
Features - BestCrypt Volume Encryption
Encrypt System & Boot Volumes 

Encrypts the volume from which operating system (OS) boots from, as well as the volume where OS stores system files. Check out the 5 benefits of using volume encryption vs. disk encryption.
Pre-Boot Authentication 

User authentication before operating system loads is required when OS System/Boot volume is encrypted.

Strong Encryption Algorithms 

BestCrypt Volume Encryption utilizes strong encryption algorithms (AES, Serpent and Twofish). Every algorithm is implemented with the largest possible key size defined in the algorithm's specification, all available with the most secure XTS encryption mode (learn more).
Two-Factor Authentication 
Extra-layer security added to password protection with support for Yubikey and SafeNet eToken hardware tokens, as well as regular removable disks for secure hardware storage of encryption keys.
Self-efficient encrypted USB
Create encrypted removable drives that can be later accessed with your password from another computer where BestCrypt Volume Encryption is not necessarily installed.
Scalable disk encryption 
Choose to encrypt entire computer, selected disk volumes or a single volume - whether entirely, or just the disk space taken by files.
Single Sign-On
Save time by automatically logging in to Windows with your encryption password.
Secure Hibernation
To protect your computer when left unattended BestCrypt Volume Encryption automatically locks it during hibernation, encrypts contents of the hibernation file and requires authentication on wake-up.
Support for UEFI Secure Boot
Protects your password and encryption keys from being intercepted (e.g. with an Evil Made Attack) by checking digital signature of all modules responsible for booting encrypted computer.
Support for Trusted Computing (TPM)
Configure Unattended Mount at Restart to store encryption keys securely inside a Trusted Platform Module allowing to reboot without authentication. Useful for updating encrypted servers, remote management or sending encrypted computers to a service.
Transparent Operation 
BestCrypt Volume Encryption does not interrupt with your workflow. You can continue using your computer while encryption is in progress. You can also pause the encryption process and resume it later.
Rescue Functions to Decrypt Volumes in Emergency Case 
- Bootable CD/DVD
- Bootable USB
- Rescue decryption of non-system volumes with Rescue File
- Windows bootable Live CD
New Features in Version 4 for Windows
Enhancements in the security level of the software
- Camellia encryption algorithm with 256-bit key added
- Scrypt algorithm to derive key from password utilized to replace previous password-to-key procedure
- Zxcvbn algorithm to estimate strength of password added
When choosing your password to encrypt data, a dialog window will show a progress indicator and text description of the password strength (Bad, Weak, Good, Great). By utilizing the strong encryption algorithms in BestCrypt, the only possible weak point for attack is guessing your password. With Zxcvbn algorithm and a clear illustration of password strength, this kind of brute force attack is much more difficult to achieve - further ensuring your privacy against probable threats.
Two-Factor Authentication when encryption key is stored remotely on removable hardware
- Added support for Yubikey token devices
- Added support for SafeNet eToken devices on UEFI computers
- Key management procedures unified for all types of removable key storages: USB disks, eToken, Yubikey devices
Single Sign-On functionality
When the option is set, the user enters his/her Windows credentials once and then only enters the boot time password every time the computer reboots. After that, the user will be automatically logged in without the need to enter Windows password. This removes the need to type passwords twice (learn more).
Faster initial encryption
Normally the software encrypts all sectors on a disk volume when the user decides to encrypt the volume. The process may require many hours for large disks. Previous versions allowed the process to run quickly for new, unformatted disk volumes, because only filesystem tables had to be encrypted in this case. This quick process is possible only for empty volumes, devoid of user data. New in version 4 is an option to encrypt volumes with the user data so that only sectors storing the data will be encrypted. If 2 TByte volume stores only 20 GB of data, then only 20 GB will be initially encrypted with this option. Please be sure to fully consider the relevant security precautions before using the option.

Enhancements in user interface
- Simple User Interface for beginners; classic Advanced User Interface is also available (learn more)
- System tray icon can be turned on to quickly observe status of disk volumes and mount/dismount them (learn more)
- Hot keys can be configured to run some frequently used operations easily (learn more)
- Program menu has been restructured for better navigation and understanding
- Dialogs, icons and toolbar have been modified for better user experience
Automatic Update Utility
The software now can be updated automatically according to the schedule configured by the user (learn more).
Encryption of group of disk volumes
Earlier versions of the software could encrypt a single disk volume at once. Users had to wait until initial encryption of one volume is complete before starting encryption of the next volume. Version 4 allows users to run the initial encryption process for all volumes (or a selected group of volumes) in a single operation (learn more).
Traveller Mode Disk
The program now allows creating a USB flash disk, that contains both the Traveller Files and the encrypted data. As a result, it can be mounted on a system where BestCrypt Volume Encryption is not installed, without any additional efforts (learn more).
More References
BestCrypt Volume Encryption Documentation and Release Notes
Encrypt Selected Files and Folders (Endpoint Data Protection)
Wipe Selected Files & Folders Beyond Forensic Recovery (Endpoint Data Protection)
Deploy, Monitor, Set Encryption Policy Distribution & Password Recovery with Jetico Central Manager (Enterprise Edition)

English
Alternative languages (only for Windows)
Jetico is only responsible for the English language version. Yet many of our users have kindly contributed translations of the software so it appears in their native language. Jetico appreciates our open global community of dedicated users and enables the distribution of these user-contributed translations:
Arabic
Chinese
Czech
Danish
Dutch
Farsi
German
Italian
Japanese
Polish
Russian
Serbian
Spanish
If you would like to translate BestCrypt Volume Encryption client software into your native language, contact Jetico Technical Support.

Windows Users
Windows 10
Windows 8
Windows 7
Windows Vista
Windows XP
Windows Server 2019
Windows Server 2016
Windows Server 2012
Windows Server 2011
Windows Server 2008
Windows Server 2003
(32-bit and 64-bit versions)

Mac Users
macOS X 10.9 and later