List of TrueCrypt encryption alternatives
If you open the TrueCrypt website right now you are redirected to a page right now stating that TrueCrypt is not secure and recommending that you switch to Microsoft's BitLocker.
It is not clear why the message is displayed on the page, and rumors range from a sad goodbye message by the TrueCrypt authors to a hack or NSA intervention.
As far as facts are concerned, we know the following: The new TrueCrypt 7.2 version has a valid signature that was used to sign older versions as well which may either mean that a key was stolen from a developer, or that a developer used the key to sign the new version.
The new version uploaded to the site appears to be free of malicious code but displays warnings about TrueCrypt being insecure. While that is the case, it is highly suggested to avoid it at any cost.
So what can you as a TrueCrypt user do right now?
If you are running an older version and not version 7.2 you could wait for things to unfold. It is probably the easiest option right now, and unless you are in a situation where you need to be sure that the encryption used is not vulnerable to attacks, waiting a couple of days for official statements or additional information is probably the best course of action.
If you do not want to wait for whatever reason, you may switch to a different encryption program.
First thing you may want to do is decrypt the hard drive. This is only possible for the system partition and not for other partitions or hard drives.
- The device should be mounted already considering that it is the system partition.
- Right-click on it in the TrueCrypt interface and select Decrypt from the context menu.
- Follow the wizard to decrypt the drive so that it is no longer encrypted.
What can you do if you have encrypted a non-system partition?
Unfortunately, not a lot. The only feasible solution that I'm aware of is to mount the drive on the system and copy the files stored on it to another hard drive.
This works only if you have enough free storage space on other hard drives available for the operation. TrueCrypt does not support the decryption of non-system partitions, and there does not seem to be another way around this limitation.
TrueCrypt alternatives
0. VeraCrypt
VeraCrypt is based on TrueCrypt code. The developers support the TrueCrypt format and have fixed vulnerabilities found during the TrueCrypt audit.
My preferred solution right now.
1. DiskCryptor
The program can encrypt system partitions and non-system partitions supporting all recent versions of the Windows operating system, third-party boot loaders and a lot more.
DiskCryptor supports several encryption algorithm and combinations, hardware AES acceleration if supported by the system, and full support for external storage devices.
This is my favorite right now as it comes closest to TrueCrypt's functionality.
2. AxCrypt
The program cannot encrypt partitions but only individual files. While not a full alternative to TrueCrypt, it can be used to encrypt important files on the system. The program uses AES 128-bit encryption and supports key-files as well.
3. AES Crypt
Available for Windows, Mac, Linux and mobile operating systems. It supports file-based encryption only which means that you can right-click files on your system to either encrypt or decrypt them.
Bitlocker is part of Windows Enterprise and Ultimate editions only, and Pro versions on Windows 8. Claims that Bitlocker has a built-in backdoor for law enforcement and other agencies have never been proven, but it does contain recovery key functionality which can be used to decrypt drives protected by it and may be stored on Microsoft servers and not locally.
5. Cloudfogger
Specifically designed to protect data that you synchronize with cloud services such as Google Drive, OneDrive or Dropbox. It uses 256bit AES and will detect supported cloud providers automatically after installation. Not available for Linux.
6. BestCrypt Container Encryption (commercial)
The program is not free. It supports Windows, Mac OS and Linux, and can create encrypted containers on your drive similarly to how TrueCrypt handled encrypted containers. Supports the creation of multiple encrypted containers which can all be mounted as virtual drives on the system.
Additional features include enhanced hidden containers, full version of wiping and archiving programs, and options to encrypt the Windows swap file.
Supports several algorithms including AES, CAST, Serpent, Twofish and Blowfish.
7. Challenger (free for personal use)
The program can be used to encrypt individual files, folders or drives on Windows. The project website lacks information about ciphers and encryption algorithms used.
8. Cryptsetup
Only available for Linux. Supports TrueCrypt disk formats and others. Source code available.
Now you: Have another alternative not mentioned in the guide? Share it with everyone in the comment section below.
Truecrypt 7.1 <> I read a note from the developers that they had become a warning from the “USA Government” that they had to comply inmediately to the PatrionAct…. work together (build a backdoor) or thou will be punnished is the most severe way by USAlaw as a traytor.
