Manualshelf

Operation Manual

ManualsBrandsVeraCrypt ManualsSoftware1.16
61626364656667686970
67
Keyfiles
Keyfile is a file whose content is combined with a password (for information on the method used to
combine a keyfile with password, see the chapter Technical Details, section Keyfiles). Until the
correct keyfile is provided, no volume that uses the keyfile can be mounted.
You do not have to use keyfiles. However, using keyfiles has some advantages:
May improve protection against brute force attacks (significant particularly if the volume
password is not very strong).
Allows the use of security tokens and smart cards (see below).
Allows multiple users to mount a single volume using different user passwords or PINs.
Just give each user a security token or smart card containing the same VeraCrypt keyfile
and let them choose their personal password or PIN that will protect their security token or
smart card.
Allows managing multi-user shared access (all keyfile holders must present their keyfiles
before a volume can be mounted).
Any kind of file (for example, .txt, .exe, mp3
*
, .avi) can be used as a VeraCrypt keyfile (however,
we recommend that you prefer compressed files, such as .mp3, .jpg, .zip, etc). Note that VeraCrypt
never modifies the keyfile contents.
You can select more than one keyfile; the order does not matter. You can also let VeraCrypt
generate a file with random content and use it as a keyfile. To do so, select Tools -> Keyfile
Generator.
Note: Keyfiles are currently not supported for system encryption.
WARNING: If you lose a keyfile or if any bit of its first 1024 kilobytes changes, it will be impossible
to mount volumes that use the keyfile!
WARNING: If password caching is enabled, the password cache also contains the
processed contents of keyfiles used to successfully mount a volume. Then it is possible to
remount the volume even if the keyfile is not available/accessible. To prevent this, click Wipe
Cache or disable password caching (for more information, please see the section Settings ->
Preferences, subsection Cache passwords in driver memory).
See also the section Choosing Passwords and Keyfiles in the chapter Security Requirements and
Precautions.
Keyfiles Dialog Window
If you want to use keyfiles (i.e. apply” them) when creating or mounting volumes, or changing
passwords, look for the Use keyfiles option and the Keyfiles button below a password input field.
*
However, if you use an MP3 file as a keyfile, you must ensure that no program modifies the ID3 tags (e.g. song title,
name of artist, etc.) within the MP3 file. Otherwise, it will be impossible to mount volumes that use the keyfile.