From 0ad5c43eb42f696807b4df0b515f2742831b2c18 Mon Sep 17 00:00:00 2001 From: Mounir IDRASSI Date: Wed, 6 Sep 2023 01:42:23 +0200 Subject: Windows: remove recommendation of keyfiles files extensions and update documentation to mention risks of third-party file extensions. This commit also adds red color to the warning text about keyfiles in keyfiles dialogs. --- doc/html/Avoid Third-Party File Extensions.html | 85 +++++++++++++++++++++++++ doc/html/Documentation.html | 1 + doc/html/Keyfiles in VeraCrypt.html | 1 - 3 files changed, 86 insertions(+), 1 deletion(-) create mode 100644 doc/html/Avoid Third-Party File Extensions.html (limited to 'doc/html') diff --git a/doc/html/Avoid Third-Party File Extensions.html b/doc/html/Avoid Third-Party File Extensions.html new file mode 100644 index 00000000..b339e780 --- /dev/null +++ b/doc/html/Avoid Third-Party File Extensions.html @@ -0,0 +1,85 @@ + + + + +VeraCrypt - Free Open source disk encryption with strong security for the Paranoid + + + + + + +
+VeraCrypt +
+ + + +
+

+Documentation +>> +Avoid Third-Party File Extensions +

+ +
+

Understanding the Risks of Using Third-Party File Extensions with VeraCrypt

+
+

While VeraCrypt provides robust encryption capabilities to secure your data, using third-party file extensions for File Containers or Keyfiles could risk making the encrypted data inaccessible.
+ This guide provides an in-depth explanation of the associated risks, and it outlines recommendations for best practices to mitigate these risks.

+
+ +

Risks Associated with File Containers

+
+

Using a third-party file extension for File Containers exposes you to several risks:

+
    +
  • Overwritten Metadata: Third-party applications may update their metadata, which could overwrite crucial parts of the File Container.
  • +
  • Unintentional Changes: Accidentally launching a File Container with a third-party application could modify its metadata without your consent.
  • +
  • Container Corruption: These actions could render the container unreadable or unusable.
  • +
  • Data Loss: The data within the container might be permanently lost if the container becomes corrupted.
  • +
+
+ +

Risks Associated with Keyfiles

+
+

Similar risks are associated with Keyfiles:

+
    +
  • Keyfile Corruption: Inadvertently modifying a Keyfile with a third-party application can make it unusable for decryption.
  • +
  • Overwritten Data: Third-party applications may overwrite the portion of the Keyfile that VeraCrypt uses for decryption.
  • +
  • Unintentional Changes: Accidental changes can make it impossible to mount the volume unless you have an unaltered backup of the Keyfile.
  • +
+
+ +

Examples of Extensions to Avoid

+
+

Avoid using the following types of third-party file extensions:

+
    +
  • Media Files: Picture, audio, and video files are subject to metadata changes by their respective software.
  • +
  • Archive Files: Zip files can be easily modified, which could disrupt the encrypted volume.
  • +
  • Executable Files: Software updates can modify these files, making them unreliable as File Containers or Keyfiles.
  • +
  • Document Files: Office and PDF files can be automatically updated by productivity software, making them risky to use.
  • +
+
+ +

Recommendations

+
+

For secure usage, consider the following best practices:

+
    +
  • Use neutral file extensions for File Containers and Keyfiles to minimize the risk of automatic file association.
  • +
  • Keep secure backups of your File Containers and Keyfiles in locations isolated from network access.
  • +
  • Disable auto-open settings for the specific file extensions you use for VeraCrypt File Containers and Keyfiles.
  • +
  • Always double-check file associations and be cautious when using a new device or third-party application.
  • +
+
+ +
diff --git a/doc/html/Documentation.html b/doc/html/Documentation.html index e18feb35..b7c09887 100644 --- a/doc/html/Documentation.html +++ b/doc/html/Documentation.html @@ -60,6 +60,7 @@
  • Mounting Volumes
  • Normal Dismount vs Force Dismount +
  • Avoid Third-Party File Extensions
  • Parallelization
  • Pipelining
  • Hardware acceleration diff --git a/doc/html/Keyfiles in VeraCrypt.html b/doc/html/Keyfiles in VeraCrypt.html index eea6939a..5a07bf48 100644 --- a/doc/html/Keyfiles in VeraCrypt.html +++ b/doc/html/Keyfiles in VeraCrypt.html @@ -52,7 +52,6 @@ Allows multiple users to mount a single volume using different user passwords or Allows managing multi-user shared access (all keyfile holders must present their keyfiles before a volume can be mounted).
  • -Any kind of file (for example, .txt, .exe, mp3**, .avi) can be used as a VeraCrypt keyfile (however, we recommend that you prefer compressed files, such as .mp3, .jpg, .zip, etc).

    Note that VeraCrypt never modifies the keyfile contents. You can select more than one keyfile; the order does not matter. You can also let VeraCrypt generate a file with random content and use it as a keyfile. To do so, select -- cgit v1.2.3