They gave the advice ::
1* to watch the Swiss site, they woult startup from there; nothing found by me.
2* they adviced to use the latest official version “TrueCrypt v7.1a”, that it was still good.
After that I never saw the notice again, couldn’t find it…
[[No proof for this but::
Later-on we in Holland] had several cases of criminal-misuse and childporn that nobody could decipher, not even the big-money from UncleSam. People thought/think that Truecrypt was involved, and the acused criminal would have had less punishment when he passed over the encryption keys ]]
I don’t usually use LifeHacker.com, but the following article about 5 encryption applications came up with a Web search and it seems that VeraCrypt is a good fork of TrueCrypt. Some of the applications are only for MS Windows, but some also work with Linux as well as Mac. Also, the article was first published in February of this year, but updates have been added.
“Five Best File Encryption Tools”, Feb. 8, 2015
http://lifehacker.com/five-best-file-encryption-tools-5677725
Except for AxCrypt, I don’t know these applications, not having used any of the others. I’ve read about some of the others in the past, but of the applications recommended in the article, AxCrypt is the only one that I’ve actually used for encryption. I’ve used 7-zip, but only for archiving, not encryption. I didn’t previously know that 7-zip provides encryption and used it for several years.
It seems to be a good article and I’ll leave it to others, here, to check it out and comment about it. I haven’t been a big user of encryption, so the ball is now handed over to you.
If replying to my post, above, then please use this one, instead. I neglected to check the Notify checkbox for the original post and will now do so.
We’ve used diskcryptor and AEScrypt for years without issues. Before that, Bestcrypt (Finland)was our choice. Believe Bestcrypt was the inspiration for Truecrypt. Bestcrypt is fine, but their packages are expensive and their upgrade support anal.
These days I’m trying to get more people to just use 7z. It doesn’t have the pedigree of the “name brand” encryption products, but I believe the author tried very hard to get things right. And it’s much easier to talk people into 7z than “real encryption” products.
We also use Seagate FDE drives mounted to the required machines…but I have less confidence in them since the Snowden revelation.
Do you know something about Rohos Mini? http://rohos.com – official site. It can create real hidden partitions on USB drives and virtual encypted disks.
Another application from this free package – Rohos Disk Browser can work even without administrative rights.
The good news is that 2 people in Switzerland have decided to try and keep TrueCrypt up and running. Don’t abandon it just yet!!
Here is the link: https://truecrypt.ch/
The download on the page is simply TrueCrypt 7.1a, but I believe they plan to work on an updated version in the near future.
The new alternative has just appeared. DAEMON Tools Ultra (since 2.4 version) also creates and mounts TrueCrypt images. You can find more on the official site – http://www.daemon-tools.cc/products/dtultra- or in the company’s blog – http://blog.daemon-tools.cc/post/truecrypt-alternative-is-coming-to-daemon-tools-ultra
how about skycrypt? I tried out the free trial on skycrypt.com and it works fine. anybody used this before?
Martin Brinkmann says: “Bitlocker [….] does contain recovery key functionality which can be used to decrypt drives protected by it and may be stored on Microsoft servers and not locally.”
My MS Surface Pro 2 , windows 8.1 tablet displays 4 options to save the key:
– Save to your Microsoft account (I would not recommend this option)
– Save to a USB flash drive
– Save to a file
– Print the recovery key
They’re moving to Switzerland http://www.neowin.net/news/truecrypt-move-to-switzerland-attempting-a-fork
OPSWAT Certified Products | Antivirus, Firewall, Backup, Encryption and more http://www.opswat.com/certified/products#!product=all&os=all&certification=all
This is why I’ve always been a little skeptic about Open Source and Freeware softwares, with some more than others. As I grew older and start to better understand how the world works I became even less of a believer. This is not to say that the Open Source movement is wrong (far from it, and some projects are funded), or that freeware is bad and unreliable(quite the contrary), or that commercial products cannot be discontinued overnight – but there are no free meals in life, maybe just a small bite here and there. While when younger one tends to see things differently and price tag and hype play a big part in the decision making process, when one grows older and becomes more experienced one understands that trust is the fundamental to almost every transaction and decision in life, and there are some business models, and operations, that are generally less reliable than others.
