Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Hard drive Password app..?


20 Jan 2009   #1

Vista X64 ultimate/ 7 X64 Ultimate (7264)
 
 
Hard drive Password app..?

Hello all,

I'm after an app that can either encrypt my storage harddrives or password them with an extremely high security status.. If that make sense

What i want to be able to do is set my drives so i can lock them from access whenever i'm out or away from my machine, but because i'm extremely consistent in poping out for 10 mins or just leaving the machine whilst i do other things i'll need a way of locking it that doesn't take hours to lock and hours to unlock. I also want it to be locked so if someone was to reinstall the OS, remove the program that is being used or put the HDD in another pc it still won't be accessable.

Any ideas??

Thanks guys


Crap.. Wrong place Please move if needed...

My System SpecsSystem Spec
.

20 Jan 2009   #2

Windows 7 Ultimate x64
 
 

Quote   Quote: Originally Posted by sevsman View Post
Hello all,

I'm after an app that can either encrypt my storage harddrives or password them with an extremely high security status.. If that make sense

What i want to be able to do is set my drives so i can lock them from access whenever i'm out or away from my machine, but because i'm extremely consistent in poping out for 10 mins or just leaving the machine whilst i do other things i'll need a way of locking it that doesn't take hours to lock and hours to unlock. I also want it to be locked so if someone was to reinstall the OS, remove the program that is being used or put the HDD in another pc it still won't be accessable.

Any ideas??

Thanks guys


Crap.. Wrong place Please move if needed...
Use BitLocker - it's currently the best solution for you at the moment. Encrypt your drives and forget it. And from there, get used to the idea of a passworded login for your system, and whenever you leave you machine, use the <WINDOWS_KEYS>+<L> keyboard shortcut to lock you pc so no-one can getin without you there.

With Bitlocker, the data will not be accessible to anyone or anything if the drive is removed from the system used to perform the encryption and placed into another machine.

With Windows 7, it has also become possible to encrypt Flash Drives, and have the system ask for a password when the drive is used in a different machine. Although I haven't tried this one yet...
My System SpecsSystem Spec
20 Jan 2009   #3

Vista X64 ultimate/ 7 X64 Ultimate (7264)
 
 

Can this not be overcome by rebooting and choosing safe mode and remove the password, or by just circumventing the user password like detailed Here with the help of a cd that you can aslo download from there? Sorry for all the Q's but just recently there has been a few break-ins round here and i keep alot of personal stuff along with private papers, ducuments etc
My System SpecsSystem Spec
.


20 Jan 2009   #4

Windows 7 Ultimate x64
 
 

Quote   Quote: Originally Posted by sevsman View Post
Can this not be overcome by rebooting and choosing safe mode and remove the password, or by just circumventing the user password like detailed Here with the help of a cd that you can aslo download from there? Sorry for all the Q's but just recently there has been a few break-ins round here and i keep alot of personal stuff along with private papers, ducuments etc
That's just it. If you don't change the password using the proper techniques, you're pretty much lost. The links you provided are hacks that may reset login passwords, but in that case anything encrypted with BitLocker will remain so.

And I also neglected to mention that BitLocker can also be assisted using hardware based encryption with a TPM chip (Trusted Platform Module).

As far as I can tell, BitLocker cannot be safely bypassed.
My System SpecsSystem Spec
20 Jan 2009   #5

Vista X64 ultimate/ 7 X64 Ultimate (7264)
 
 

Ok..

I've just looked through it all and i think i've worked it all out. However i'll post once more so that you might be able to give yes or no answers that where either not addressed directly or in lamens terms in the Help And Support file

SO... If i use Bitlocker to encrypt my c: (7 Drive) D: (Storage) E: (Storage) F: (Storage) G: (Storage) L: (Vista Drive) It will lock or show as empty on the drives if someone was to either fiddle with bios settings, put my drives into another machine, hack my password or reinstall the OS?

Can i reinstall either my 7 or Vista and not have to worry about forgetting to turn bitlocker off first?

And if i use it on the partition that vista is installed to will i still be able to boot from that drive eventhough it was encrypted from within a different OS.
Likewise if i encrypted from the vista install would i still be able to use the 7 boot partition to load 7?

