16 files changed, 67 insertions, 35 deletions
diff --git a/src/Common/BootEncryption.cpp b/src/Common/BootEncryption.cpp
index 0fec2878..e57a434e 100644
--- a/src/Common/BootEncryption.cpp
+++ b/src/Common/BootEncryption.cpp
@@ -2060,7 +2060,7 @@ namespace VeraCrypt
        }
-        int BootEncryption::ChangePassword (Password *oldPassword, Password *newPassword, int pkcs5)
+        int BootEncryption::ChangePassword (Password *oldPassword, Password *newPassword, int pkcs5, int wipePassCount)
        {
                BootEncryptionStatus encStatus = GetStatus();
@@ -2125,7 +2125,7 @@ namespace VeraCrypt
                UserEnrichRandomPool (ParentWindow);
                WaitCursor();
-                /* The header will be re-encrypted PRAND_DISK_WIPE_PASSES times to prevent adversaries from using 
+                /* The header will be re-encrypted wipePassCount times to prevent adversaries from using 
                techniques such as magnetic force microscopy or magnetic force scanning tunnelling microscopy
                to recover the overwritten header. According to Peter Gutmann, data should be overwritten 22
                times (ideally, 35 times) using non-random patterns and pseudorandom data. However, as users might
@@ -2145,7 +2145,7 @@ namespace VeraCrypt
                        BOOL backupHeader = FALSE;
                        while (TRUE)
                        {
-                                for (int wipePass = 0; wipePass < PRAND_DISK_WIPE_PASSES; wipePass++)
+                                for (int wipePass = 0; wipePass < wipePassCount; wipePass++)
                                {
                                        PCRYPTO_INFO tmpCryptoInfo = NULL;
@@ -2164,7 +2164,7 @@ namespace VeraCrypt
                                                cryptoInfo->RequiredProgramVersion,
                                                cryptoInfo->HeaderFlags | TC_HEADER_FLAG_ENCRYPTED_SYSTEM,
                                                cryptoInfo->SectorSize,
-                                                wipePass < PRAND_DISK_WIPE_PASSES - 1);
+                                                wipePass < wipePassCount - 1);
                                        if (tmpCryptoInfo)
                                                crypto_close (tmpCryptoInfo);
diff --git a/src/Common/BootEncryption.h b/src/Common/BootEncryption.h
index 88830988..a52f286b 100644
--- a/src/Common/BootEncryption.h
+++ b/src/Common/BootEncryption.h
@@ -141,7 +141,7 @@ namespace VeraCrypt
                void AbortSetup ();
                void AbortSetupWait ();
                void CallDriver (DWORD ioctl, void *input = nullptr, DWORD inputSize = 0, void *output = nullptr, DWORD outputSize = 0);
-                int ChangePassword (Password *oldPassword, Password *newPassword, int pkcs5);
+                int ChangePassword (Password *oldPassword, Password *newPassword, int pkcs5, int wipePassCount);
                void CheckDecoyOSWipeResult ();
                void CheckEncryptionSetupResult ();
                void CheckRequirements ();
diff --git a/src/Common/Dlgcode.c b/src/Common/Dlgcode.c
index 092c8c6f..a7c5e788 100644
--- a/src/Common/Dlgcode.c
+++ b/src/Common/Dlgcode.c
@@ -1565,7 +1565,7 @@ SelectAlgo (HWND hComboBox, int *algo_id)
 }
-void PopulateWipeModeCombo (HWND hComboBox, BOOL bNA, BOOL bInPlaceEncryption)
+void PopulateWipeModeCombo (HWND hComboBox, BOOL bNA, BOOL bInPlaceEncryption, BOOL bHeaderWipe)
 {
        if (bNA)
        {
@@ -1573,14 +1573,20 @@ void PopulateWipeModeCombo (HWND hComboBox, BOOL bNA, BOOL bInPlaceEncryption)
        }
        else
        {
-                if (bInPlaceEncryption)
+                if (!bHeaderWipe)
-                        AddComboPairW (hComboBox, GetString ("WIPE_MODE_NONE"), TC_WIPE_NONE);
+                {
-                else
+                        if (bInPlaceEncryption)
