Home page logo
/

basics logo Security Basics mailing list archives

RE: Windows EFS and Changing a Local Account Password
From: "Roger A. Grimes" <roger () banneretcs com>
Date: Wed, 12 Jul 2006 22:37:49 -0400

If the user uses the Change Password dialog box, no.  If an
administrator RESETs the user's password yes.

The master key used to protect the EFS private key is generated using
the user's password hash, so if the user's password is reset versus
changed, the problem occurs.

Roger

*****************************************************************
*Roger A. Grimes, InfoWorld, Security Columnist 
*CPA, CISSP, MCSE: Security (2000/2003/MVP), CEH, yada...yada...
*email: roger_grimes () infoworld com or roger () banneretcs com
*Author of Professional Windows Desktop and Server Hardening (Wrox)
*http://www.amazon.com/gp/product/0764599909
*****************************************************************

 

-----Original Message-----
From: winshel () camden rutgers edu [mailto:winshel () camden rutgers edu] 
Sent: Wednesday, July 12, 2006 2:23 PM
To: security-basics () securityfocus com
Subject: Windows EFS and Changing a Local Account Password

If you are using Windows Encrypted File System (EFS) on a PC that is not
part of domain, and you change the password of the local user account
that was used to encrypt files and / or directories, will you be locked
out of the ecnrypted files?


------------------------------------------------------------------------
---
This list is sponsored by: SensePost

Hacking, like any art, will take years of dedicated study and practice
to master. We can't teach you to hack. But we can teach you what we've
learned so far. Our courses are honest, real, technical and practical.
SensePost willl be at Black Hat Vegas in July. To see what we're about,
visit us at: 

http://www.sensepost.com/training.html
------------------------------------------------------------------------
---


---------------------------------------------------------------------------
This list is sponsored by: SensePost

Hacking, like any art, will take years of dedicated study and
practice to master. We can't teach you to hack. But we can teach you
what we've learned so far. Our courses are honest, real, technical
and practical. SensePost willl be at Black Hat Vegas in July. To see
what we're about, visit us at:

http://www.sensepost.com/training.html
---------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault