I just started using VeraCrypt and created a 'file' on my Windows 11 drive. I checked to see if it mounts correctly, and it did. Using Windows Explorer, I clicked on the file, properties, then the Hashes tab and my password was under "check against"! I did this a few times and always have my latest password in that field. This only happens when my password is hexadecimal, like "6d9eb325d85ad7ad95914732f1f38628d9cf9f53f75d246bb", and not letters like "thisismypassword". The password for my last created VeraCrypt file is displayed like this when I toggle on previously created VeraCrypt files. Comments are appreciated![password is circled in linked screen grab https://i.stack.imgur.com/cO0EZ.png] I must be doing something incredibly wrong, as I can't imagine the password should be exposed to anyone with access to my Windows account. I expected my encryption password to be hashed and never retrievable merely via the standard Windows Explorer tools (my problem passwords look like a hash output, but it's the actual password). The Windows Explorer Properties function is available for anyone with access to my account on Windows 11. I suspect that Windows senses whether a hexadecimal string is being entered and cached somewhere, but I'm guessing.
Veracrypt file appears to expose password in Windows
175 views Asked by Eric Falkenstein At
1
There are 1 answers
![https://i.stack.imgur.com/cO0EZ.png]](https://i.stack.imgur.com/cO0EZ.png%5D){kind=link}
Related Questions in WINDOWS
- how to play a sounds in c# forms?
- Echo behaviour of Microsoft Windows Telnet Client
- Getting error while running spark-shell on my system; pyspark is running fine
- DirectX 9 With No SDK Installed - How To Translate a D3DMATRIX?
- Gradle 8.7 cannot find installed JDK 22 in IntelliJ
- 'IOException: The cloud file provider is not running', when trying to delete 'cloud' folder
- Cannot load modules/mod_dav_svn.so into server
- Issue with launching application after updating ElectronJs to version 28.0.0 on Windows and Linux
- 32-bit applications do not display some files in Windows 10
- 'bun' is not recognized as an internal or external command
- mkssecreenshotmgr taking a screenshot
- Next js installation in windows 7 os
- Can't resize a partition using Mini Tool?
- Is there any way to set a printer as default according with Active Directory Policy Security Group and PC hostname?
- Electron Printing not working on Windows (Works on Mac)
Related Questions in CACHING
- Using Puppeteer to scrape a public API only when the data changes
- Caching private wordpress rest endpoints
- Cloudflare not respecting Cache-Control
- Unexpected Recursive Call
- Cannot serialize (Spring Boot)
- Nginx only caches file endpoints
- The Selenium application properties folder holds two environment options. After running a test the environment setting changes to a previous setting
- Launch jobs in cache in a loop in bash script
- Multiple async request do not store anything to cache
- Dev tool for Next.js cache on the client?
- Creating a letter in the terminal by entering
- Laravel: check if cache has key with thag
- The retrieval time for the Apache Ignite cache is too long
- How to run gradle with caches files
- Docker Run cache mount does not cache apt-get dependencies
Related Questions in ENCRYPTION
- Is TLS enough for client server encryption or if dealing with sensitive data, its better to add ur own encryption also. for example leverage AWS SSM?
- Secure Messaging Implementation in C#
- File splitting and encryption
- Large file processing in the web browser
- Java code of AES/GCM/NoPadding encryption algorithm with authentication tag
- AES-256-CBC encryption returning different result in Python and PHP , HELPPP
- Why are encrypted stored procedures taking a long time to execute in SQL Server 2022?
- Why/How does Apache auto-include "DHE" TLS1.2 ciphers while nginx needs "dhparams" file?
- Encrypt in Single Store and Decrypt in SQL Server
- Is it possible to develop a Transparent Data Encryption(TDE) system on macOS now?
- How can I ensure incremental changes in deciphered messages in Python substitution cipher decoding?
- Getting Error Message as "the input string is not a complete block" while Decryting using AES
- Laravel: How to fix "the MAC is invalid" on local environment
- How to encrypt a string and decrypt it using a password
- Willena's sqlite-jdbc-crypt driver for sqlite3 database encryption
Related Questions in VERACRYPT
- VeraCrypt Command line volume switch (/v) error (Solved, see update at end)
- VeraCrypt Encrypt Windows System Partition with commandline
- Veracrypt file appears to expose password in Windows
- Is there an application like VeraCrypt which supports TOTP or other changable parameter?
- Linux Input/Output error on huge file after 193GB has been copied
- What [uint64 x1 = *(const uint64*)in;] and [uint64 x2 = *(((const uint64*)in)+1);] mean in Kuznyechik source code (from VeraCrypt ciphers)
- How to remove veracrypt from startup?
- Cannot verify PGP signature for veracrypt executable
- In Powershell script how do I pass an option to a command?
- `Get-Volume` does not list system favorite volumes mounted by VeraCrypt
- Veracrypt container on mac - how to set permissions (compatible with .ssh files)
- How to auto-mount veracrypt device-hosted volume with systemd after login on Linux Mint?
- Configure VSCode Python Interpreter when in a Veracrypt drive
- Veracrypt with batchfile: how can execution be stopped if drive is not mounted?
- Creating virtualenv inside veracypt error
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
Popular Tags
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
That "Hashes" tab isn't a standard part of Windows Explorer's Properties dialog. The shell extension that you're using to give Windows Explorer hash-checking functionality is probably monitoring your clipboard, and if it looks like a hash, displays it as an option to check against. It sounds like you're concerned because you opened the Properties dialog for your Veracrypt file, but check some other file and I bet it will show the same.
If you don't like it, your main options are (1) disable the shell extension, (2) disable its clipboard-monitoring functionality, if they provide that option, (3) type the password into Veracrypt manually or use a password manager's "auto-type" function rather than copy-and-pasting it.