Menu

Emergency master key wipe hot key combination

Feature requests
BigPilot
2026-05-28
1 day ago

  • BigPilot

    BigPilot - 2026-05-28

    I would like to suggest a feature. Using a special key combination (let's say: Ctrl+Plus, Ctrl+Plus, Delete, Delete) to securely wipe the master key and making the Veracrypt volume inaccessible even with the correct password.

     

  • Enigma2Illusion

    Enigma2Illusion - 6 days ago

    The "panic button" suggested feature has been suggested and rejected for many reasons. I will only list a few.

    False sense of security to the end user.

    Anything using memory chips cannot be securely erased including mechanical HDDs with cache, SSDs and USB memory drives:

    https://veracrypt.jp/en/Wear-Leveling.html

    https://veracrypt.jp/en/Reallocated%20Sectors.html

    Law enforcement will clone your drives and in a forensic setting with specialized software attempt access your data using their clones.

     

    • Tulip81

      Tulip81 - 1 day ago

      Please @enigma2illusion tell me why it is important to turn off the paging file before the start of system encryption ?

      https://veracrypt.jp/en/Wear-Leveling.html

       

      • Enigma2Illusion

        Enigma2Illusion - 1 day ago

        why it is important to turn off the paging file before the start of system encryption ?

        Because the Paging File can hold sensitive unencrypted data and/or unencrypted RAM data that may not get encrypted during the creation of system encryption due to wear-leveling and possibly Reallocated Sectors.

        From the link on Wear Leveling to Paging File,

        https://veracrypt.jp/en/Paging%20File.html

        Paging files, also called swap files, are used by Windows to hold parts of programs and data files that do not fit in memory. This means that sensitive data, which you believe are only stored in RAM, can actually be written unencrypted to a hard drive by Windows without you knowing.

        Note that VeraCrypt cannot prevent the contents of sensitive files that are opened in RAM from being saved unencrypted to a paging file (note that when you open a file stored on a VeraCrypt volume, for example, in a text editor, then the content of the file is stored unencrypted in RAM).

        Also be aware that any internally reallocate/remap bad sectors that cannot be overwritten.

        https://veracrypt.jp/en/Reallocated%20Sectors.html

        This means that any existing data in the bad sector remains on the drive and it cannot be erased (overwritten with other data). This may have various security implications.

        To remove the possibility of sensitive data issues for system and non-system encryption, always start with a drive that is factory new before any sensitive data has been created/copied to the drive.

         
        👍
        1

        Last edit: Enigma2Illusion 1 day ago

Log in to post a comment.