Hi there, I was reading this old article, and was sufficiently interested in the discussion to contribute my findings on this very topic as I too was looking at the differences of VeraCrpt to Cryptomator recently.
Steps to replicate my experience…
Ensure you have at least 2 users configured on your windows (win 10 in my case) machine, say you and ‘Test User’.
- Logged on as yourself, create a test Veracrypt vault, put 1 file in it.
- Save and close the vault.
- Now, while still logged in as yourself, mount your test Veracrypt vault as you would normally, assign it drive ‘T:’, giving you access to your single test file (E.G t:\testFile.txt)…ok so far?
- Now, from your windows start menu, ‘Switch User’, log in as your other Windows Account (E.G ‘Test User’).
- Now while logged in as Test User, open windows explorer, do you see a ‘T:’ drive? Can you open and read T:\Testfile.txt that was created by your main user account?
In my case, I could indeed see T: drive as ‘Test User’ and could read the file…
From my perspective, this is a security issue of some magnitude, as it allows another account with access to your machine to see the drives you have open from another account on the same machine.
I performed the similar action with Cryptomator (open the vault, ensuring the drive is assigned), and after switching user to the other account, my cryptomator drive was not visible to other users.
Would be interested, should you replicate these steps, if your experience is similar.