I find this password protection akin to that lock on the door of your home. Enough protection against a casual passerby but pick-able to a seasoned burglar. And of course total annoyance to you when you have forgotten the key.
I totally agree with Leo that encryption is the real protection but would add that do not leave the key on the machine itself. And don't forget it either. Encryption works better when the key is long and not easily guessable and that includes using difficult but words in a common dictionary. That is a real temptation to leave the key somewhere near by defeating the purpose.
Goes on to prove that it is not easy to protect your possessions.
Rich Wingerter
December 2, 2008 12:46 PM
This is one reason I don't leave my passwords for online services (like my e-mail account) on my computer. That means I have to type them in when I access those services, but no one would automatically get access just because they stole my computer.
I have used WinZip to archive things with it's password, and I've had occasion to try to break some of my old, forgotten passwords from those archives. While it is possible to do so, it probably wouldn't have been possible if I hadn't had additional knowledge about what was in the archives. So, I guess it gets a mixed review as a protection scheme.
TrueCrypt sounds like a good option and I'll have to try it.
Thanks for the info, Leo!
Guy
December 2, 2008 2:05 PM
There is a third option, you can install a hard drive drawer (hard drive mobile rack). Envision a drawer in your kitchen. It slides on rails installed in the cabinet. You can remove the drawer from the cabinet and carry it wherever you like. You can slide a different drawer into the cabinet or reinstall the original. You can do the same with your computer. You install the slide rails in an empty bay, install your HD in a removable drawer (insert), and you can remove your HD at will (when the computer is off). Now you can lock your HD, and your encryped data, etc., in your floor safe, or hide it somewhere. Kingwin and others make them; TigerDirect and many others carry them; just google it.
This has other advantages. You can have a Linux HD, a Vista HD, a Win98 HD, etc. Your spouse can have their own HD, each child can have their own HD, your grandkids can have one. Never again will the grandkids mess up your HD when you let them play games on the computer. They'll have their own HD to mess up.
Elvis PunisheR
December 8, 2008 5:43 AM
You can gain access by booting in safe mode and then removing the password.
Jerry K
December 13, 2008 2:14 PM
Identity and password theft is very common those days, bringing loss to individuals and companies. Hackers sit for hours and hours trying to break passwords to log into your private accounts stealing important information such as credit card numbers among others. Now there are sofisticated tools for such tasks making life easier for hackers. It is easy to guard yourself against password and identity theft if you follow some very easy and simple steps.
To avoid identity and password theft, we should use complex and different passwords for all of our accounts. Then comes the importance of a password manager. Use a safe password manager like EXQUIPASS to remember those complex passwords. Also we should keep in practice changing our passwords every week or every fortnight. For that, we definitely need a password manager. I prefer Exquipass since it is straight forward and secure. Link for this is: http://www.exquisysltd.com/productinfo.php?p=DA01EX
With a tool like Exquipass, you can leave your password file everywhere, nobody will be able to get your passwords even if it is left on your computer. It strongly encrypts your private data and the best way to protect sensitive is definitely encryption.
Jerry K
December 13, 2008 2:17 PM
I forgot to add!! With Exquipass, you can even carry your password files on an external media so if your computer is stolen, you can easily retrieve your login details later.
snail
June 16, 2009 8:16 PM
I agree with Guy and add this: for non-Windows OS's you can have your HD as a UFD(flash drive) which is more easily carried around. Not only this, let the kids learn about an operating system that has most of the capabilities they actually need: e-mail, video/audio players, Internet access.
There are limitations, but let them explore the "free" world a bit before they become a close-minded drone of Microswab or Crapintosh.
Of course, there are numerous professional software programs(as well as a large number of entertainment applications) strictly functional and optimized for the paid OS's.
I would like to have the hard drive in my laptops safely and easily(quickly) removed from time to time. Guy's suggestion would allow me to both keep my OS hard disk in safe custody(namely, my own keeping) and to connect it to another for backup purposes.
scooter1
July 23, 2010 9:28 AM
also i believe if the theif knows about the startup menu then they can access if put th computer in safe mode then go in and change the password and restart the computer enter there new password and access anything on that computer
mike
September 21, 2010 4:27 PM
I find it hard to believe that the admin password can be changed from safe mode? But what if the system setup is password protected and booting from anything other than the HD is disabled?
My PC was just recently stolen and I'm hoping that having the system setup pword protected, windows admin pword protected, and most of my folders windows encrypted, will at least make it hard enough that they will give up? My understanding is that if they can't get into setup, then they wont be able to boot from the CD and run anything that will llow them to view files etc???
They could remove the hard drive and place it into a machine that is not BIOS password protected, and then use a administrator password reset utility to gain administrative access to the contents.
25-Sep-2010
jbl
July 23, 2011 10:53 AM
Quick followup question: Suppose I have legitimate full disk encryption enabled (one way or another) and I step away from my computer for a moment. The screensaver activates. A thief takes the computer and tries to get past the screensaver password prompt.
Is the data still safe in this scenario? I'm guessing this is a bit of a stupid question, but it's because I don't understand some aspects of individual-file vs. whole disk encryption.