-                        AddComboPairW (hComboBox, GetString ("WIPE_MODE_1_RAND"), TC_WIPE_1_RAND);
+                                AddComboPairW (hComboBox, GetString ("WIPE_MODE_NONE"), TC_WIPE_NONE);
+                        else
+                                AddComboPairW (hComboBox, GetString ("WIPE_MODE_1_RAND"), TC_WIPE_1_RAND);
+                }
                AddComboPairW (hComboBox, GetString ("WIPE_MODE_3_DOD_5220"), TC_WIPE_3_DOD_5220);
                AddComboPairW (hComboBox, GetString ("WIPE_MODE_7_DOD_5220"), TC_WIPE_7_DOD_5220);
                AddComboPairW (hComboBox, GetString ("WIPE_MODE_35_GUTMANN"), TC_WIPE_35_GUTMANN);
+                if (bHeaderWipe)
+                        AddComboPairW (hComboBox, GetString ("WIPE_MODE_256"), TC_WIPE_256); // paranoid wipe for volume header
        }
 }
@@ -1603,6 +1609,9 @@ wchar_t *GetWipeModeName (WipeAlgorithmId modeId)
        case TC_WIPE_35_GUTMANN:
                return GetString ("WIPE_MODE_35_GUTMANN");
+        case TC_WIPE_256:
+                return GetString ("WIPE_MODE_256");
        default:
                return GetString ("NOT_APPLICABLE_OR_NOT_AVAILABLE");
        }
diff --git a/src/Common/Dlgcode.h b/src/Common/Dlgcode.h
index 11686f89..7faf6bc0 100644
--- a/src/Common/Dlgcode.h
+++ b/src/Common/Dlgcode.h
@@ -259,7 +259,7 @@ void HandCursor ();
 void AddComboPair (HWND hComboBox, const char *lpszItem, int value);
 void AddComboPairW (HWND hComboBox, const wchar_t *lpszItem, int value);
 void SelectAlgo ( HWND hComboBox , int *nCipher );
-void PopulateWipeModeCombo (HWND hComboBox, BOOL bNA, BOOL bInPlaceEncryption);
+void PopulateWipeModeCombo (HWND hComboBox, BOOL bNA, BOOL bInPlaceEncryption, BOOL bHeaderWipe);
 wchar_t *GetWipeModeName (WipeAlgorithmId modeId);
 wchar_t *GetPathType (const char *path, BOOL bUpperCase, BOOL *bIsPartition);
 LRESULT CALLBACK CustomDlgProc ( HWND hwnd , UINT uMsg , WPARAM wParam , LPARAM lParam );
diff --git a/src/Common/Password.c b/src/Common/Password.c
index ca86f9c4..c23bd4fa 100644
--- a/src/Common/Password.c
+++ b/src/Common/Password.c
@@ -119,7 +119,7 @@ BOOL CheckPasswordLength (HWND hwndDlg, HWND hwndItem)
        return TRUE;
 }
-int ChangePwd (const char *lpszVolume, Password *oldPassword, Password *newPassword, int pkcs5, HWND hwndDlg)
+int ChangePwd (const char *lpszVolume, Password *oldPassword, Password *newPassword, int pkcs5, int wipePassCount, HWND hwndDlg)
 {
        int nDosLinkCreated = 1, nStatus = ERR_OS_ERROR;
        char szDiskFile[TC_MAX_PATH], szCFDevice[TC_MAX_PATH];
@@ -323,7 +323,7 @@ int ChangePwd (const char *lpszVolume, Password *oldPassword, Password *newPassw
        while (TRUE)
        {
-                /* The header will be re-encrypted PRAND_DISK_WIPE_PASSES times to prevent adversaries from using 
+                /* The header will be re-encrypted wipePassCount times to prevent adversaries from using 
                techniques such as magnetic force microscopy or magnetic force scanning tunnelling microscopy
                to recover the overwritten header. According to Peter Gutmann, data should be overwritten 22
                times (ideally, 35 times) using non-random patterns and pseudorandom data. However, as users might
@@ -335,7 +335,7 @@ int ChangePwd (const char *lpszVolume, Password *oldPassword, Password *newPassw
                of the header to differ substantially and in a random manner from the versions written during the
                other passes. */
-                for (wipePass = 0; wipePass < PRAND_DISK_WIPE_PASSES; wipePass++)
+                for (wipePass = 0; wipePass < wipePassCount; wipePass++)
                {
                        // Prepare new volume header
                        nStatus = CreateVolumeHeaderInMemory (FALSE,
@@ -353,7 +353,7 @@ int ChangePwd (const char *lpszVolume, Password *oldPassword, Password *newPassw
