Auto-decrypt on boot with password fallback.

Post Reply
Solf
Posts: 2
Joined: Mon Dec 18, 2023 10:32 pm

Auto-decrypt on boot with password fallback.

Post by Solf »

Hi,

I'm experimenting with DiskCryptor and trying to understand whether it's possible to set up things so that there's external bootloader (e.g. on USB) that automatically decrypts drives on boot -- however I also want to have a 'fallback' (e.g. password) option in case that USB drive is not available.

The usecase would be e.g. laptop -- while at home I'd prefer to have it auto-decrypt and while traveling it should require a password.

As far as I can tell, using keyfiles doesn't let me to fallback to a password -- because it seems keyfile content is being hashed or something, so seems impossible to enter keyfile contents manually.

There seems to be an <AutoPassword> option in the source code (DCAuthLoadConfig()), but when I tried to add it to DcsProp (on USB stick, and also AutoLogin=1) -- I get the 'incorrect password' message at startup and still have to enter the correct password manually.

So is there a way to setup it so that it uses some kind of 'password' if it's available (on USB or w/e) and otherwise falls back to asking the user for the password?

Thanks!

Solf
Posts: 2
Joined: Mon Dec 18, 2023 10:32 pm

Re: Auto-decrypt on boot with password fallback.

Post by Solf »

Turns out <AutoPassword> option works -- except there's a bug.

The bug is that only half of the value of <AutoPassword> gets used (probably has something to do with wide-string conversion in the source code).

The workaround is to enter your password twice into <AutoPassword> value.

So it would be something like this:
<config key="AutoLogin">1</config>
<config key="AutoPassword">[yourpassword][yourpassword]</config>

This works for me with UEFI bootloader. I don't know how to make this work with MBR.

Post Reply