Helping people with computers... one answer at a time.
Password protecting your Windows login is good, but it does not completely protect your computer's data, particularly if the computer is stolen.
My mid-tower computer was recently stolen in a burglary. The Windows Vista home ultimate system was password protected at start-up. What files can be accessed by those trying to enter the system?
•
It'll take a computer savvy thief about 5 minutes to gain access to everything on your computer.
Yep. Everything.
Everything that you haven't otherwise protected, that is.
•
There's a fundamental premise that I try to remind people of from time to time. It's simply this:
If it's not physically secure, it's not secure.
Now, normally I bring that up when people have questions relating to sharing a computer, or perhaps sharing living space and being somewhat concerned about what a roommate might or might not have access to when the computer's owner isn't around.
The short version is that if someone has physical access to your computer, they can quickly gain access to everything on it.
And of course computer theft is the very definition of physical access.
There are a couple of ways that - with physical access - someone can gain access to your computer's contents:
-
They can reboot from a CD and reset the administrative any login password. In fact, it's so easy here are the instructions: I've lost the password to my Windows Administrator account, how do I get it back?
-
They can reboot from a Linux live CD and access the contents of your hard drive without needing to log in to Windows at all.
-
They can remove the hard disk from your machine, install it into another, and once again access the contents of your hard disk without needing to login to the Windows that you had installed.
All that should be pretty scary, mostly because it is.
So, again:
If it's not physically secure, it's not secure.
So what do you do?
Well, in an after-the-fact case like you're asking about, it's too late. The computer has already been stolen. What's important now is that you know that the data on it could be accessed by whoever has the machine now. If you have personal and confidential information on it, it's time to assume that it's been completely compromised. It may not be. It may not be yet. It may never be. But you must simply assume the worst.
There are two approaches to prevention:
-
Physically secure the machine.
-
Secure your sensitive data.
Securing your machine means doing things like bolting or cabling it down or putting it in a locked room or cabinet (watch the ventilation, if you do the cabinet!). These aren't perfect solutions, as a determined thief might well still be able to circumvent these measures, but they'll at least thwart the casual burglar by making it easier to steal something else.
The real solution, in my opinion is to secure your sensitive data using encryption. In fact, it's exactly like the steps you would take to keep data on a laptop secure. By definition, a laptop is portable and very easy to steal. Hence, the solutions that keep data on laptops secure will work just as well for your desktop computer.
There are many solutions for encrypting your data. I personally don't recommend using Windows own native encrypted file system, simply because it's too easy to lose access to the data yourself if you lose access to the Windows login account that created it. Much easier is TrueCrypt, which is free, open source and cross platform. You protect your data with a passphrase, and the encrypted container can be easily copied to any machine, even non-PCs, and accessed with that passphrase.
It takes a little work to set up, but I heartily recommend using a solution like TrueCrypt at least for your sensitive data. (You can, if you're so inclined, encrypt your entire hard drive using TrueCrypt, but I personally find that's overkill for most folks.)
Once encrypted with a strong passphrase, if your computer does get stolen, the thieves can access only the meaningless encrypted data, and not your sensitive files.
Article C3575 - November 26, 2008
Leo A. Notenboom has been playing with computers since he
was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed.
After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers
to common computer and technical questions. More about Leo.
I agree with Guy and add this: for non-Windows OS's you can have your HD as a UFD(flash drive) which is more easily carried around. Not only this, let the kids learn about an operating system that has most of the capabilities they actually need: e-mail, video/audio players, Internet access.
Posted by: snail at June 16, 2009 8:16 PMThere are limitations, but let them explore the "free" world a bit before they become a close-minded drone of Microswab or Crapintosh.
Of course, there are numerous professional software programs(as well as a large number of entertainment applications) strictly functional and optimized for the paid OS's.
I would like to have the hard drive in my laptops safely and easily(quickly) removed from time to time. Guy's suggestion would allow me to both keep my OS hard disk in safe custody(namely, my own keeping) and to connect it to another for backup purposes.
also i believe if the theif knows about the startup menu then they can access if put th computer in safe mode then go in and change the password and restart the computer enter there new password and access anything on that computer
Posted by: scooter1 at July 23, 2010 9:28 AMI find it hard to believe that the admin password can be changed from safe mode? But what if the system setup is password protected and booting from anything other than the HD is disabled?
My PC was just recently stolen and I'm hoping that having the system setup pword protected, windows admin pword protected, and most of my folders windows encrypted, will at least make it hard enough that they will give up? My understanding is that if they can't get into setup, then they wont be able to boot from the CD and run anything that will llow them to view files etc???
25-Sep-2010
Posted by: mike at September 21, 2010 4:27 PM
Quick followup question: Suppose I have legitimate full disk encryption enabled (one way or another) and I step away from my computer for a moment. The screensaver activates. A thief takes the computer and tries to get past the screensaver password prompt.
Is the data still safe in this scenario? I'm guessing this is a bit of a stupid question, but it's because I don't understand some aspects of individual-file vs. whole disk encryption.
Thanks!
Posted by: jbl at July 23, 2011 10:53 AM@JBL
Posted by: Mark J at July 23, 2011 2:55 PMIf the thief gets through the screensaver password without turning the computer off,it's possible that he can access your files depending on the encryption settings.