TrueCrypt is an excellent encryption tool, a very good choice for anyone who wants to protect their most confidential files. If you use its ability to save your documents in hidden containers, though, it’s worth keeping in mind that these aren’t quite as secret as you might think: TCHunt, a free Windows tool, can identify (though not decrypt) them in just a few seconds.
The program comes in the form of a compact (244KB) executable, with no extras and no installation required; you can just download and run it.
You will need to launch the program from the command line unfortunately, but there’s no great complexity to it. The simplest way to start is to point TCHunt at the drive you need, like this.
tchunt -d c:\
The program then scans your hard drive, reporting any issues it encounters (files it couldn’t access, say), and highlighting likely TrueCrypt volumes as "suspect_files".
Once you understand what TCHunt is doing, using this command will simplify the process.
tchunt -d c:\ 2>nul
The extra details will be removed and you’ll see only the list of suspect files (if there are any).
And as usual with command line tools, running tchunt on its own displays more information about the command line switches available.
Please note, the developer says that TCHunt can produce false positives. In our tests this didn’t happen once, but it can’t be ruled out, so take its results as a general indicator only. If the program highlights something you’ll need to investigate the file further yourself.
Photo credit: megainarmy/Shutterstock