BestCrypt Volume Encryption allows the user to assign a hotkey combinations to quickly run
several functions of the software. To set the Hotkeys, run the Options->Keyboard hotkeys
command. The following window will appear:
To set the hotkey select the corresponding edit box and click key combination you wish
to use. It is possible to set hotkey for the following actions:
- Launch BestCrypt Volume Encryption program
- Dismount all encrypted disk volumes that are open for access
- Crash Windows and erase encryption keys in case of emergency
Alarm crash hotkey
It is possible to imagine a case when the user works on computer with mounted encrypted
volumes and someone attempts to take away the computer in working state. Yes, the user can
turn off the computer, but as
Cold Boot Attacks on Encryption Keys article
states, RAM memory still can store encryption keys for seconds and even dozens of seconds. So the keys
can be extracted even if the user turns off the computer.
If instead of turning off the computer the user presses Alarm crash hotkey, BestCrypt Volume Encryption
will not only restart the computer immediately, but will also wipe all encryption keys from memory.
Alarm Crash Hotkey notes:
Alarm Crash Hotkey works in all computer states - whether the user logged on or not, when
the computer is locked by screen saver and even when computer is in sleep mode. (Regular
hotkeys installed by Windows applications work only when the user is logged on.)
The user can press the hotkey to crash computer even when Windows boots. For
example, the user has already entered password for boot/system volume, but threat of
the attack appears when Windows is not loaded yet.
Sure, the user could power down the computer, but it is not the optimal solution for two major reasons:
a) only Alarm Crash Hotkey can guarantee removal of encryption keys from memory b) on modern computers it is necessary to keep power
button pressed for 5-10 sec to turn off the computer; in an emergency situation, this may be too long.
Alarm Crash Hotkey can be set/changed only by an Administrator, but any person who is aware
of the hotkey can press it to avoid the attack.