A BitLocker *compatible* disk encryption app was on GOTD -- I thought it might be useful to talk about this stuff a little bit… like why disk encryption to start with.
There are external drives & USB sticks that feature hardware encryption, and the idea itself is not bad – because the encryption is done by hardware, in theory anyway, stuff on the drive is protected without any pain or inconvenience cost to you. Problem is it’s common for that hardware [& the software that runs on it] to have sometimes glaring vulnerabilities, so make sure you research first before spending anything extra on one of these drives.
OK, so what about the system drive?... Encryption is cool when you have stuff to protect, and since something like a cell phone is likely to have all sorts of contact & account info stored, encrypting its file storage helps protect that stuff if someone else gets their hands on your phone. But PCs & laptops etc. are quite different than cell phones, with loads & loads of storage options, plus you have to opt in if you want the OS, or software like a web browser, to store your private data like account passwords. In fact, it’s quite possible that there’s nothing on a Windows or Linux system drive worth protecting – it’s not as if the OS files aren’t readily available from plenty of sources. And if there is stuff you want to protect, e.g. passwords, there are plenty of software options to store those securely.
When it comes to Windows, Microsoft provides BitLocker disk encryption mainly for it’s corporate customers, with IT departments trying to manage laptops & such that’s handed out to idiots who could care less about the laptop itself, let alone any company secrets they may have stored there. Laws & regulations may mandate disk encryption, because everyone, including the gov, knows that idiots exist, and those legal requirements may often be the real reason disk encryption is used, e.g. when you have corp. IT depts. that leave their networks so vulnerable that all their secrets have already been stolen. The big reason that BitLocker is popular in these scenarios is that it’s designed to have a backdoor, so the IT dept. can unlock a laptop & ready it for another employee, or see what the current employee was/is up to.
In contrast VeraCrypt has no back doors – if you lose the password &/or key, unless you used a really simple password, you simply are never going to see whatever is in that encrypted storage again, ever. VeraCrypt has a lot of options when it comes to how & why you might use it. If you use VeraCrypt, or any sort of whole disk encryption, that can protect you from someone(s) that might get their hands on your laptop or PC so that they can copy malware to your hard drive, e.g. to spy on you. That sort of thing is said to be unfortunately common if you carry a laptop from one country to another, though border officials might infect the BIOS instead.
Otherwise you might encrypt the entire hard drive if there was something that couldn’t be easily encrypted & stored separately, on its own, or if you want to make sure someone who steals your laptop has as hard a time as possible. Or you might use VeraCrypt to encrypt the entire disk, so that you can have a 2nd hidden encrypted disk. If all you have is a relative few files you want to protect on your PC’s hard drive, & your PC stays put at your desk, it may not be worth the hassle, because like any other sort of security, it costs in efficiency & convenience.
You can use VeraCrypt to encrypt regular hard drives, &/or create encrypted VHDs [Virtual Hard Disks], or to encrypt VHDs you create with Windows or some other software, e.g. VirtualBox. A VHD is a single file that can be copied & stored just about anywhere, so having whatever you want to protect in an encrypted VHD is lots more flexible than encrypting the entire hard drive, though you can do both. Many [most?] places have laws that if law enforcement or a gov agency tells you to give them access to encrypted files or disks, you have to obey. And some might use more extreme methods of encouragement than simply threatening jail time. VeraCrypt has a feature just for that – you can create a 2nd, hidden drive within the 1st or outer encrypted disk. Giving someone the password for the outer encrypted disk can then be more or less harmless, at least in theory – it is possible that some gov agency like the NSA has some publicly unknown way to tell that 2nd encrypted VHD exists, because after all, they can throw billions of dollars at this sort of thing.
VeraCrypt has one other advantage – it can be used portably. If someone(s) sees VeraCrypt’s installed, it makes sense to look for encrypted drives. The best way IMHO to make sure that something’s never found, is to not leave it anywhere that it can be found. There are lots of places, online or in the real world, where you can store an encrypted VHD, rather than having it on your PC’s or laptop’s hard drive. And you can always download VeraCrypt, run it portably, then remove the traces that you ran it.