Skip to Content
California State University, Long BeachCalifornia State University, Long Beach

Virtual Volume Encryption

A PGP Virtual Disk is a reserved and secure place in your hard drive where you may store your sensitive files and other data. A PGP Virtual Disk is actually a .pdg file, (the size of which you choose) which may be mounted as a virtual drive volume - or as a folder on NTFS systems. When a PGP Virtual Disk is "mounted" it appears in My Computer and Windows Explorer as a drive, allowing you to store data and applications inside it. When a PGP Virtual Disk is "unmounted" it is no longer visible as a drive in Windows; it is inaccessible without your passphrase; and its contents are encrypted - keeping your data safe.

NOTES:

  • The size of a PGP Virtual Disk is limited to the space remaining on your hard drive and/or your computer's file system. Please visit Microsoft's website for detailed information about file size limitations.

  • PGP Virtual Disk may not be used to encrypt the contents of an entire drive.

  • Depending on your file system, you can make your PGP Virtual Disk a FAT disk, an NTFS disk, or a FAT32 disk (FAT32 is only an option if your PGP Virtual Disk will be 260 MB or larger).

  • PGP Virtual Disk may not be used for multi-user read/write access to a network share. Only the system where the disk was mounted will have write access. All other users of that PGP Virtual Disk will see the share as "Read-Only".

Create a PGP Virtual Disk to be Mounted as a Drive Letter

To create a PGP Virtual Disk to mount as a drive letter, do the following:

  1. Open PGP Desktop.

  2. Pull down the File menu and click New PGP Disk, or locate the PGP Disk control box in the lower left and click New Virtual Disk.

  3. Once the work area for the new PGP disk appears on the right, select a location to store your new disk. (this will default to C:\Documents and Settings\User Profile\My Documents\New PGP Disk.pgd)*

  4. If you wish to rename the New PGP Disk.pgd,* you may do so at any time, but this may be an ideal time to do so. You may also use the Browse button to save the .pdg file to a different location.

  5. Choose a size for your disk. Keep in mind that you cannot change the size of this particular disk in the future. NOTE: By clicking Advanced, you may specify the drive letter of your PGP Virtual Disk, the encryption algorithm to use, whether the disk will be FAT, NTFS, or FAT32, and whether the disk will mount as a folder (see Section 2 to mount as folder).

  6. If you would like to have your PGP Virtual Disk mount at the startup of your Windows session, check the option to Mount at Startup.  This is not recommended for security reasons.

  7. Select the authentication type as either a Passphrase or Public Key user.

  8. If you selected a Passphrase User, enter the passphrase, confirm the passphrase, and click Start. NOTE: Your security is only as strong as your passphrase—choose a strong passphrase. Remember that your passphrase is case-sensitive.

  9. If you selected Public Key User in step 7, select a public key from the list, and click Start.

  10. The disk will be mounted (viewable) in My Computer as the name and drive letter you specified. You may now copy/create data within the new virtual disk.

    view screenshot (VirtualVolumeParaphraseDriveLetter.JPG)

Create a PGP Virtual Disk to be Mounted as an NTFS Folder

To create a PGP Virtual Disk to mount as an NTFS folder, do the following:

  1. Open PGP Desktop.

  2. Pull down the File menu and click New PGP Disk, or locate the PGP Disk control box in the lower left and click New Virtual Disk.

  3. Once the work area for the new PGP Disk appears on the right, select a location to store your new disk. (this will default to C:\Documents and Settings\User Profile\My Documents\New PGP Disk.pgd) *

  4. If you wish to rename the New PGP Disk.pgd,* you may do so at any time, but this may be an ideal time to do so. You may also use the Browse button to save the .pgd file to a different location.

  5. Choose a size for your disk. Keep in mind that you cannot change the size of this particular disk in the future.

  6. Click Advanced.

  7. Select the radio button to mount: As a directory on an NTFS volume.

  8. Enter the location of an empty directory. The directory cannot contain any data at this point.

  9. Select an algorithm and file system format, and click OK.

  10. If you would like to have your PGP Disk mount at the startup of your Windows session, check the option to Mount at Startup.  This is not recommended for security reasons.

  11. Select the authentication type as either a Passphrase or Public Key user.

  12. If you selected a Passphrase User in step 11, enter the passphrase, confirm the passphrase, and click Start. NOTE: Your security is only as strong as your passphrase—choose a strong passphrase. Remember that your passphrase is case-sensitive.

  13. If you selected Public Key User in step 11, select a public key from the list, and click Start.

  14. The disk will be mounted and you will be able to add data to the directory at this point.

    view screenshot (VirtualVolumePubNTFS.jpg)

IMPORTANT NOTE: Do not add data to the directory when the disk is unmounted. Adding data to the folder while the disk is unmounted will cause this .pdg file to mount as a drive letter in the future and not as the folder. The reason for this is to prevent the system from overwriting any data you copied into the folder.

Mount a PGP Virtual Disk

Remember that when your PGP Virtual Disk is mounted, the files inside it are accessible to anyone who may access your computer. There are two ways to mount a PGP Virtual Disk:

Use PGP Desktop

  1. Open PGP Desktop.

  2. Locate the PGP Disk control box on the lower left. Click the PGP Disk you wish to mount.

  3. Pull down the Disk menu and click Mount.

    view screenshot

  4. Enter the passphrase and click OK.

    view screenshot

  5. Check the status of the disk. It will now display as mounted. You will need to open the folder or drive letter to edit the contents of the disk.

    view screenshot

Use the associated .pdg file

  1. Browse to the .pgd file you created.

  2. Double click the file and enter your passphrase. You may also right click on the file, point to PGP Disk, and click Mount PGP Disk.

    view screenshot (VirtualVolumeMount04.JPG)

NOTE: If your PGP virtual disk does not show up in the PGP Disk control box shelf, you may add it to the shelf by clicking and dragging the .pgd file onto the PGP Disk control box. It will then be added to the shelf.

Unmount a PGP Virtual Disk

When your PGP Virtual Disk is unmounted the files will be inaccessible to anyone who may access your computer. Remember to always unmount your PGP Virtual Disk when you are finished adding/removing Data. There are three ways to unmount a PGP Virtual Disk:

Use PGP Desktop

  1. Open PGP Desktop.

  2. Locate the PGP Disk control box on the lower left. Click the PGP Disk you wish to unmount.

  3. Pull down the Disk menu and click Unmount.

    view screenshot (VirtualVolumeUnmount01.JPG)

  4. Check the status of the disk in the PGP Disk work area. It will now show as unmounted.

    view screenshot (VirtualVolumeAddUser.JPG)

Use PGP Desktop System Tray Icon

  1. Click the PGP Desktop icon in the system tray by the clock. It will appear as a gray padlock.

  2. Click Unmount PGP Virtual Disks. This will unmount all mounted PGP Virtual Disks.

    view screenshot (VirtualVolumeUnmount04.JPG)

Use the associated .pdg file

  1. Browse to the .pdg file you created.

  2. Right click on the .pdg file, point to PGP Disk, and click Unmount PGP Disk. Do not double click the file as it will try to mount the PGP Virtual Disk again.

  3. The disk will now be unmounted and the drive will disappear from My Computer. If you have mounted the PGP Virtual Disk as an NTFS Folder, the folder contents will now be empty.

    view screenshot (VirtualVolumeMount04.JPG)

Add Users to a PGP Virtual Disk

To allow additional public key or passphrase users to mount a PGP Virtual Disk, do the following:

  1. Open PGP Desktop.

  2. Locate the PGP Disk control box on the lower left. Click the PGP Disk you wish to add a user to.

  3. In the work area to the right, click Create User.

  4. After the user creation assistant appears, select the type of user you wish to add. The two options are Public Key or Passphrase.

  5. If you selected Public Key as the user type, choose whether or not this will be a "read-only" user (can't edit the contents of the disk), and then click Next. Choose a public key from the list from the list provided, click Next, and then click Finish.

  6. If you selected Passphrase as the user type, choose whether or not this will be a "read-only" user, enter a username, and click Next. Enter and confirm a passphrase, click Next, and then click Finish. Enter the administrator's passphrase and click OK. NOTE: The administrator's passphrase is the passphrase of the administrative user displayed within the PGP Disk work area. This user will be identified by a star next to the username.

    view screenshot (VirtualVolumeAddUser.JPG)

*PGP Recommendations: Although the encrypted .pdg file associated with each volume is safe from unauthorized users, it can still be deleted by anyone who might potentially gain access to your computer. PGP recommends that you keep a backup copy of your encrypted pgd file.

Back to top