VeraCrypt

Full-disk and volume encryption. The successor to TrueCrypt.

Open source

Strong

https://veracrypt.fr · Reviewed 2026-04-02 · Editorial assessment by Mike Schneider — based on public security research and audits

What should journalists know about VeraCrypt?

VeraCrypt is the gold standard for encrypting storage volumes. Two independent audits — QuarksLab (2016, funded by OSTIF/EU-FOSSA) and Fraunhofer SIT for Germany's BSI (2020) — found no serious cryptographic flaws. The FBI has stated in court filings it cannot break VeraCrypt and has no backdoor. No publicly documented case exists of VeraCrypt encryption being defeated through cryptanalysis. The hidden volume feature (plausible deniability) remains unique among encryption tools, though it has real forensic limitations journalists should understand. Current version 1.26.24 (May 2025) adds RAM encryption for master keys on 64-bit Windows, cold boot attack mitigation, and screen capture protection. The project is maintained primarily by one developer (Mounir Idrassi at IDRIX), which is both its strength (small attack surface, no corporate pressure) and its risk (bus factor of one). For border crossings with sensitive materials, VeraCrypt on an encrypted USB remains standard operational security.

Best for

Encrypting hard drives, USB drives, or creating encrypted containers for sensitive documents. Protecting data if devices are seized at borders or during raids. Cross-platform encrypted volumes that work on Windows, macOS, and Linux. Creating hidden volumes for plausible deniability in hostile environments.

Not for

Beginners — the interface is complex and a misconfiguration can mean permanent data loss. Quick file sharing (use Signal). macOS users who only need full-disk encryption (FileVault with Apple Silicon hardware encryption is simpler and faster). Enterprise environments needing centralized key management (BitLocker or LUKS with Clevis are better fits).

Security & Privacy

Encryption in transit Yes

Data is scrambled while being sent to their servers

Encryption at rest Yes

Data is scrambled when stored on their servers

Data jurisdiction Local only. All encryption and decryption happens on your device. No data leaves your machine. No accounts, no servers, no telemetry.

Where servers are located — affects which governments can request your data

Security rating Strong

No network connectivity, no telemetry, no accounts, no crash reporting by default. VeraCrypt is a local application that never contacts a server. The 1.26.24 release added optional crash reporting via a separate VeraCrypt-CrashCollector tool, but it's opt-in only.

How to protect yourself:

Use strong passphrases (20+ characters). Enable cascaded encryption (AES-Twofish-Serpent) for maximum protection against future cryptanalytic advances. Use hidden volumes for plausible deniability — but understand their limits (see Known Issues). On 64-bit Windows, enable RAM encryption in Performance settings to protect master keys against cold boot attacks (10% memory overhead). Back up volume headers to a separate secure location — a corrupted header means permanent, irrecoverable data loss. Never leave volumes mounted when crossing borders. On macOS with Apple Silicon, use FUSE-T instead of macFUSE for better compatibility. Use PBKDF2-SHA512 or PBKDF2-Whirlpool with high iteration counts (500,000+ for non-system volumes by default).

Two independent security audits (QuarksLab 2016 for EU-FOSSA, Fraunhofer SIT 2020 for German BSI) found no serious cryptographic vulnerabilities. FBI has stated in court it cannot break VeraCrypt and has no backdoor. No publicly documented case of VeraCrypt encryption defeated through cryptanalysis. Supports AES, Serpent, Twofish, and cascaded combinations with 500,000+ PBKDF2 iterations. RAM encryption for master keys available on 64-bit Windows (since v1.24). Active development: v1.26.24 released May 2025 with screen capture protection and ARM64 SHA-256 acceleration. Hidden volume feature provides plausible deniability unique among encryption tools, though with forensic limitations.

Who Owns This

Owner IDRIX (open-source project maintained primarily by Mounir Idrassi)

Funding Donations, EU grant (EU-FOSSA audit 2016), German BSI grant (Fraunhofer SIT audit 2020). No corporate funding. No recurring institutional support.

Business model None. Volunteer-maintained open source with a solo primary maintainer. Bus factor of one is the project's biggest structural risk.

Known issues

Hidden volume plausible deniability has real limitations: forensic researchers (Kedziora et al., 2017) demonstrated detection via cross-drive analysis, Windows Volume Shadow Copies, and outer volume file system analysis. Deniability fails if the system is seized while mounted. File-hosted containers offer weak deniability because a file of pure random data is inherently suspicious. LUKS uses Argon2 (memory-hard) for key derivation by default, which is more resistant to GPU-accelerated attacks than VeraCrypt's PBKDF2. Forensic tools like Passware Kit Forensic can extract master keys from RAM dumps or hibernation files (hiberfil.sys) — always disable hibernation on encrypted systems. Cold boot attack mitigation (RAM encryption) is Windows 64-bit only and not enabled by default. The BSI/Fraunhofer audit noted RIPEMD-160 is deprecated and code quality could improve. CVE-2024-54187 (path hijacking) and CVE-2025-23021 (mounting on system directories) were fixed in 1.26.18. macOS: no full-disk encryption support — only volume/container encryption. Requires FUSE-T or macFUSE as a dependency on macOS.

Pricing

Free. Open source (Apache 2.0 + TrueCrypt License).

This is an editorial assessment based on publicly available information as of 2026-04-02, using our published methodology. Independent security review is pending. Security posture can change at any time. This is not a guarantee of safety.

Something wrong or outdated? Report it.