And as for the TPM do you know how i would find out if my mobo supports this and has the chip on it. (Just looked and it doesn't)

Sorry for all the Q's but i used a piece of software for this a long long time ago and when i reinstalled i forgot to unlock the bloody files because i didn't need to acess them all that often it just slipped my mind. (Bloody stupid i know ) needless to say they were lost. Even to recovery software.
My System SpecsSystem Spec
20 Jan 2009   #6

 

Quote   Quote: Originally Posted by sevsman View Post
Ok..

I've just looked through it all and i think i've worked it all out. However i'll post once more so that you might be able to give yes or no answers that where either not addressed directly or in lamens terms in the Help And Support file

SO... If i use Bitlocker to encrypt my c: (7 Drive) D: (Storage) E: (Storage) F: (Storage) G: (Storage) L: (Vista Drive) It will lock or show as empty on the drives if someone was to either fiddle with bios settings, put my drives into another machine, hack my password or reinstall the OS?
My guess is yes. From Windows BitLocker Drive Encryption Frequently Asked Questions

Quote:
Can I dual-boot Windows Vista and another operating system on a BitLocker-enabled computer?

Yes, it is possible to dual boot a BitLocker-enabled instance of Windows Vista Ultimate or Windows Vista Enterprise with another operating system. For additional information about how to create and configure a dual-boot system, see Cyril Voisin (aka Voy) on security : Building a dual boot system with Windows Vista BitLocker protection with TPM support.
The problem here, though, is that the link tells how to install *nix and then install Vista with a manually created dual partition setup for BitLocker. Since in this case we are talking about Windows 7 and Vista, I am betting that it would be a lot easier to do seeing as both should have interoperability in their BitLocker implementation.

Quote   Quote: Originally Posted by sevsman View Post
Can i reinstall either my 7 or Vista and not have to worry about forgetting to turn bitlocker off first?
That would probably be a negative....

Quote:
What system changes would cause the integrity check on my computer to fail?

The following types of system changes can cause an integrity check failure and prevent the TPM from releasing the BitLocker key to decrypt the protected volume:
  • Moving the BitLocker-protected drive into a new computer.
  • Installing a new motherboard with a new TPM.
  • Turning off, disabling, or clearing the TPM.
  • Changing the BIOS, master boot record (MBR), boot sector, boot manager, or other early boot components or boot configuration data.
This functionality is by design; BitLocker perceives unauthorized modification of any of the early boot components as a potential attack and will place the system into recovery mode. Authorized administrators can update boot components without entering recovery mode by disabling BitLocker beforehand.
Quote   Quote: Originally Posted by sevsman View Post
And if i use it on the partition that vista is installed to will i still be able to boot from that drive even though it was encrypted from within a different OS.
Likewise if i encrypted from the vista install would i still be able to use the 7 boot partition to load 7?
That one is iffy.

Quote:
Can I swap hard disks on the same computer if BitLocker is enabled?

Yes, you can swap multiple hard disks on the same computer if BitLocker is enabled, but only if the hard disks were BitLocker-enabled on the same computer.

Can I access my BitLocker-encrypted volume if I insert the hard disk into a different computer?

If the other computer is running Windows Vista Ultimate or Windows Vista Enterprise, the encrypted hard disk can be unlocked from the BitLocker Control Panel item on the alternate computer.
Note This is a quick and straightforward way to recover information from a broken computer that has a BitLocker-protected volume on the hard disk.
When you unlock the BitLocker-enabled hard disk on the alternate computer, the only authentication operation available will be recovery. The hard disk will appear in the BitLocker Control Panel item with an option to unlock the volume using the recovery password or recovery key.
Quote   Quote: Originally Posted by sevsman View Post
And as for the TPM do you know how i would find out if my mobo supports this and has the chip on it. (Just looked and it doesn't)
From Windows BitLocker Drive Encryption Frequently Asked Questions

Quote:
How can I tell whether my computer has a TPM version 1.2?

In the BitLocker control panel, click the Turn On BitLocker link. If you receive the following error message, then either your computer does not have a TPM version 1.2 or the BIOS is not compatible with BitLocker or with the TPM:
A TPM was not found. A TPM is required to turn on BitLocker. If your computer has a TPM, the contact the computer manufacturer for BitLocker-compatible BIOS.
If you receive this error message, contact the computer manufacturer to verify that the computer has a TPM version 1.2, or to get a BIOS update.
Some computers might have TPMs that do not appear in the Windows Vista TPM Microsoft Management Console snap-in (tpm.msc). If you think that your computer has a TPM version 1.2 and you receive this error, contact the computer manufacturer to get a BIOS update. In addition, some manufacturers provide a BIOS setting that hides the TPM by default, and other manufacturers do not make the TPM available unless it is enabled in the BIOS. If you believe that your TPM is hidden in the BIOS, consult the manufacturer's documentation for instructions that detail how to display or enable the TPM.

