Home page logo

basics logo Security Basics mailing list archives

Re: Securing workstations from IT guys
From: "Mark Owen" <mr.markowen () gmail com>
Date: Tue, 27 Nov 2007 16:50:46 -0500

On Nov 27, 2007 3:05 PM, Liam Jewell <ljjewell () gmail com> wrote:
Anybody who has physical access to the machine becomes a
vulnerability.  Even if you encrypt files under an administrator
account on the local machine, simply resetting the password with a
program like Passware, will not disable the encryption.  Then an
unauthorized user can log in to the admin account with a blank
password (or a password of their choosing) and have access to all
encrypted files.

This is not entirely true.  If you reset or delete the password for an
account then that account will no longer be able to decrypt the files.
Mark Owen

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]