Operation Manual
37
Hidden Volume
It may happen that you are forced by somebody to reveal the password to an encrypted volume.
There are many situations where you cannot refuse to reveal the password (for example, due to
extortion). Using a so-called hidden volume allows you to solve such situations without revealing
the password to your volume.
The layout of a standard VeraCrypt volume before and after a hidden volume was created within it.
The principle is that a VeraCrypt volume is created within another VeraCrypt volume (within the free
space on the volume). Even when the outer volume is mounted, it should be impossible to prove
whether there is a hidden volume within it or not
*
, because free space on any VeraCrypt
volume is always filled with random data when the volume is created
†
and no part of the
(dismounted) hidden volume can be distinguished from random data. Note that VeraCrypt does not
modify the file system (information about free space, etc.) within the outer volume in any way.
The password for the hidden volume must be substantially different from the password for the
outer volume. To the outer volume, (before creating the hidden volume within it) you should copy
some sensitive-looking files that you actually do NOT want to hide. These files will be there for
*
Provided that all the instructions in the VeraCrypt Volume Creation Wizard have been followed and provided that the
requirements and precautions listed in the subsection 'Security Requirements and Precautions Pertaining to Hidden
Volumes' are followed.
† Provided that the options Quick Format and Dynamic are disabled and provided that the volume does not contain a
filesystem that has been encrypted in place (VeraCrypt does not allow the user to create a hidden volume within such a
volume). For information on the method used to fill free volume space with random data, see chapter Technical Details,
section VeraCrypt Volume Format Specification.