Posted on June 9, 2020 at 11:47 am

To avoid your encrypted disk (Truecrypt, Veracrypt, Bitlocker, etc) from being decrypted your first rule should be to use a strong password, then you need to make sure an attacker cannot access data that was saved in the memory, else he can dump the decryption key that was stored in the memory and then remove the encryption from the encrypted disk.

Here are a few rules to follow:

1) Use a strong 25+ password that uses symbols

2) Disable hibernation on your computer

* To prevent an attacker from stealing a memory image from hiberfil.sys.

3) Always dismount encrypted volumes when not needed

4) Always power off the system

A common software used to decrypt disks is:

https://www.passware.com/kit-forensic/

Other Posts

• Count and sort IP addresses in Nginx access logs
• User-Agent Strings of Perl, Wget, cURL, Python, Java
• Download Latest Raspbian ISO for Raspberry Pi
• What is Default Raspbian Raspberry Pi Password
• How to Install Pi-Hole on Raspbian for Raspberry Pi
• 3 Cards in a Row with Bootstrap 4.4
• Debug 502 Errors in Google Cloud Load Balancer
• Python if-then-else in one line example

Updated Posts

• Example Linux server error logs when CPU is faulty
• Output multiple Linux commands into columns
• How to Disable Hibernation on Windows 10
• Disable Windows Defender on Windows 10 via Regedit
• Install Latest NVIDIA Drivers for Windows 10
• How to improve security of encrypted hard disks
• Get Server IP Address with Ifconfig and IP in Bash
• bash: ipconfig: command not found