 | |
| |
| 01 Nov 2009 | #1 |
| | Is EFS secure? Since the encryption certificate is stored on the computer, all you have to do is connect the hard drive to another computer to get access to the certificate and decrypt all of the files. Not true? |
My System Specs | |
| 01 Nov 2009 | #2 |
| | Not true. |
| My System Specs |
| 01 Nov 2009 | #3 |
| | Why not? Any administrator can delete a normal user's password and gain entry. |
| My System Specs |
| . |
| |
| 01 Nov 2009 | #4 |
| | 
Quote: Originally Posted by Cluent  Why not? Any administrator can delete a normal user's password and gain entry. |
| My System Specs |
| 01 Nov 2009 | #5 |
| | There is no need to reset the password. If you attach the hard drive to another computer you can simply navigate to the encryption certificate. I haven't tried this. Also, if you export the certificate you don't need the password. Are you sure the certificate is tied to the password? |
| My System Specs |
| 01 Nov 2009 | #6 |
| |
Quote: Originally Posted by Cluent There is no need to reset the password.
Quote: Originally Posted by Cluent Are you sure the certificate is tied to the password? |
| My System Specs |
| 01 Nov 2009 | #7 |
| | Its secure, but obviously not as good as using an Enterprise Certficate Authority. |
| My System Specs |
| 01 Nov 2009 | #8 |
| | True. People at NSA will have no trouble cracking EFS. |
| My System Specs |
| 01 Nov 2009 | #9 |
| |
Quote: Originally Posted by sup3rsprt True. People at NSA will have no trouble cracking EFS. Btw for the original question: Quote: Decrypting files using the local Administrator account ... In Windows XP and later, there is no default local Data Recovery Agent and no requirement to have one. Setting SYSKEY to mode 2 or 3 (syskey typed in during bootup or stored on a floppy disk) will mitigate the risk of unauthorized decryption through the local Administrator account. This is because the local user's password hashes, stored in the SAM file, are encrypted with the Syskey, and the Syskey value is not available to an offline attacker who does not possess the Syskey passphrase/floppy. ... Files encrypted with EFS can only be decrypted by using the RSA private key(s) matching the previously-used public key(s). The stored copy of the user's private key is ultimately protected by the user's logon password. Accessing encrypted files from outside Windows with other operating systems (Linux, for example, or even another instance of Windows) is not possible...Further, using special tools to reset the user's login password will render it impossible to decrypt the user's private key and thus useless for gaining access to the user's encrypted files. |
| My System Specs |
| 01 Nov 2009 | #10 |
| |
Quote: Originally Posted by logicearth But cracking EFS would require a means of cracking AES. What you've just quoted is basically everything I rapped up in a nutshell. |
| My System Specs |
 |
Is EFS secure? problems?
« Various registry problems after removing "Windows 7 antivirus 2012"
|
Firewall Settings in KIS 2012 »
| Thread Tools | |
| Similar help and support threads for: Is EFS secure? | ||||
| Thread | Forum | |||
| Just how secure do you need to be? | System Security | |||
| Secure | System Security | |||
| So how secure you are really ? | System Security | |||
| How Secure Is Your PDF? | Security News | |||
| Is this secure? | Network & Sharing | |||
All times are GMT -5. The time now is 11:18 AM.
