Full system encryption failed
Open source disk encryption with strong security for the Paranoid
Brought to you by:
idrassi
Menu
▾
▴
Earlier today i tried to do a full system encryption with veracrypt.
First: i cant choose "encrypt the whole drive", only "encrypt the windows system partition".
Second: after i choose a password and the computer reboots, i get this message: "veracrypt has been blocked by the current security policy". When i return to windows i get this message: "the veracrypt system encryption pretest failed". It also says "if the veracrypt boot loader did not ask you to enter the password before windows started, it is possible the your operating system does not boot from the drive on wich it is installed. This is not supported" I guess this is my problem? Any way to go around it?
I have two discs on my computer, one where windows and everything else is installed and one wich seems to contain drivers from Lenovo.
OS: windows 10
Computer: Lenovo ideapad
Thanks!
Do you have Secure Boot enabled in the BIOS? If yes, disable Secure Boot in the BIOS.
I have disabled it now, will try again tomorrow.
Thanks!
Install 1.19 Beta 2 which contain fixes to 1.18a at the link below.
https://sourceforge.net/projects/veracrypt/files/VeraCrypt%20Nightly%20Builds/
What about not being able to select "encrypt the whole drive", can that also be connected to Secure boot being enabled?
EFI boot disk can't be full encrypted. GPT and EFI system boot volume has to be open because loader starts from EFI system boot volume
Clarifications:
1) EFI system volume is small (~100MB) volume FAT formatted with loader.
To check contents of EFI system volume from cmd admin.
mountvol z: /s
dir z:
2) OS volume is volume with Windows (several GB)
OS volume is encrypted
EFI system volume is open and contains VeraCrypt loader in EFI\VeraCrypt directory.
Last edit: Alex 2016-09-01
How does it effect security that i'm only able to encrypt the windows system partition and not the whole drive? Sound to me that only the operating system will be encrypted and not all the contents on my harddrive?
As you might understand i dont have advanced computer knowledge, just want my personal files to be safe.
Data written on system drive (e.g. C:) is encrypted. If there are other drives (e.g. D: E: etc.) data on these drives have to be encrypted as ordinary VeraCrypt volumes.
I have had the same 'veracrypt has been blocked by the current security policy'
I've disabled By BootLog in Bias and still no luck.
I've turned off McAfee and still no luck.
Anyone have any suggestions please?