BitLocker vs Veracrypt

hemang

Distinguished
Sep 28, 2011
11
0
18,510
0
I have purchased a new laptop with Win 10 Pro and 2 Tb HDD. Am going to partition into 2 drives of 200Gb [C:] and balance as [D:] for data as soon as I receive the laptop.
Next I want to encrypt the disks so that in case laptop is stolen my data cannot be accessed at all. Presently I am using VeraCrypt containers for specific data but I want to protect all of it with the new laptop.
I am planning to us either BitLocker or VeraCrypt. Inclined to use BL as it is built in. I have some queries
1) Which is better at encryption or are both similar?
2) I do not use Microsoft account at all. I use local account only. Does that affect BL in any way?
3) What happens if I hibernate or sleep the PC? If laptop is stolen and someone pulls the HDD is it decrypted or encrypted?
4) I assume that if I just lock the screen and the HDD is removed the data is decrypted.

Looking forward to receiving valuable suggestions.
 

mundial

Prominent
Dec 31, 2017
82
3
665
11
1) Which is better at encryption or are both similar?

Both are actually quite robust encryption applications. Both use AES-256 in XTS mode of operation (which is NIST approved)

2) I do not use Microsoft account at all. I use local account only. Does that affect BL in any way?

No, not affected when using the standalone version of BitLocker.

3) What happens if I hibernate or sleep the PC? If laptop is stolen and someone pulls the HDD is it decrypted or encrypted?

Well that is the propose of a Windows logon password which I assume you have set!

4) I assume that if I just lock the screen and the HDD is removed the data is decrypted.

Technically, a cold boot attack is possible.

In reality, if your laptop gets stolen, the thief will try to access the boot up the hard disk. Authentication requirements of encryption will block them. If determined, they will removed the disk, and try to slave it to another PC but the disk will appear as "unformatted" to them.
 

USAFRet

Titan
Moderator
Mar 16, 2013
113,056
1,839
155,140
18,548
And unless the NSA has you in their radar, or if you are a high level target of corporate spying, no thief will bother trying to access "your data".


Just be very, very sure you do not lose your password or recovery key. Without that, you are just as locked out as the rest of the world.
 

ASK THE COMMUNITY

TRENDING THREADS