Dekart Private Disk
Dekart Private Disk Multifactor specific questions
What is Dekart Private Disk?
Dekart Private Disk is a fast program that allows you to protect your data from unauthorised access. Easy-to-use, secure and reliable AES disk encryption software. Creates one or more virtual encrypted disks on your hard drive. When you write some files to this disk they are encrypted on the fly and when you read them they are decrypted automaticaly.
How does it work?
Virtual encrypted disk is a simple file that is stored on your hard disk. All data stored on disk are stored in encrypted form in this file. At the end of the file the "key data" is attached. Key data is created during "Create Disk" procedure and contains AES random secret key that is used for decrypting the disk data. AES key is encrypted using the password specified by user. When you mount the disk, the disk encryption key is decrypted using this password and the on-the-fly decryption of the disk begins to work.
I forgot my password, can you help me to get the data back?
Unfortunately, we are not able to help you. AES key that is used for decryption is a big random value that was generated when you created your disk. We can not guess it. You can guess the password but if the password is quite random and bigger than 8 characters it's also impossible.
What is the difference between Dekart Private Disk Light, Dekart Private Disk and Dekart Private Disk Multifactor?
How long my password should be to ensure better protection?
You need to keep in mind that all protection is kept by your password. So these are the suggestions for good passwords:it should be not shorter than 8 characters; it should be random, without any meaning; make your password Case sensitive; use special characters like these _,&,~,(,< in your password. Here are the examples of quite good passwords: "k8Wsp1pf", "o2)_9c.W", "this is_my big*password".
The results of Brute Force attack calculations using Pentium 4, 1.6 GHz, 512 cache:
Time to break if your password contains only small English letters (26 characters)
Time to break if your password contains small and big English letters digits and space (63 characters)
1 hour 15 min
1 day 20 hours
Why Dekart Private Disk is more secure than Dekart Private Disk Light?
a) Your disk is encrypted by the "AES key" using AES algorithm.
b) Your "AES key" is encrypted by the "RC4 key" using RC4 algorithm with default key length installed on your computer. Length of RC4 key could be 56 or 128 bit it depends on Windows. Open about dialog in IE and check if you have 128 bit encryption.
c) RC4 key is generated from your password using SHA-1 algorithm.
In Dekart Private Disk 2.xx we don't depend on (use) Windows cryptography at all. So the disk is encrypted with the AES 256-bit algorithm. The AES key is encrypted using the AES 256-bit algorithm as well. The second AES 256-bit key is also generated from your password using SHA-512.The main difference is that we no longer use the RC4 algorithm, and switched completely to AES 256-bit.
Why two AES keys: one for Disk encryption (independent from your password) and another AES key – that is generated from your password.This architecture allows to change the password without the need to reencrypt the whole disk's data. If you change the password – the disk's encryption key remains the same, it's just re-encrypted with another AES key (generated from the new password).
Can I store encrypted volumes on recordable CD disks, CD-RW disks or USB flash disks?
Yes, you can. Create the container file on your hard drive, and burn it onto the CD or write it on the USB flash. More info on how to encrypt USB flash disk, DVD, CD…
My hard drive is already fully partitioned. Does this mean I either need to repartition my hard drive, or add a new hard drive? Or, will DPD allow me to somehow use some of my existing partitioned space?
You do not need to repartition your hard drive. When you create a new disk you are required to give the name of the file where you want to store your secret information in the encrypted form. That's all. So the new disk is actually just one file, not partition. It's much easier to manage a file than a partition. E.g. you can copy this file to another location, write it to CD, etc.
I created a new virtual encrypted image, and after restarting Windows, I cannot find it. But the space the image occupied was not freed. What happened?
Your space was not lost.
The reason Private Disk does not see the image is because Windows Explorer is configured not to show hidden files.
To change that, open My computer, go to
Tools\Folder options\View and make sure that:
- hide protected operating system files is DISABLED
- show hidden files and folders is ENABLED
Apply the new settings. After that you should be able to see your encrypted image.
This happens if you enable the 'Hidden image' option when creating the virtual encrypted disk.
Note that you have to change two options, not just one. Most of the users enable "Show hidden files and folders", but this is not enough. Both settings are highlighted on this screenshot.
Where does Private Disk store its temporary files?
Private Disk is an on the fly encryption application. This means that there are no temporary files anywhere on your hard disk.
Moreover, Private Disk does not use the paging file, hence your data is not left anywhere in the computer memory, even after a memory-dump, or if you close your programs in a hurry.
Why can't I defragment my virtual drive?
The disk cannot be defragmented because it is not a 'usual' disk. It is a virtual drive, which the OS treats as a regular one, but in reality the drive is not a physical partition on your hard disk. Because of this, in certain cases the disk cannot be detected by defragmenting tools.This depends on your OS and file system. For instance, if you have Windows XP or 2000, and the virtual disk is NTFS, while the type of the virtual disk is 'fixed', you are able to defragment it. To do that, type "defrag z:" at the command prompt (substituting Z: with your drive's letter). You will notice that Windows' built-in defragmenter can 'see' this disk, while some third-party defragmenters do not. This depends on how your defragmentation application works.
Does Private Disk interfere with partition management tools?
Private Disk does not create a partition on your hard disk when you mount your encrypted image. The new disk is a virtual one, i.e. it does not phisically reside on your hard disk like all the other partitions do. Instead, some certain software mechanisms allow it to be seen as a usual disk.Private Disk will in no way influence your partition managenent software, or your drive partitions.
Does Dekart Private Disk work on external drives formatted with NTFS?
Yes, Private Disk works with external drives that use the NTFS file system. In fact, you have to use NTFS if you intend to create an encrypted drive of a large capacity, since FAT has a maximum file size limit of 4 GB (and in some cases 2 GB).
I will not have any type of biometric device connected to my computer. Instead of using all three authentication methods offered by this product, can I only use two-factor authentication
Yes it is possible to use only two factors, namely, a PIN code protected USB token or smard card, used to store all necessary data to decrypt the encrypted data. You can at any time decide to start using biometric authentication, the third factor, by simply enabling biometric authentication in the program control panel.
Which hardware tokens or smart cards can I use with Dekart Private Disk Multifactor?
For the complete list of authentication devices supported by Dekart software, please visit the List of supported devices page.