                                cryptoInfo->RequiredProgramVersion,
                                cryptoInfo->HeaderFlags,
                                cryptoInfo->SectorSize,
-                                wipePass < PRAND_DISK_WIPE_PASSES - 1);
+                                wipePass < wipePassCount - 1);
                        if (ci != NULL)
                                crypto_close (ci);
diff --git a/src/Common/Password.h b/src/Common/Password.h
index d4f1f928..887c6160 100644
--- a/src/Common/Password.h
+++ b/src/Common/Password.h
@@ -35,7 +35,7 @@ typedef struct
 void VerifyPasswordAndUpdate ( HWND hwndDlg , HWND hButton , HWND hPassword , HWND hVerify , unsigned char *szPassword , char *szVerify, BOOL keyFilesEnabled );
 BOOL CheckPasswordLength (HWND hwndDlg, HWND hwndItem);         
 BOOL CheckPasswordCharEncoding (HWND hPassword, Password *ptrPw);                       
-int ChangePwd (const char *lpszVolume, Password *oldPassword, Password *newPassword, int pkcs5, HWND hwndDlg);
+int ChangePwd (const char *lpszVolume, Password *oldPassword, Password *newPassword, int pkcs5, int wipePassCount, HWND hwndDlg);
 #endif  // defined(_WIN32) && !defined(TC_WINDOWS_DRIVER)
diff --git a/src/Common/Wipe.c b/src/Common/Wipe.c
index 265ac217..f06862e2 100644
--- a/src/Common/Wipe.c
+++ b/src/Common/Wipe.c
@@ -155,6 +155,9 @@ int GetWipePassCount (WipeAlgorithmId algorithm)
        case TC_WIPE_35_GUTMANN:
                return 35;
+        case TC_WIPE_256:
+                return 256;
        default:
                TC_THROW_FATAL_EXCEPTION;
        }
@@ -168,6 +171,7 @@ BOOL WipeBuffer (WipeAlgorithmId algorithm, byte randChars[TC_WIPE_RAND_CHAR_COU
        switch (algorithm)
        {
        case TC_WIPE_1_RAND:
+        case TC_WIPE_256:
                return Wipe1PseudoRandom (pass, buffer, size);
        case TC_WIPE_3_DOD_5220:
diff --git a/src/Common/Wipe.h b/src/Common/Wipe.h
index dd331c9d..a30a9139 100644
--- a/src/Common/Wipe.h
+++ b/src/Common/Wipe.h
@@ -24,7 +24,8 @@ typedef enum
        TC_WIPE_1_RAND = 100,
        TC_WIPE_3_DOD_5220 = 300,
        TC_WIPE_7_DOD_5220 = 700,
-        TC_WIPE_35_GUTMANN = 3500
+        TC_WIPE_35_GUTMANN = 3500,
+        TC_WIPE_256 = 25600
 } WipeAlgorithmId;
diff --git a/src/Format/Tcformat.c b/src/Format/Tcformat.c
index d0b247fa..3fd9ea31 100644
--- a/src/Format/Tcformat.c
+++ b/src/Format/Tcformat.c
@@ -4102,7 +4102,8 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
                                PopulateWipeModeCombo (GetDlgItem (hwndDlg, IDC_WIPE_MODE), 
                                        SystemEncryptionStatus == SYSENC_STATUS_DECRYPTING && !bInPlaceEncNonSys,
-                                        TRUE);
+                                        TRUE,
+                                        FALSE);
                                SelectAlgo (GetDlgItem (hwndDlg, IDC_WIPE_MODE), (int *) &nWipeMode);
@@ -4212,13 +4213,13 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
                                        nWipeMode = TC_WIPE_NONE;
                                        EnableWindow (GetDlgItem (hwndDlg, IDC_WIPE_MODE), FALSE);
                                        EnableWindow (GetDlgItem (hwndDlg, IDT_WIPE_MODE), FALSE);
-                                        PopulateWipeModeCombo (GetDlgItem (hwndDlg, IDC_WIPE_MODE), TRUE, TRUE);
+                                        PopulateWipeModeCombo (GetDlgItem (hwndDlg, IDC_WIPE_MODE), TRUE, TRUE, FALSE);
                                        SelectAlgo (GetDlgItem (hwndDlg, IDC_WIPE_MODE), (int *) &nWipeMode);
                                }
                                else
                                {
                                        EnableWindow (GetDlgItem (hwndDlg, IDC_WIPE_MODE), !bSystemEncryptionInProgress);
-                                        PopulateWipeModeCombo (GetDlgItem (hwndDlg, IDC_WIPE_MODE), FALSE, TRUE);
