Skip to content

This chapter is geared towards intermediate users. Some tech skills are required.

Encrypt your files with VeraCrypt & Cryptomator

VeraCrypt

VeraCrypt

VeraCrypt is a free and open source program to encrypt files or entire file systems. It's the successor of TrueCrypt, and was first released in 2013.

VeraCrypt installation

Download the latest VeraCrypt installer for Windows and follow the on-screen instructions.

MacOS needs the companion app OSXFUSE to run VeraCrypt. Download the latest installer, open the downloaded .dmg file and follow the on-screen instructions. Be sure to select the MacFUSE Compatibility Layer.

Next, download the latest VeraCrypt Installer for macOS and follow the on-screen instructions. For easy access, open the Applications folder and drag the VeraCrypt icon to your dock.

Download the latest VeraCrypt Generic Installer for Linux. The file should be named something like veracrypt-X.XX-UpdateX-setup.tar.bz2. For the purpose of this tutorial, let's suppose the file was downloaded to the folder /home/gofoss/Downloads and needs to be installed in the folder /home/gofoss/veracrypt. Make sure to adjust these file paths according to your own setup. Open a terminal and run the following commands:

mkdir /home/gofoss/veracrypt
cd /home/gofoss/Downloads
tar -xvf veracrypt-X.XX-UpdateX-setup.tar.bz2 -C /home/gofoss/veracrypt

Launch the installer and follow the on-screen instructions:

cd /home/gofoss/veracrypt
./veracrypt-1.XX-UpdateX-setup-gui-x64

To uninstall VeraCrypt, run the /usr/bin/veracrypt-uninstall.sh script.

Encrypt files with VeraCrypt

Once VeraCrypt is installed, you're able to create encrypted containers and conceal your files.

Show me the step-by-step guide

Steps Instructions
Create a volume Launch VeraCrypt and click on Create Volume ‣ Create an encrypted file container ‣ Next.
Volume type Select Standard VeraCrypt volume ‣ Next.
Volume location Click on Select File, then specify the path to the location where the VeraCrypt container should be stored. Then click on Save ‣ Next
Encryption options Choose AES as encryption algorithm, and SHA-512 as hash algorithm, then click Next.

Remark: VeraCrypt supports a number of encryption algorithms including AES, Serpent, Twofish, Camellia, and Kuznyechik, as well as different combinations of cascaded algorithms. VeraCrypt also supports four hash functions including SHA-512, Whirlpool, SHA-256 and Streebog.
Volume size Specify the file size of your VeraCrypt container. Then click Next.
Volume password Provide a strong and unique password for your VeraCrypt container. It's the key to your data.

Remark: VeraCrypt provides additional options, such as enabling keyfiles or a Personal Iterations Multiplier (PIM).
Format options Select a filesystem, for example FAT. Then click Next.
Volume format Move your mouse as randomly as possible for at least 30 seconds, ideally until the randomness indicator bar reaches the maximum. Then click Format to create the container. Depending on its size and the available computing power, this can take a LONG time. Grab a cup of coffee or get lunch. And don't unplug your device...
Exit Once the volume has been created, click OK ‣ Exit.

Show me a summary video

Access encrypted files with VeraCrypt

Files encrypted by VeraCrypt can only be accessed with the correct password.

Show me the step-by-step guide

Steps Instructions
Choose a drive slot Open the VeraCrypt application and select a drive slot to which the VeraCrypt container will be mounted.
Mount the container Click Select File and browse to your encrypted container. Then click Open ‣ Mount.
Provide a password Enter the password for the VeraCrypt container and click OK. Then, provide your administrator password.
Open the container The container will mount as a virtual disk, which behaves like any drive on your computer. Navigate to the virtual disk and create, open, modify, save, copy or delete files.
Dismount the container Once you're finished, close the container by clicking on Dismount in the main VeraCrypt window.

Show me a summary video

VeraCrypt support

For further details or questions, refer to VeraCrypt's documentation or ask the VeraCrypt community.


