I resumed my computer from standby and realized I had forgotten to dismount a container. I was able to access the files and everything. I thought Truecrypt auto-dismounted when the computer went into standby, no?
No, it does not. Hibernation, yes. Standby, no. For security worth its name, you wouldn't want to use TC and expect to use standby as usual anyway.
Fontaine, if this is an important issue for you, consider PGP Desktop. It has the option to automatically unmount an encrypted virtual disk when a PC goes to “sleep” (either Standby or Hibernate). Additionally, PGP can prevent the PC from “sleeping” if the disk cannot be unmounted, as a further security feature.
How does this feature works exactly? This doesn't sound much like a security feature: I cannot be confident that in x minutes my pc will go to standby and volumes will be unmounted, which is worse than knowing that my pc is going to sleep with volumes mounted. Forcing dismount sounds much more like a security feature to me.
Markoman, if a security application truly forces an unmount of an encrypted volume with open files, there is a serious risk of corrupting the filesystem. PGP does, however, have an option to forcefully unmount the volume, if the user wishes to adopt this tactic. For users who don’t wish to assume this risk of corruption, the PC will presumably timeout and enter a Lock state when the unmount cannot safely occur. Another tactic is to limit the duration of passphrase cache. When that period expires, the encrypted volume is inaccessible and therefore its contents are completely secure, whether or not the PC is “awake” or “sleeping.”
Why not? I think it's a good security feature to have an auto-dismount if one forgets to dismount before going into standby mode. Often I'll be using a mounted container for a few hours and happen to forget about it after having moved on to other things..then I put the PC to sleep only to find I forgot to dismount. Wouldn't it make sense to have that kind of safety guard in place?
Thanks for the suggestion. I have considered it. I may give it a test drive on a spare laptop to compare vs Truecrypt. I love TC, but am always looking for the 'best' product out there.