Questions on keyfiles and constant use of TrueCrypt volumnes

We have a user who heavily depends on Truecrypt (she uses the last known version prior the site leaving their users).  The size of the volumes range from 360gb  to 1 tb and have been using them since 2012 with no glitch whatsoever.  She changes the volumes password successfully every year.

Yesterday, a colleague told her that she has to have the keyfiles of each volume and even more, that right after creating all her volumes, she should have backed up those keyfiles - she has never done this.  We have search on this topic and effectively it does says it (see pix below).

 tc quest
Based on the above, 2 questions:

1. Is there any considerations or maintenance she should consider for her TC volumes?
    (this is because the user is constantly using the TC volumes, sometimes having them open for
    days even is she hibernate her computer, the TC volumes are open)

2. Since she never backed the header or keyfiles when creating TC, may there be some problem?
    Also should we do regarding this?


Thank you very  much in advance.
rayluvsAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

David Johnson, CD, MVPOwnerCommented:
if the keyfiles are lost then the TC volume is lost. So Identify them and back them up. They also should have regular backups of the TC volumes either encrypted or not using the 3-2-1 rule (3 backups/2 different types/1 being offsite)
0
McKnifeCommented:
It is funny that you don't even seem to distinguish between key files and the volume header, although those are different things.
Your screenshot says it: "(with a backup of the volume header and a backup of the password or Keyfile) in case the user loses his password (if a password is used) or his Keyfile (if a Keyfile is used), you (the admin) have a way to unlock the volume.

->backup the volume header together with a current Keyfile or password. Not doing that means you depend on the user (never good).
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
rayluvsAuthor Commented:
Thanx both, will do.

Where it says "...before you allow a non-admin user to access the volume", that is only referencing a "first time" TC creation?  In other words, when we backup now both Keyfile and volume header, there is no difference or disadvantage against backing them up at the creation time?
0
Learn Ruby Fundamentals

This course will introduce you to Ruby, as well as teach you about classes, methods, variables, data structures, loops, enumerable methods, and finishing touches.

McKnifeCommented:
No difference or disadvantage, no. TC advises you to do it at once, because corruption or other disasters may happen at any time. But it hasn't happened, luckily.
0
rayluvsAuthor Commented:
Thanx!

Lastly, the part of the question on "any considerations or maintenance the user should consider for her TC volumes?"
(due to the constantly use of the TC volumes during these years, sometimes having the TC volumes open for days even when hibernating the computers)

Any maintenance recommendation for this type of use of TC volumes?
0
McKnifeCommented:
No. As you see, it just works and it's ok to use it like this. The usual backups should be done, anyway.
0
rayluvsAuthor Commented:
I meant more like tools for checking the volume, or defrag, etc. on the volume itself (based on the constant use of these TC volumes, I assume that there has been some times that the user has had her computer locked, restarted and turned off erroneously - so maybe some data loss etc.)
0
McKnifeCommented:
It's not that fragile, It is still a normal volume. The key is in memory and all encrypted data is passed to a filter driver that uses that key to look at deciphered data. No big magic and not fragile - no extra care needed.
0
rayluvsAuthor Commented:
Ok
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Encryption

From novice to tech pro — start learning today.