Sad to (potentially) see TrueCrypt go. It was a truly great piece of software. I’m curious to learn what lead to the decision to allegedly discontinue its development (from the message it might be insinuated that MS had something to do with the decision).
I’m pretty convinced that BitLocker has indeed a backdoor built into it (afterall, WIndows is NSA approved), so it is not a solution for some, but for an average/above average user that just wants to encrypt data in case of computer theft/general unauthorized access it is still quite an easy and viable solution, I think.
Common guys, don’t be fooled by such panic.
It has been audited by well respected company not so long ago.
Also instead of looking for alternatives or whatever just relax and wait for the real information what is really going on. And take a quick look here:
https://www.grc.com/misc/truecrypt/truecrypt.htm
Just FYI, seems to give truth/conclusion about what happened with truecrypt
https://www.grc.com/misc/truecrypt/truecrypt.htm
I’m currently using version 7.1a (to encrypt containers not my whole disk) and while I could switch to Bit locker (running Win 8.1 Pro on both my machines) am going to sit tight till the dust settles so to speak. That said my use of this software is not motivated by keeping the NSA or GCHQ (I’m British) out of my sensitive data, but more about protecting it in the event of theft and so on. The whole thing strikes me as very bizarre and if genuine (and not under duress) incredibly unprofessional on the part of TrueCrypt’s developers, no matter how privacy conscious they may be. Hopefully the truth will out in time.
Hi,
I have been using SafeHouse Pro for quite a long time. It’s not buggy, I never lost any data, one can resize containers (if FAT32 formatted), I highly recommend it. There are a few GUI glitches on 7 and not tested by me on 8.x, but overall, I find quite reliable.
I don’t think it encrypts whole drives, it just create safe containers, virtual drives.
I have always been a bit wary of Safe House.
i
May I ask why ?
Hi Martin.
Been looking for alternatives too. I shortlisted DiskCryptor as my next best alternative too prior to your article. I just did not get time to play around with it or install. I just wanted to know if it allows for encrypted containers?
Thanks.
DiskCryptor is also my next alternative, but from what I read, it doesn’t
http://www.hacker10.com/encryption-software-2/diskcryptor-vs-truecrypt-comparison/
http://www.ce-infosys.com/english/free_compusec/free_compusec.aspx
DiskCryptor
Encrypt4all
Exlade Cryptic Disk
Folder Encryption Dog
GiliSoft Private Disk
G-Soft Easy Crypter
HiTek Software AutoKrypt
idoo Full Disk Encryption
Jetico BCArchive
Jetico BestCrypt
KakaSoft KaKa Private Disk
Kruptos 2
NCH MEO Encryption Software
Odin HDD Encryption
Odin U Disk Encrypt Creator
PC-Safety Advanced File Vault
Rohos Disk Encryption
SafeEnterprise ProtectDrive
SafeHouse Professional
SecurStar DriveCrypt
Steganos Safe Professional
Symantec Encryption Desktop Professional
Utimaco SafeGuard Easy
Utimaco Safeware AG PrivateDisk
ZardsSoftware SafeKeeping
AbelsSoft CryptBox Pro
AxCrypt
Comodo Disk Encryption
Dekart Private Disk
How about veracrypt? (http://sourceforge.net/projects/veracrypt/)
Personally I am considering a commercial solution (Jetico) but $100 is pretty steep seeing as I’ve used Truecrypt freely since version 4.0.
I hope Mr. Brinkmann will do a review of this first; this, VeraCrypt.
I just discovered this one earlier today (from GRC’s Blog) and it looks promising as it is actually Based on TrueCrypt but it notches it up a little!
To replicate encrypted container files you can use BitLocker on VHDs (virtual hard drives). This is what’s suggested on the modified TrueCrypt site.
As an alternative Diskcryptor also works on VHDs (as well as on disk partitions). The mounting process for VHDs is a bit more convoluted than using BitLocker.
Neither of those are cross platform., sadly.
What about Symantec Full Disk Encryption? It is commercial ware but is based on PGP….
i’m staying with truecrypt until i know for a fact this isn’t something to make money for bloggers off of by reporting a story that makes no sense.
