PIM stands for "Personal Iterations Multiplier". It is a parameter that was introduced in VeraCrypt 1.12 and whose value controls the number of iterations used by the header key derivation function.
PIM is used by volumes even if the creator of the volume did not specify a value. It is an optional component that improves security: it adds another step to the authentication process similarly to two-factor authentication. The main difference is that the PIM value is fixed and not generated on the fly when requested. An attacker needs to know the master password and the PIM, if not set to default, to breach the encryption successfully and access the content of the drive or partition.
A couple of good reasons exist to change the PIM value:
Thankfully though, it is relatively easy to change the PIM of any VeraCrypt volume. The function is linked to the password; if you change the password of a volume, you may change the PIM as well.
Here is how that is done in detail:
It is still possible to use an old VeraCrypt Rescue Disk, if it exists, to restore the system partition or drive using the old password. It is recommended to delete the old Rescue Disk and create a new one.
While you are at it, select Tools > Backup Volume Header as well. The process is identical to how that was done under TrueCrypt.
Both processes require elevation. You are asked to move the mouse to generate a random pool. Select continue once you are satisfied; VeraCrypt highlights the progress and you should not end it before the bar turns green.
The encryption software displays a success (or failure) message afterward.
That's all there is to the process. You may want to test the boot or mount speed after the operation. If it takes too long you may want to consider reducing the PIM value to speed it up.
You need to check the "use pim" box when you mount a volume to specify it, or type it during the boot process.
Now You: do you use drive encryption software?Advertisement
Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.
We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats or subscription fees.
If you like our content, and would like to help, please consider making a contribution:
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.