Can I use BitLocker on a computer without a TPM version 1.2?

Yes, you can enable BitLocker on a computer without a TPM version 1.2, provided that the BIOS has the ability to read from a USB flash drive in the boot environment. This is because BitLocker will not unlock the protected volume until BitLocker's own volume master key is first released by either the computer's TPM or by a USB flash drive containing the BitLocker startup key for that computer. However, computers without TPMs will not be able to use the system integrity verification that BitLocker can also provide.
To help determine whether a computer can read from a USB device during the boot process, use the BitLocker System Check as part of the BitLocker setup process. This system check performs tests to confirm that the computer can properly read from the USB devices at the appropriate time and that the computer meets other BitLocker requirements.
To enable BitLocker on a computer without a TPM, use Group Policy to enable the advanced BitLocker user interface. With the advanced options enabled, the non-TPM settings appear in the BitLocker setup wizard. For instructions about using Group Policy to enable the advanced user options, see Windows BitLocker Drive Encryption Step-by-Step Guide.

How do I obtain BIOS support for the TPM on my computer?

Contact the computer manufacturer directly to request a Trusted Computing Group (TCG)-compliant BIOS. Ask the following questions when requesting a BIOS:
  1. Does the computer have a Windows Vista-ready BIOS? Does it pass Windows Vista logo tests?
  2. Is the BIOS Trusted Computing Group (TCG)-compliant?
  3. Does the BIOS have a secure update mechanism to help prevent a malicious BIOS from being installed on the computer?
Quote   Quote: Originally Posted by sevsman View Post
Sorry for all the Q's but i used a piece of software for this a long long time ago and when i reinstalled i forgot to unlock the bloody files because i didn't need to acess them all that often it just slipped my mind. (Bloody stupid i know ) needless to say they were lost. Even to recovery software.
No worries. I'd do a little more research and even ask questions at either their newsgroups or in other places. You might could even send questions to bloggers, as they will usually figure out where the query needs to go.

Suffice it to say, though, that Windows 7 and Vista *should* be interoperable with regards to BitLocker. Other OSs may not - especially depending upon you TPM status and BIOS.
My System SpecsSystem Spec
23 Jan 2009   #7

Vista X64 ultimate/ 7 X64 Ultimate (7264)
 
 

Thanks for all the help guys.. It's all encrypting as i type this, will take a bit though as it's 5 HDDs. Bloody good piece of kit to use though, and i got around the whole dual boot problem by deleting vista and relying solely on 7. All is good so far... Touch wood.
My System SpecsSystem Spec
24 Jan 2010   #8

W7 64 BIT
 
 
BL Dual Boot

Can we continue this thread for those who prefer to keep the dual boot? I mean dual boot Vista and Windows 7. MSFT says its possible to encrypt both and BL for Vista is actually a bit different than BL for Windows 7. They suggest a fresh install with Vista first, enable BL, disable BL install Windows 7 enable BL. However what to do if one already has a dual boot set up that works fine? Thanks!
My System SpecsSystem Spec
22 Oct 2010   #9

Windows 7 Ultimate x64
 
 
you have a choice...

there are many solution... you can lock entire drive or create encrypted drive, or the most simple - you can just create a password protected secret storage on your external drive
My System SpecsSystem Spec
22 Oct 2010   #10

 

Windows doesn't offer anything more secure than 256Bit encryption. The best freeware alternative is truecrypt, which offers 384 and 512 bit encryption. If you're willing to pay $50.00 you can get 2048bit encryption here: File Encryption Software
Of course none of it is any good if you store the encryption key anywhere on the same machine as the files you're trying to protect

if you just want a basic password for your HDD, you can set one in BIOS which will make your system HDD unusable to anyone without the password.
My System SpecsSystem Spec
Reply

 Hard drive Password app..?




Thread Tools




Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 04:15 AM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33