@theMike
I totally agree with you on this one but I am also looking at another free utility that is based on Truecrypt!
TR
I highly doubt it’s “something to make money for bloggers” considering that truecrypt.org had a sudden change, with a “decrypt only” version 7.2 and matching keys…
The story makes no sense because the story makes no sense, I wouldn’t know how to make any sense to what happened with truecrypt. This is an intriguing mystery though.
http://en.wikipedia.org/wiki/FreeOTFE ? But web site is offline ?
I saw this one but it does not seem to have been updated for more than two years.
7-Zip can encrypt files and folders with AES-256. Don’t know how good it is.
The issue with that is that they will be extracted to unencrypted space to view or edit. I used to rar everything before I learned about truecrypt, it’s not an easy or secure task, but works good for archiving.
I guess I am kind of lucky that this whole thing happened now as I was soon going to encrypt the rest of my drives on my server.
Guess I will wait and see what happens if any new news unfolds and what iSEC says after they finish their full audit.
I don’t use encryption software and may be I don’t know enough about it but the very thought of encrypting the system partition is frightening. As far as I know, if the encryption key gets lost, your system partition is done (gone forever).
Martin, you need to fix the wacky code for HTML lists in the Mobile version of Ghacks. They cause the page to be extended with blank space (lots of it) before and after a list. I need to scroll continuously for 2 minutes – just to get to comments. I would like to state that I am using IE 11 Mobile ( WP 8.1 DP fully updated) and the issue did not occur with IE 10 Mobile (WP 8). Though I still believe it’s a fault on the website, because lists on Ghacks Desktop site render fine in IE 11. I hope you can do something about it.
Just make backups (encrypted). You should do them anyway. Hard disks tend to fail.
There is nothing frightening there. I have never used truecrypt but LUKS/cryptsetup works nicely on GNU/Linux.
Encrypting the whole system might be easier. I don’t have to worry about it. It is fully transparent for the end user. I only have to enter passphrase before booting. Actually, I prefer entering password before OS boots to entering it somewhere in the middle of boot process.
Also, it is safer because your documents won’t be accidentally written to unencrypted swap/page file.
SMART certainly helps but not always. E.g. once I accidentally put external GPS device onto my laptop. It turns out that GPS had a magnet inside (so that it can be attached to metallic surfaces) and my hard drive inside the laptop just stopped working.
But well, different people have different needs/use cases. I just value my files a lot…
I don’t have an external hard disk. Yes, hard disks do fail and I had a hard disk fail on another laptop (old one) but the S.M.A.R.T. capability in the hard disks (I think the technology is still known by the same name) alerted me weeks before and I managed to get the important stuff before it failed. So hard disks are pretty reliable at that. Any important document of mine is either created with Office Online or stored on OneDrive. Now this isn’t exactly backup to the cloud, I have some 10-20 files there and they are there because I might need remote access to them – not because I am afraid of losing them if they are on my computer.
My point is why encrypt the system partition? Encrypt any important personal data – and leave the OS alone. Unless someone has some really confidential business work/personal data on the system, I don’t see a point in encryption of anything.
Boxcryptor may be worth a look as an alternative to Cloudfogger.
https://www.boxcryptor.com/en
CryptSync can be used to sync encrypted copies of files to a cloud service.
http://stefanstools.sourceforge.net/CryptSync.html
Viivo from PKWare is another one if you’re encrypting for the cloud. http://www.viivo.com/ I’m going to miss Truecrypt’s containers, which I synchronized to the cloud.
I used Cloudfogger in the past but it hasn’t been updated since 2012, and I got no response from the developers. I think the project is dead.
​What about Cryptic Disk, guys?
Cryptic Disk 4 is free. Embedded TrueCrypt support:
http://www.exlade.com/cryptic-disk
This is the link: http://www.exlade.com/cryptic-disk
Cannot really say much about it as I have not used it. It is commercial and seems to support all core features of TrueCrypt including deniable encryption, plausible deniability and whole disk encryption but seemingly no system partition encryption.
Yikes! . . . and it’s also Expensive – – especially for the Ultimate edition which bundles the other versions of this software (into one program)!