Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Is EFS secure?

01 Nov 2009   #1

Windows 7 Professional
 
 
Is EFS secure?

Since the encryption certificate is stored on the computer, all you have to do is connect the hard drive to another computer to get access to the certificate and decrypt all of the files. Not true?


My System SpecsSystem Spec
.

01 Nov 2009   #2

Windows 7 x64 Ultimate SP1
 
 

Not true.
My System SpecsSystem Spec
01 Nov 2009   #3

Windows 7 Professional
 
 

Why not? Any administrator can delete a normal user's password and gain entry.
My System SpecsSystem Spec
.


01 Nov 2009   #4

XP, Seven, 2008R2
 
 

Quote   Quote: Originally Posted by Cluent View Post
Why not? Any administrator can delete a normal user's password and gain entry.
The encryption is based on the user's password, so if you reset a user's password he will not be able to decrypt his or her data.


Attached Images
 
My System SpecsSystem Spec
01 Nov 2009   #5

Windows 7 Professional
 
 

There is no need to reset the password. If you attach the hard drive to another computer you can simply navigate to the encryption certificate. I haven't tried this.

Also, if you export the certificate you don't need the password. Are you sure the certificate is tied to the password?
My System SpecsSystem Spec
01 Nov 2009   #6

XP, Seven, 2008R2
 
 

Quote   Quote: Originally Posted by Cluent View Post
There is no need to reset the password.
Then why did you mention it?

Quote   Quote: Originally Posted by Cluent View Post
Are you sure the certificate is tied to the password?
Positive.
My System SpecsSystem Spec
01 Nov 2009   #7

Windows Vista Business / Windows 7 Ultimate
 
 

Its secure, but obviously not as good as using an Enterprise Certficate Authority.
My System SpecsSystem Spec
01 Nov 2009   #8

XP, Seven, 2008R2
 
 

True. People at NSA will have no trouble cracking EFS.
My System SpecsSystem Spec
01 Nov 2009   #9

Windows 8.1 Pro (x64)
 
 

Quote   Quote: Originally Posted by sup3rsprt View Post
True. People at NSA will have no trouble cracking EFS.
They would not be cracking EFS, they would crack the supporting systems. But cracking EFS would require a means of cracking AES. And if AES is cracked....well there are bigger problems then.

Btw for the original question:
Quote:
Decrypting files using the local Administrator account

...

In Windows XP and later, there is no default local Data Recovery Agent and no requirement to have one. Setting SYSKEY to mode 2 or 3 (syskey typed in during bootup or stored on a floppy disk) will mitigate the risk of unauthorized decryption through the local Administrator account. This is because the local user's password hashes, stored in the SAM file, are encrypted with the Syskey, and the Syskey value is not available to an offline attacker who does not possess the Syskey passphrase/floppy.

...

Files encrypted with EFS can only be decrypted by using the RSA private key(s) matching the previously-used public key(s). The stored copy of the user's private key is ultimately protected by the user's logon password. Accessing encrypted files from outside Windows with other operating systems (Linux, for example, or even another instance of Windows) is not possible...Further, using special tools to reset the user's login password will render it impossible to decrypt the user's private key and thus useless for gaining access to the user's encrypted files.
My System SpecsSystem Spec
01 Nov 2009   #10

XP, Seven, 2008R2
 
 

Quote   Quote: Originally Posted by logicearth View Post
But cracking EFS would require a means of cracking AES.
Only with extremely strong passwords, assuming EFS has no inherent flaws which is probably not the case.

What you've just quoted is basically everything I rapped up in a nutshell.
My System SpecsSystem Spec
Reply

 Is EFS secure?




Thread Tools



Similar help and support threads for2: Is EFS secure?
Thread Forum
Just how secure do you need to be? System Security
Secure System Security
Is UAC really secure? System Security
So how secure you are really ? System Security
How Secure Is Your PDF? Security News
Which is Overall more Secure ? Vista or Win 7 ? System Security
Is this secure? Network & Sharing

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 01:02 AM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33