+                                        PopulateWipeModeCombo (GetDlgItem (hwndDlg, IDC_WIPE_MODE), FALSE, TRUE, FALSE);
                                        SelectAlgo (GetDlgItem (hwndDlg, IDC_WIPE_MODE), (int *) &nWipeMode);
                                }
@@ -4283,7 +4284,7 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
                        ShowWindow (GetDlgItem (hwndDlg, IDC_MORE_INFO_SYS_ENCRYPTION), SW_HIDE);
                        EnableWindow (GetDlgItem (hwndDlg, IDC_WIPE_MODE), TRUE);
-                        PopulateWipeModeCombo (GetDlgItem (hwndDlg, IDC_WIPE_MODE), FALSE, TRUE);
+                        PopulateWipeModeCombo (GetDlgItem (hwndDlg, IDC_WIPE_MODE), FALSE, TRUE, FALSE);
                        SelectAlgo (GetDlgItem (hwndDlg, IDC_WIPE_MODE), (int *) &nWipeMode);
                        break;
@@ -4584,7 +4585,7 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
                        SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("WIPE_MODE_TITLE"));
                        SetWindowTextW (GetDlgItem (hwndDlg, IDT_WIPE_MODE_INFO), GetString ("WIPE_MODE_INFO"));
-                        PopulateWipeModeCombo (GetDlgItem (hwndDlg, IDC_WIPE_MODE), FALSE, FALSE);
+                        PopulateWipeModeCombo (GetDlgItem (hwndDlg, IDC_WIPE_MODE), FALSE, FALSE, FALSE);
                        SelectAlgo (GetDlgItem (hwndDlg, IDC_WIPE_MODE), (int *) &nWipeMode);
diff --git a/src/Mount/MainCom.cpp b/src/Mount/MainCom.cpp
index 537a187f..829cd21f 100644
--- a/src/Mount/MainCom.cpp
+++ b/src/Mount/MainCom.cpp
@@ -100,13 +100,13 @@ public:
                return BaseCom::CallDriver (ioctl, input, output);
        }
-        virtual int STDMETHODCALLTYPE ChangePassword (BSTR volumePath, Password *oldPassword, Password *newPassword, int pkcs5, LONG_PTR hWnd)
+        virtual int STDMETHODCALLTYPE ChangePassword (BSTR volumePath, Password *oldPassword, Password *newPassword, int pkcs5, int wipePassCount, LONG_PTR hWnd)
        {
                USES_CONVERSION;
                CW2A volumePathA(volumePath);
                MainDlg = (HWND) hWnd;
                if (volumePathA.m_psz)
-                        return ::ChangePwd (volumePathA.m_psz, oldPassword, newPassword, pkcs5, (HWND) hWnd);
+                        return ::ChangePwd (volumePathA.m_psz, oldPassword, newPassword, pkcs5, wipePassCount,(HWND) hWnd);
                else
                        return ERR_OUTOFMEMORY;
        }
@@ -261,7 +261,7 @@ extern "C" int UacRestoreVolumeHeader (HWND hwndDlg, char *lpszVolume)
 }
-extern "C" int UacChangePwd (char *lpszVolume, Password *oldPassword, Password *newPassword, int pkcs5, HWND hwndDlg)
+extern "C" int UacChangePwd (char *lpszVolume, Password *oldPassword, Password *newPassword, int pkcs5, int wipePassCount, HWND hwndDlg)
 {
        CComPtr<ITrueCryptMainCom> tc;
        int r;
@@ -269,7 +269,7 @@ extern "C" int UacChangePwd (char *lpszVolume, Password *oldPassword, Password *
        if (ComGetInstance (hwndDlg, &tc))
        {
                WaitCursor ();
-                r = tc->ChangePassword (CComBSTR (lpszVolume), oldPassword, newPassword, pkcs5, (LONG_PTR) hwndDlg);
+                r = tc->ChangePassword (CComBSTR (lpszVolume), oldPassword, newPassword, pkcs5, wipePassCount, (LONG_PTR) hwndDlg);
                NormalCursor ();
        }
        else
diff --git a/src/Mount/MainCom.h b/src/Mount/MainCom.h
index 44d9db45..a22eb345 100644
--- a/src/Mount/MainCom.h
+++ b/src/Mount/MainCom.h
@@ -23,7 +23,7 @@ BOOL ComServerMain ();
 void UacAnalyzeKernelMiniDump (HWND hwndDlg);
 int UacBackupVolumeHeader (HWND hwndDlg, BOOL bRequireConfirmation, char *lpszVolume);
 int UacRestoreVolumeHeader (HWND hwndDlg, char *lpszVolume);
-int UacChangePwd (char *lpszVolume, Password *oldPassword, Password *newPassword, int pkcs5, HWND hwndDlg);
