Encrypting GPT Windows 8.1 on a multi boot system?

1

I have setup LVM on LUKS for my Linux partitons which I am very happy with but I would also like to encrypt Windows 8.1. I had planned to use TrueCrypt until I learned it does not support GPT. I would rather not have to start over configuring my laptop to use MBR as to encrypt Windows 8.1 unless absolutely necessary.

Do any of you know of a hack or workaround that would allow TrueCrypt to work on GPT UEFI, or is this something that simply will not happen until there is a release from some of the groups trying to continue TrueCrypt? GRUB could chainload TrueCrypt or vice versa perhaps.

If you are dual booting with GPT Windows 8.1 and have it encrypted what is your setup?

Maybe MBR is my best option?

For anyone wondering why use Windows at all the main reason is that I sometimes I like to play games that WINE cannot handle or cannot handle as well as Windows. An example is that I may be on call for work and gaming when there is nothing to do, and it is nice to be able to alt-tab between work systems, personal data, and gaming. quickly without having to switch operating systems. Also, I want the whole partition encrypted, not just passwords and select dirs. I do not consider Bitlocker an option, and not only because I would need to connect a flash drive each boot.

dusf

Posted 2014-06-11T15:17:40.253

Reputation: 11

TrueCrypt does not support GPT partitions and it never will – Ramhound – 2016-06-01T22:16:12.623

How do you know this, and do you know why? – dusf – 2016-10-22T09:32:16.913

The developers of TrueCrypt abandoned it. Removed the last version that could actually encrypt your drive, and replaced it with a version, that can only decrypt the drive. The developers also Indicated that TrueCrypt should not be used. The only fork that has GPT support, is in a really rough state, and has numerous vulnerabilities ( more then TrueCrypt's last version). – Ramhound – 2016-10-22T10:36:01.140

Answers

0

I looked for a way to do this myself in the last few weeks, but came up with absolutely none useable solution.

The only way to do this is to encrypt Windows with Bitlocker, but since Bitlocker only allows a pure numerical password, which is limited to 20 characters, I didn't use this (by the way, thanks MS). They seem to think a TPM is all the security you need. By the way, you can disable the need for a flash drive and use just a password, but as I said, the password is pretty weak.

There are some commercial solutions claiming to be able to encrypt an UEFI setup, but I didn't give them a closer look.

As for now, I stay unencrypted and will revert to MBR the next time I reinstall Windows for whatsoever reasons.

user3696412

Posted 2014-06-11T15:17:40.253

Reputation: 151

Asked: 2014-06-11T15:17:40.253

Viewed: 573 times

Active: 2016-10-31T09:51:56.040