtual disk drives in the form of single files can be built and encrypted
  • You can use a keyfile with or in place of a password for added security, such as a folder, file, security token, or smart card
  • Supports AES, Serpent, and Twofish encryption algorithms
  • Advanced settings are available so you can specify when to automatically dismount an encrypted drive, like when you log off, once the screensaver launches, and/or after a certain period of inactivity
  • If interrupted, TrueCrypt can resume the encryption process at a later time

TrueCrypt Pros & Cons

File encryption programs like TrueCrypt are extremely useful, but they can also be a bit complex thanks to the level at which they're working with your data:


  • Can encrypt internal and external hard drives and partitions
  • On-the-fly encryption (OTFE)
  • Drives are easy to mount and dismount
  • Can mount a volume in read-only mode
  • Option to open encrypted volumes with a keyboard shortcut
  • A portable mode is available, which doesn't require installation


  • Software is no longer being updated
  • May be confusing to use for the inexperienced
  • Decrypting a non-system partition requires an external formatting tool
  • Keyfiles can't be used to secure a system partition
  • Original documentation is no longer available

How to Encrypt the System Partition Using TrueCrypt

Follow these instructions to use TrueCrypt to encrypt the portion of a hard drive that's running an operating system:

  1. Go to System > Encrypt System Partition/Drive.

  2. Decide the type of encryption you want to use, and then choose Next.

    TrueCrypt Type of System Encryption screen

    The default selection creates a regular, non-hidden system partition. Learn more about the other option below in the Hidden Volumes in TrueCrypt section and at the Hidden Volume documentation page.

  3. Select what you want to encrypt, and then choose Next.

    TrueCrypt Area to Encrypt screen

    The first option, called Encrypt the Windows system partition will encrypt the partition with the operating system installed, skipping over any others you might have set up. This is the option we'll choose for this tutorial.

    The other option may be chosen if you have multiple partitions and would like them all to be encrypted, like the Windows partition plus a data partition on the same hard drive.

    You might see a message about your system drive containing a non-standard partition. Read the prompt carefully and then choose Yes or No based on your answer.

  4. Select Single-boot, and then Next.

    TrueCrypt Number of Operating Systems screen

    If you're running more than one operating system at once, you'll need to choose the other option, called Multi-boot.

  5. Fill out the encryption options, and then choose Next.

    TrueCrypt Encryption Options

    The default selections are fine to use, but if you want, you can manually define the encryption algorithm on this screen. Read more about these options here and here.

  6. Enter and confirm a password on the next screen, and then select Next.

    TrueCrypt Password screen

    TrueCrypt recommends using a password that's more than 20 characters in length. Don't forget what you've chosen here because this is the same password you'll need to use to boot back into the OS! If you need to, store it in a password manager accessible from your phone.

  7. On the Collecting Random Data screen, move your mouse around within the window to generate the primary encryption key before selecting Next.

    TrueCrypt Collecting Random Data screen

    Moving your mouse around the program window in a random manner is said to make the encryption key more complex. It's certainly an interesting way to generate random data.

  8. Choose Next on the Keys Generated screen.

  9. Save the Rescue Disk ISO image somewhere on your computer, and then select Next.

    If critical TrueCrypt or Windows files ever get damaged, the Rescue Disk is the only way restore access to your encrypted files.

  10. Burn the Rescue Disk ISO image to a disc.

    If you're using Windows 7, Windows 8, or Windows 10, you'll be prompted to use the Microsoft Windows Disc Image Burner to burn the file. If that doesn't work, or you'd rather not use integrated burning, see How to Burn an ISO Image File to a DVD, CD, or BD for help.

  11. Select Next.

    This screen just verifies the Rescue Disk was properly burned to the disc.

  12. Choose Next again, and then once more.

    TrueCrypt Wipe Mode

    The second screen is for choosing to wipe the free space off the soon-to-be-encrypted drive. You can either skip this by choosing the default option or use the built-in data wiper to completely erase the free space on the drive. This is the same procedure that the free space wiping options in file shredder software programs use.

    Wiping free space does not erase the files you're using on the drive. It only makes it less likely for data recovery software to retrieve your deleted files.

  13. Select Test.

  14. Select OK on the Important Notes screen.

  15. Hit Yes to restart your computer.

  16. Select Encrypt. TrueCrypt should have opened automatically once the computer started back up.

    TrueCrypt Pretest Completed screen
  17. Choose OK.

While TrueCrypt is encrypting the system drive, you can still work normally by opening, removing, saving, and moving files. TrueCrypt actually pauses its encryption process automatically when there's any indication that you're using the drive.

Hidden Volumes in TrueCrypt

A hidden volume in TrueCrypt is just one volume built into another. This means you can have two different data sections, accessible by two different passwords, but contained in the same file/drive.

Two types of hidden volumes are permitted with TrueCrypt. The first is a hidden volume contained on a non-system drive or virtual disk file, while the other is a hidden operating system.

According to TrueCrypt, a hidden partition or virtual disk should be built if you have heavily sensitive data. This data should be placed in the hidden volume and encrypted with a particular password. Other, non-important files should be placed in the regular volume secured with a unique password.

In the event you’re forced to reveal what’s in your encrypted volume, you can use the password that opens the "regular," non-valuable files while leaving the other volume untouched and still encrypted.

To the extortionist, it would appear that you have just unlocked your hidden volume to reveal all the data, while in reality, the important content is buried deeper inside and accessible with a unique password.

A similar methodology is applied to a hidden operating system. TrueCrypt can build a regular OS with a hidden one inside. This means you would have two different passwords—one for the normal system and the other for the hidden one.

A hidden operating system also has a third password, which is used if a hidden OS is suspected to be in place. Revealing this password would appear as though you’re revealing a hidden OS, but the files in this volume are still unimportant, "fake" files that don’t actually need to remain a secret.

Thoughts on TrueCrypt

Of the few free full disk encryption programs out there, TrueCrypt is definitely a favorite.

As we mentioned above, the best thing anyone will mention about TrueCrypt is the hidden volume feature. While we agree with this, we also have to praise the smaller features like setting favorite volumes, using keyboard shortcuts, automatic dismounting, and read-only mode.

Something a little bothersome about TrueCrypt is that some things in the program don't work even though they would appear to. For example, the section for adding keyfiles is available while setting up encryption on the system drive but it's not actually a supported feature. The same can be said for hash algorithms during a system partition encryption—only one can actually be chosen even though three are listed.

Decrypting the system partition is easy because you can do it right from within TrueCrypt. When decrypting a non-system partition, however, you must move all your files to a different drive and then format the partition with an external program like Windows or any other 3rd party formatting tool, which seems like an unnecessary, extra step.

TrueCrypt doesn't actually look like it's easy to use because the interface is bland and outdated, but it's really not bad at all, especially if you read through its documentation. The official TrueCrypt documentation is no longer available but most of it can be found at

The portable version of TrueCrypt can be downloaded from Softpedia or you can select "Extract" during setup using the regular installer from the download link below to get the same result.

Was this page helpful?