I accidentally changed truecrypt password to hidden volume password!

[knifenblood]

I need help recovering the contents of the drive!

I used a data recovery software on the drive and found a bunch of encrypted files... how do I recover these?

I remember using different encryption algorithm on the volumes. But I don't remember which...

I still know the old and new passwords, is there any way I can recover the files?

 

[John Connor]

You aren't very clear. If you have the password, then mount the encrypted container. If it's just fragmented encryption data then you are SOL.

 

[knifenblood]

The password for the hidden volume and the normal volume are the same now.
One is empty and the other one has the data. When I mount the volume now, it opens up the empty volume...
But data recovery software is picking up the data in its encrypted form.
Can anything be done?

edit: data recovery: https://i.imgur.com/uxuG8OE.jpg

 

[frozentundra123456]

Still not sure why there is a problem. Do the two volumes have the same name? If not, I dont see why them having the same password should be a problem.

 

[knifenblood]

Still not sure why there is a problem. Do the two volumes have the same name? If not, I dont see why them having the same password should be a problem.

The hidden volume is inside the normal volume... It was made with the truecrypt wizard...Make sense?

 

[frozentundra123456]

Not really. Just open the first volume with whatever program you used to make it, then navigate to the truecrypt volume, mount it, and open it with truecrypt. Can you see the "hidden" truecrypt volume when you open the other volume? Hate to ask this, but have you used truecrypt before?

 

[knifenblood]

Not really. Just open the first volume with whatever program you used to make it, then navigate to the truecrypt volume, mount it, and open it with truecrypt. Can you see the "hidden" truecrypt volume when you open the other volume? Hate to ask this, but have you used truecrypt before?

Dude, you are the one who is unfamiliar with truecrypt... The volumes are not separate. You don't navigate to the hidden volume, truecrypt opens it automatically when you use the hidden volume password on the volume.

http://www.howtogeek.com/109210/the-htg-guide-to-hiding-your-data-in-a-truecrypt-hidden-volume/

Now, unfortunately both the normal volume password and hidden volume password are one and the same. Truecrypt is opening normal volume when I enter the password. I need it to open the hidden volume.

 

[John Connor]

Your hidden volume password and normal volume password is the same so that you now can't open the hidden volume, correct?


I would read the manual. You should have read it all prior to using Truecrypt. Start at page 39.

A hidden volume can be mounted the same way as a standard TrueCrypt volume: Click Select File
or Select Device to select the outer/host volume (important: make sure the volume is not mounted).
Then click Mount, and enter the password for the hidden volume. Whether the hidden or the outer
volume will be mounted is determined by the entered password (i.e., when you enter the password
for the outer volume, then the outer volume will be mounted; when you enter the password for the
hidden volume, the hidden volume will be mounted).

TrueCrypt first attempts to decrypt the standard volume header using the entered password. If it
fails, it loads the area of the volume where a hidden volume header can be stored (i.e. bytes
65536–131071, which contain solely random data when there is no hidden volume within the
volume) to RAM and attempts to decrypt it using the entered password. Note that hidden volume
headers cannot be identified, as they appear to consist entirely of random data. If the header is
successfully decrypted (for information on how TrueCrypt determines that it was successfully
decrypted, see the section Encryption Scheme), the information about the size of the hidden
volume is retrieved from the decrypted header (which is still stored in RAM), and the hidden
volume is mounted (its size also determines its offset).

With that, maybe you could change the normal volume password and then you could log into your hidden volume with the password you set.


Also, to anyone else that might use Truecrypt.

Incompatibility with FlexNet Publisher and SafeCast

Main article: FlexNet Publisher § Issues with bootloaders
Installing third-party software which uses FlexNet Publisher or SafeCast (which are used for preventing software piracy on products by Adobe such as Adobe Photoshop) can damage the TrueCrypt bootloader on Windows partitions/drives encrypted by TrueCrypt and render the drive unbootable.[58] This is caused by the inappropriate design of FlexNet Publisher writing to the first drive track and overwriting whatever non-Windows bootloader exists there.

https://en.wikipedia.org/wiki/TrueCrypt

 

[knifenblood]

With that, maybe you could change the normal volume password and then you could log into your hidden volume with the password you set.

This fixed it. Thank you so much!

 

[John Connor]

Your welcome.