I think I may have found a bug in Truecrypt 6a. If anyone with a Truecrypt forum account is interested in this could you post it for me please ? I tried to make an account on the Truecrypt forum but it is such a nightmare to join I decide in the end to give up ! It is a shame that finding and writing the report for a bug is quicker than joining the Truecrypt forum to report it !! Anyway here is what I found. How to reproduce. If you create a volume of any size say, 1 MB with a hidden container. Serpent/Twofish/AES (Although this doesn’t seem relevant to the bug.) Whirlpool. (Although this doesn’t seem relevant to the bug.) First (outer volume) password is “x”. Second (hidden) password is “xx” but (and this is the important bit) with a keyfile or multiple keyfiles. You can open the hidden container as normal and everything works ok. Dismount and then choose “Backup Volume Header” Type your outer password when asked and then your hidden password including keyfile when asked. You should get an error message saying that you have supplied the incorrect password to the hidden volume. So it would seem to me that this is only an issue when using keyfiles with a hidden volume. Just to make it clear the hidden volume works ok when used normally, it is just that a user cannot backup the header. I would be interested if others have found the same, or this could just be me, !! Thanks.