The chapter explains all the main steps in using BestCrypt Volume Encryption and provides referencies on corresponding articles explaining them in detail.
Main purpose of the software is to make some volume permanently encrypted so that unauthorized persons could not access any information from the volume. The volume is protected by password and optionally by hardware Aladdin eToken device.
If the user enters an appropriate password, BestCrypt Volume Encryption mounts the volume and starts transparently decrypt all data the user reads from the volume. When the user decides to disable any access to the volume, he/she runs the dismount command. BestCrypt Volume Encryption forgets encryption key for the volume and stops transparent decrypting data stored on the volume.
It is recommended to use several rescue commands to backup information about encrypted volumes. BestCrypt Volume Encryption creates so-called Rescue File with information about encrypted volumes. It would be wise to backup the file to some safe place, for example to removable disk, and use it to decrypt volume if some accidental damage occurs. Information inside Rescue File is encrypted exactly in the same way as on volumes, so there is no risk that someone not knowing proper passwords can use the file.
If you encrypt Windows System/Boot volume, it is recommended also to create Bootable Floppy with Rescue File. If the volume where from Windows boots becomes damaged, you will be able to boot computer using the Bootable Floppy. Special recovering program will start from the floppy and ask your confirmation to run decrypting process for the System/Boot volume(s).
BestCrypt Volume Encryption supports hardware Aladdin eToken devices to store encryption keys. If you use eToken to store key for some encrypted volume and lose the eToken, you will not be able to access the volume. So it is recommended to backup the key to another eToken and keep it in a safe place. Managing Keys on Hardware Token article explains the backup process in detail.
If you have encrypted System/Boot volume, BestCrypt Volume Encryption software allows customizing password-prompt text appeared when you boot computer. Changing standard Enter password > text has a sense, for example, if you do not want to show everyone who turn on your computer what program requires the password. It is also possible to hide star characters (*) reflecting password typing. You can easily make your computer showing your own fun text to surprise your family or emulate hanging boot process, or make the computer showing some standard text of an error in operating system at earlier boot up process time.
Although BestCrypt Volume Encryption does not require knowledge of physical location of volume on hard disks, the program has several commands allowing the user to view and even save and restore contents of physical disk sectors. The sectors can be viewed both in encrypted and decrypted states. The commands can be useful for deeper investigating of the software, as well advanced users may find it interesting to look at low-level contents of filesystem tables and other system data.