+int UacChangePwd (char *lpszVolume, Password *oldPassword, Password *newPassword, int pkcs5, int wipePassCount, HWND hwndDlg);
 #ifdef __cplusplus
 }
diff --git a/src/Mount/MainCom.idl b/src/Mount/MainCom.idl
index 8999d4ec..8550fe8f 100644
--- a/src/Mount/MainCom.idl
+++ b/src/Mount/MainCom.idl
@@ -27,7 +27,7 @@ library TrueCryptMainCom
                void AnalyzeKernelMiniDump (LONG_PTR hwndDlg);
                int BackupVolumeHeader (LONG_PTR hwndDlg, BOOL bRequireConfirmation, BSTR lpszVolume);
                DWORD CallDriver (DWORD ioctl, BSTR input, BSTR *output);
-                int ChangePassword (BSTR volumePath, Password *oldPassword, Password *newPassword, int pkcs5, LONG_PTR hWnd);
+                int ChangePassword (BSTR volumePath, Password *oldPassword, Password *newPassword, int pkcs5, int wipePassCount, LONG_PTR hWnd);
                DWORD CopyFile (BSTR sourceFile, BSTR destinationFile);
                DWORD DeleteFile (BSTR file);
                BOOL IsPagingFileActive (BOOL checkNonWindowsPartitionsOnly);
diff --git a/src/Mount/Mount.c b/src/Mount/Mount.c
index 380cd04a..6b11c178 100644
--- a/src/Mount/Mount.c
+++ b/src/Mount/Mount.c
@@ -1396,6 +1396,7 @@ BOOL CALLBACK PasswordChangeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPAR
                        LPARAM nIndex;
                        HWND hComboBox = GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID);
                        int i;
+                        WipeAlgorithmId headerWipeMode = TC_WIPE_3_DOD_5220;
                        ZeroMemory (&newKeyFilesParam, sizeof (newKeyFilesParam));
@@ -1427,6 +1428,9 @@ BOOL CALLBACK PasswordChangeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPAR
                        SendMessage (hComboBox, CB_SETCURSEL, 0, 0);
+                        PopulateWipeModeCombo (GetDlgItem (hwndDlg, IDC_WIPE_MODE), FALSE, FALSE, TRUE);
+                        SelectAlgo (GetDlgItem (hwndDlg, IDC_WIPE_MODE), (int *) &headerWipeMode);
                        switch (pwdChangeDlgMode)
                        {
                        case PCDM_CHANGE_PKCS5_PRF:
@@ -1751,6 +1755,11 @@ BOOL CALLBACK PasswordChangeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPAR
                        HWND hParent = GetParent (hwndDlg);
                        Password oldPassword;
                        Password newPassword;
+                        WipeAlgorithmId headerWiperMode = (WipeAlgorithmId) SendMessage (
+                                GetDlgItem (hwndDlg, IDC_WIPE_MODE), 
+                                CB_GETITEMDATA, 
+                                SendMessage (GetDlgItem (hwndDlg, IDC_WIPE_MODE), CB_GETCURSEL, 0, 0), 
+                                0);
                        int nStatus;
                        int pkcs5 = SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETITEMDATA, 
                                        SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETCURSEL, 0, 0), 0);
@@ -1813,7 +1822,7 @@ BOOL CALLBACK PasswordChangeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPAR
                                try
                                {
-                                        nStatus = BootEncObj->ChangePassword (&oldPassword, &newPassword, pkcs5);
+                                        nStatus = BootEncObj->ChangePassword (&oldPassword, &newPassword, pkcs5, GetWipePassCount(headerWiperMode));
                                }
                                catch (Exception &e)
                                {
@@ -1825,14 +1834,14 @@ BOOL CALLBACK PasswordChangeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPAR
                        {
                                // Non-system
-                                nStatus = ChangePwd (szFileName, &oldPassword, &newPassword, pkcs5, hwndDlg);
