When TrueCrypt creates an encrypted volume, it does so by creating a master-key to encrypt the volume, and then encrypting the master-key with the user-key (password).
In this way, it's really fast to change passwords. You don't have to re-encrypt the whole volume when the user's key changes, you only have to re-encrypt the master-key.
What TrueCrypt is warning you about in that message, is if an adversary has stolen your user-key and compromised the master-key, then simply changing your user-key will not protect your encrypted volume. One way to compromise the master-key might be to dump ram from your laptop while the truecrypt volume is "open", allowing the adversary to sniff through RAM contents looking things that look like AES keys (presumably they could do this also with Serpent or Twofish or what have you, but it may be harder).
The situation you're in is different. You haven't compromised your master-key. You HAVE changed from user-key-01 to user-key-02. You've forgotten user-key-02, but you recall user-key-01. If TrueCrypt is implemented correctly, knowing user-key-01 at this point is uselss, since the master-key is presently encrypted with user-key-02, and the master key is uncompromised.
Unless you can guess user-key-02, either by trying to figure it out by luck or trying to bruteforce it with something like hashcat, or you know of a good side-channel attack on truecrypt, or you know of a backdoor to AES, the data is gone.
Facebook
Twitter