Comments Page 1
Read the article that everyone's commenting on.
November 28, 2008 4:46 AM
I find this password protection akin to that lock on the door of your home. Enough protection against a casual passerby but pick-able to a seasoned burglar. And of course total annoyance to you when you have forgotten the key.
I totally agree with Leo that encryption is the real protection but would add that do not leave the key on the machine itself. And don't forget it either. Encryption works better when the key is long and not easily guessable and that includes using difficult but words in a common dictionary. That is a real temptation to leave the key somewhere near by defeating the purpose.
Goes on to prove that it is not easy to protect your possessions.
December 2, 2008 12:46 PM
This is one reason I don't leave my passwords for online services (like my e-mail account) on my computer. That means I have to type them in when I access those services, but no one would automatically get access just because they stole my computer.
I have used WinZip to archive things with it's password, and I've had occasion to try to break some of my old, forgotten passwords from those archives. While it is possible to do so, it probably wouldn't have been possible if I hadn't had additional knowledge about what was in the archives. So, I guess it gets a mixed review as a protection scheme.
TrueCrypt sounds like a good option and I'll have to try it.
Thanks for the info, Leo!
December 2, 2008 2:05 PM
There is a third option, you can install a hard drive drawer (hard drive mobile rack). Envision a drawer in your kitchen. It slides on rails installed in the cabinet. You can remove the drawer from the cabinet and carry it wherever you like. You can slide a different drawer into the cabinet or reinstall the original. You can do the same with your computer. You install the slide rails in an empty bay, install your HD in a removable drawer (insert), and you can remove your HD at will (when the computer is off). Now you can lock your HD, and your encryped data, etc., in your floor safe, or hide it somewhere. Kingwin and others make them; TigerDirect and many others carry them; just google it.
This has other advantages. You can have a Linux HD, a Vista HD, a Win98 HD, etc. Your spouse can have their own HD, each child can have their own HD, your grandkids can have one. Never again will the grandkids mess up your HD when you let them play games on the computer. They'll have their own HD to mess up.
December 8, 2008 5:43 AM
You can gain access by booting in safe mode and then removing the password.
December 13, 2008 2:14 PM
Identity and password theft is very common those days, bringing loss to individuals and companies. Hackers sit for hours and hours trying to break passwords to log into your private accounts stealing important information such as credit card numbers among others. Now there are sofisticated tools for such tasks making life easier for hackers. It is easy to guard yourself against password and identity theft if you follow some very easy and simple steps.
To avoid identity and password theft, we should use complex and different passwords for all of our accounts. Then comes the importance of a password manager. Use a safe password manager like EXQUIPASS to remember those complex passwords. Also we should keep in practice changing our passwords every week or every fortnight. For that, we definitely need a password manager. I prefer Exquipass since it is straight forward and secure. Link for this is: http://www.exquisysltd.com/productinfo.php?p=DA01EX
With a tool like Exquipass, you can leave your password file everywhere, nobody will be able to get your passwords even if it is left on your computer. It strongly encrypts your private data and the best way to protect sensitive is definitely encryption.
December 13, 2008 2:17 PM
I forgot to add!! With Exquipass, you can even carry your password files on an external media so if your computer is stolen, you can easily retrieve your login details later.
June 16, 2009 8:16 PM
I agree with Guy and add this: for non-Windows OS's you can have your HD as a UFD(flash drive) which is more easily carried around. Not only this, let the kids learn about an operating system that has most of the capabilities they actually need: e-mail, video/audio players, Internet access.
There are limitations, but let them explore the "free" world a bit before they become a close-minded drone of Microswab or Crapintosh.
Of course, there are numerous professional software programs(as well as a large number of entertainment applications) strictly functional and optimized for the paid OS's.
I would like to have the hard drive in my laptops safely and easily(quickly) removed from time to time. Guy's suggestion would allow me to both keep my OS hard disk in safe custody(namely, my own keeping) and to connect it to another for backup purposes.
July 23, 2010 9:28 AM
also i believe if the theif knows about the startup menu then they can access if put th computer in safe mode then go in and change the password and restart the computer enter there new password and access anything on that computer
September 21, 2010 4:27 PM
I find it hard to believe that the admin password can be changed from safe mode? But what if the system setup is password protected and booting from anything other than the HD is disabled?
My PC was just recently stolen and I'm hoping that having the system setup pword protected, windows admin pword protected, and most of my folders windows encrypted, will at least make it hard enough that they will give up? My understanding is that if they can't get into setup, then they wont be able to boot from the CD and run anything that will llow them to view files etc???
25-Sep-2010
July 23, 2011 10:53 AM
Quick followup question: Suppose I have legitimate full disk encryption enabled (one way or another) and I step away from my computer for a moment. The screensaver activates. A thief takes the computer and tries to get past the screensaver password prompt.
Is the data still safe in this scenario? I'm guessing this is a bit of a stupid question, but it's because I don't understand some aspects of individual-file vs. whole disk encryption.
Thanks!
To post a comment on "My computer was stolen. It's password protected, what files can the thieves see?", please return to that article's main page.