Encrypt the whole drive greyed out
Open source disk encryption with strong security for the Paranoid
Brought to you by:
idrassi
Menu
▾
▴
New HP laptop, Win 10 Home
Secure Boot has been Disabled.
VeraCrypt v 1.24-Update7
After install upon getting to section asking what area to encrypt the choice to encrypt the entire drive is greyed out. Is there a fix for this?
I am using an older version of Veracrypt on an older machine running Win 7 without any issues for many years. Should I revert to the older version for the new machine? Would that work?
Hello;
Your new laptop has certainly an UEFi bios with MSR and Recovery Partitions, these ones can't be encrypted by microsoft design
but don't worry they have the same content on every windows PC with no sensitive data
best regards
Thank you for getting back to me on this.
I found some instructions to check to see if I have UEFI firmware/bios, I do. You nailed it.
My purpose in using encryption is simply to “brick” the computer in case it is lost or stolen. In the event that happens I do not want the machine to be usable. If a thief was motivated enough to remove the SSD and try to access data using an external connection, I do not want that to be successful.
Now my only Veracrypt option for encryption is to only “Encrypt the Windows system partition”. If I understand your comment, that encryption will take care of everything on the drive except for those Recovery Partitions. Is that sufficient to accomplish my goal?
Yes,
MSR partition contains nothing it isreserved for future use
Recovery partition contains the same things on all PC with same windows 10 release:
some boot files and an winte.wim file for recovery purposes
in fact on veracrypt encrypted system it is better to disable this function by start following command in admin mode: reagentc /disable , because if recovery start it lead to infinite loop , recovery can't decrypt system and fail
Thanks again for the help!
Hopefully this thread will be of use to others.
I made a Windows 10 Recovery CD before disabling the reagentc function.
My Configuration is now this:
New HP laptop, Win 10 Home
Secure Boot has been Disabled.
Recovery Files Disabled (reagentc/disable)
VeraCrypt v 1.24-Update7
Installed VeraCrypt encryption, ran the test, password worked, went for it.
About 2 hours later the Drive encryption completed.
The machine immediately boots to the VeraCrypt password request as per expectations.
Looks like it’s working.
Cheers!
Hello,
happy for successfull encryption
With this release disabing secure boot is not needed because veracrypt boot module dcsboot.efi is now certified by microsoft