Cryptomator

Cryptomator

Cryptomator is open source software which encrypts your data before it's uploaded to the cloud. The encrypted data can only be accessed with the right password. This reduces the risk that cloud providers or any third party get access to your online data.

VeraCrypt or Cryptomator, what's the difference?

VeraCrypt focuses on encrypting files on a local device. Cryptomator focuses on encrypting files stored in the cloud:

  • VeraCrypt doesn't reveal information about file structure, number or size. Cloud synching however would require downloading the entire VeraCrypt container each time a single file needs to be modified, and uploading everything once you're finished. That's why VeraCrypt is better suited to encrypt files on local devices.

  • Cryptomator encrypts each file individually. It only syncs the file being modified. It does however provide unencrypted meta information, such as timestamps, number or size of files. That's why Cryptomator is better suited to encrypt files in the cloud.

Cryptomator installation

Download the latest Cryptomator installer for Windows and follow the on-screen instructions.

Download the latest Cryptomator installer for macOS, open the downloaded .dmg file and drag the Cryptomator icon on top of the Application folder. For easy access, open the Applications folder and drag the Cryptomator icon to your dock.

Open a terminal, add the correct repository and install Cryptomator:

sudo add-apt-repository ppa:sebastian-stenzel/cryptomator
sudo apt update
sudo apt install cryptomator -y

Purchase and download Cryptomator from Google's Play Store, Cryptomator's website or Aurora Store.

Purchase and download Cryptomator from the App Store.

Encrypt files with Cryptomator

Once Cryptomator is installed on your desktop environment, you're able to create encrypted vaults which conceal your cloud files.

Show me the step-by-step guide

Steps Instructions
Create a new vault Launch Cryptomator and select + Add Vault ‣ Create New Vault.
Choose a name Give your vault a name, then click Save.
Choose a storage location Choose a location where you want encrypted files to be stored. This should be a directory which is synchronised with the cloud. Click on Open ‣ Next.
Choose a password Provide a strong and unique password. It's the key to your data.
Create a recovery key Optionally, create a recovery key. This key should be safely backed up, as it will be needed if you loose your password.
Create the vault Click Create Vault.

Remark: You can also add an existing vault to the desktop client. In this case, launch Cryptomator, select + Add Vault ‣ Open Existing Vault, navigate to the folder containing the vault and select the file masterkey.cryptomator.

Show me a summary video

Once Cryptomator is installed on your mobile device, you're able to create encrypted vaults which conceal your cloud files.

Show me the step-by-step guide

Steps Instructions
Create a new vault Launch Cryptomator and click on + ‣ Create new vault.
Choose your cloud provider Select the cloud provider where you want your encrypted files to be stored. If not already done, provide the credentials for your cloud storage provider.
Choose a name Give your vault a name, then click Create.
Choose a storage location Choose a location on your cloud storage where you want encrypted files to be stored. Click on Place here.
Choose a password Provide a strong and unique password. It's the key to your data. Click on Done.

Remark: You can also add an existing vault to the mobile app. In this case, open the Cryptomator mobile app, select + ‣ Add existing vault, choose your cloud provider, navigate to the folder containing the vault and select the file masterkey.cryptomator.

Access encrypted files with Cryptomator

Files encrypted by Cryptomator can only be accessed with the correct password.

Show me the step-by-step guide

Steps Instructions
Unlock the vault Open Cryptomator, select an existing vault and click on Unlock.... Provide your password and click on Unlock.
Mount the vault Click on Reveal Vault. The vault will mount, and behave like any drive on your computer. Create, open, modify, save, copy or delete files.
Lock the vault Once you're finished, close the vault by clicking on Lock in the main Cryptomator window.

Show me a summary video

Files encrypted by Cryptomator can only be accessed with the correct password.

Show me the step-by-step guide

Steps Instructions
Unlock the vault Open the Cryptomator app, select an existing vault, provide your password and click on Unlock.
Lock the vault Create, open, modify, save, copy or delete files. Once you're finished, close the vault by clicking on Lock button in the vault list.

Cryptomator support

For further details or questions, refer to Cryptomator's documentation or ask the Cryptomator community.