Memory encryption

If your device falls into the hands of a third party, he or she may be able to start a different operating system and access your data without having to use login information. To prevent others from accessing your devices, make sure to switch it off when not using it and use hard drive encryption.

The encryption of the entire system partition is almost transparent for the users. Authentication with an additional PIN number is only necessary when rebooting the system.

The following provides a number of options for whole disc encryption with pre-boot authentication:

(drive encryption)
VeraCryptdm-cryptFileVault 2
available forWindows
(starting with the Pro edition)
  • Linux
  • Android
macOS X
Source codeproprietaryopen sourceopen sourceproprietary
InstructionsInstructionsInformation for AndroidInstructions

PLEASE NOTE: If you forget your decryption key (PIN, password), you may permanently loose access to the system!

When encrypting your system with BitLocker, VeraCrypt and FileVault 2, you will be provided the opportunity to create a recovery key or media. These options will allow you to access the system in an emergency and should therefore also be protected just as much as the decryption key.


Version history

Authors: Christoph Becker (cb), Stefan Brütsch (sb)

1.02017-02-21cb, sb
1.12019-03-29cbfocus on hard drive encryption

BitLocker instructions modified to include configuration

  •  longest AES encryption key
  • protection from unknown DMA devices
  • deactivation of the standby mode and
  • activation of a time limit for hibernation