+                                nStatus = ChangePwd (szFileName, &oldPassword, &newPassword, pkcs5, GetWipePassCount(headerWiperMode), hwndDlg);
                                if (nStatus == ERR_OS_ERROR
                                        && GetLastError () == ERROR_ACCESS_DENIED
                                        && IsUacSupported ()
                                        && IsVolumeDeviceHosted (szFileName))
                                {
-                                        nStatus = UacChangePwd (szFileName, &oldPassword, &newPassword, pkcs5, hwndDlg);
+                                        nStatus = UacChangePwd (szFileName, &oldPassword, &newPassword, pkcs5, GetWipePassCount(headerWiperMode), hwndDlg);
                                }
                        }
diff --git a/src/Mount/Mount.rc b/src/Mount/Mount.rc
index 05dc0f23..fcae0c36 100644
--- a/src/Mount/Mount.rc
+++ b/src/Mount/Mount.rc
@@ -101,7 +101,7 @@ BEGIN
    CONTROL         "",IDC_VOLUME_PROPERTIES_LIST,"SysListView32",LVS_REPORT | LVS_ALIGNLEFT | LVS_NOSORTHEADER | WS_BORDER | WS_TABSTOP,7,6,269,154
 END
-IDD_PASSWORDCHANGE_DLG DIALOGEX 0, 0, 316, 162
+IDD_PASSWORDCHANGE_DLG DIALOGEX 0, 0, 316, 183
 STYLE DS_SETFONT | DS_MODALFRAME | DS_3DLOOK | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU
 CAPTION "Change Password or Keyfiles"
 CLASS "CustomDlg"
@@ -124,7 +124,9 @@ BEGIN
    RTEXT           "Confirm Password:",IDT_CONFIRM_PASSWORD,9,93,75,16
    RTEXT           "PKCS-5 PRF:",IDT_PKCS5_PRF,9,137,74,10,SS_CENTERIMAGE
    GROUPBOX        "Current",IDT_CURRENT,6,3,238,58
-    GROUPBOX        "New",IDT_NEW,6,63,238,93
+    GROUPBOX        "New",IDT_NEW,6,63,238,113
+    COMBOBOX        IDC_WIPE_MODE,89,155,125,90,CBS_DROPDOWNLIST | WS_TABSTOP
+    RTEXT           "Wipe mode:",IDT_WIPE_MODE,9,157,74,8,0,WS_EX_RIGHT
 END
 IDD_MOUNT_DLG DIALOGEX 0, 0, 375, 271
@@ -351,7 +353,7 @@ BEGIN
        LEFTMARGIN, 7
        RIGHTMARGIN, 309
        TOPMARGIN, 7
-        BOTTOMMARGIN, 155
+        BOTTOMMARGIN, 176
    END
    IDD_MOUNT_DLG, DIALOG
@@ -593,7 +595,7 @@ BEGIN
        MENUITEM "Beginner's Tutorial",         IDM_ONLINE_TUTORIAL
        MENUITEM "Frequently Asked Questions",  IDM_FAQ
        MENUITEM SEPARATOR
-        MENUITEM "VeraCrypt Website",                           IDM_WEBSITE
+        MENUITEM "VeraCrypt Website",           IDM_WEBSITE
        MENUITEM "Downloads",                   IDM_TC_DOWNLOADS
        MENUITEM "News",                        IDM_NEWS
        MENUITEM "Version History",             IDM_VERSION_HISTORY
diff --git a/src/Mount/Mount.vcproj b/src/Mount/Mount.vcproj
index f2c3f63f..cb0be04e 100644
--- a/src/Mount/Mount.vcproj
+++ b/src/Mount/Mount.vcproj
@@ -374,6 +374,10 @@
                                        >
                                </File>
                                <File
+                                        RelativePath="..\Common\Wipe.c"
+                                        >
+                                </File>
+                                <File
                                        RelativePath="..\Common\Wipe.h"
                                        >
                                </File>
diff --git a/src/Mount/Resource.h b/src/Mount/Resource.h
index c410d36b..7ed08e06 100644
--- a/src/Mount/Resource.h
+++ b/src/Mount/Resource.h
@@ -106,11 +106,13 @@
 #define IDC_SHOW_PASSWORD_CHPWD_ORI     1083
 #define IDC_HK_DISMOUNT_PLAY_SOUND      1084
 #define IDC_HOTKEY_ASSIGN               1085
+#define IDC_WIPE_MODE                   1085
 #define IDC_HOTKEY_REMOVE               1086
 #define IDC_HOTKEY_KEY                  1087
 #define IDT_HOTKEY_KEY                  1088
 #define IDC_HOTKEY_LIST                 1089
 #define IDC_RESET_HOTKEYS               1090
+#define IDT_WIPE_MODE                   1090
 #define IDT_DISMOUNT_ACTION             1091
 #define IDT_ASSIGN_HOTKEY               1092
 #define IDC_HK_MOD_SHIFT                1093