[Hrgeeks] [Issa-tidewater] TrueCrypt and BitLocker cracked...
Randy Hall
rthall at gmail.com
Tue Apr 6 13:22:17 EDT 2010
On Tue, Apr 6, 2010 at 8:43 AM, Harris CIV Randy L <
Randy.Harris at usmc-mccs.org> wrote:
> Bob,
> ... If you can reset all the user account passwords to a null value* *you
> do not need the encryption key.
>
Not always true. If you happen to use Windows EFS, the decryption keys
stored in the user profile are encrypted with the user password. So when
you reset the user password to null, you are effectively destroying the EFS
keys needed to retrieve encrypted content once you login to the compromised
account.
--
Randy Hall -- http://hall757.com
Have you ever looked around at the group of people you are in and thought,
"If the Zombie Apocalypse happens right now, this is what I have to work
with."
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://hrgeeks.com/pipermail/hrgeeks/attachments/20100406/7e0a13ca/attachment.htm
More information about the HRGeeks
mailing list