Helping people with computers... one answer at a time.

Password protecting your Windows login is good, but it does not completely protect your computer's data, particularly if the computer is stolen.

My mid-tower computer was recently stolen in a burglary. The Windows Vista home ultimate system was password protected at start-up. What files can be accessed by those trying to enter the system?

It'll take a computer savvy thief about 5 minutes to gain access to everything on your computer.

Yep. Everything.

Everything that you haven't otherwise protected, that is.

There's a fundamental premise that I try to remind people of from time to time. It's simply this:

If it's not physically secure, it's not secure.

Now, normally I bring that up when people have questions relating to sharing a computer, or perhaps sharing living space and being somewhat concerned about what a roommate might or might not have access to when the computer's owner isn't around.

The short version is that if someone has physical access to your computer, they can quickly gain access to everything on it.

And of course computer theft is the very definition of physical access.

"... if someone has physical access to your computer, they can quickly gain access to everything on it."

There are a couple of ways that - with physical access - someone can gain access to your computer's contents:

  • They can reboot from a CD and reset the administrative any login password. In fact, it's so easy here are the instructions: I've lost the password to my Windows Administrator account, how do I get it back?

  • They can reboot from a Linux live CD and access the contents of your hard drive without needing to log in to Windows at all.

  • They can remove the hard disk from your machine, install it into another, and once again access the contents of your hard disk without needing to login to the Windows that you had installed.

All that should be pretty scary, mostly because it is.

So, again:

If it's not physically secure, it's not secure.

So what do you do?

Well, in an after-the-fact case like you're asking about, it's too late. The computer has already been stolen. What's important now is that you know that the data on it could be accessed by whoever has the machine now. If you have personal and confidential information on it, it's time to assume that it's been completely compromised. It may not be. It may not be yet. It may never be. But you must simply assume the worst.

There are two approaches to prevention:

  • Physically secure the machine.

  • Secure your sensitive data.

Securing your machine means doing things like bolting or cabling it down or putting it in a locked room or cabinet (watch the ventilation, if you do the cabinet!). These aren't perfect solutions, as a determined thief might well still be able to circumvent these measures, but they'll at least thwart the casual burglar by making it easier to steal something else.

The real solution, in my opinion is to secure your sensitive data using encryption. In fact, it's exactly like the steps you would take to keep data on a laptop secure. By definition, a laptop is portable and very easy to steal. Hence, the solutions that keep data on laptops secure will work just as well for your desktop computer.

There are many solutions for encrypting your data. I personally don't recommend using Windows own native encrypted file system, simply because it's too easy to lose access to the data yourself if you lose access to the Windows login account that created it. Much easier is TrueCrypt, which is free, open source and cross platform. You protect your data with a passphrase, and the encrypted container can be easily copied to any machine, even non-PCs, and accessed with that passphrase.

It takes a little work to set up, but I heartily recommend using a solution like TrueCrypt at least for your sensitive data. (You can, if you're so inclined, encrypt your entire hard drive using TrueCrypt, but I personally find that's overkill for most folks.)

Once encrypted with a strong passphrase, if your computer does get stolen, the thieves can access only the meaningless encrypted data, and not your sensitive files.

Article C3575 - November 26, 2008 « »

Share this article with your friends:

Share this article on Facebook Tweet this article Email a link to this article
Leo Leo A. Notenboom has been playing with computers since he was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed. After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers to common computer and technical questions. More about Leo.

Not what you needed?

11 Comments
Rahul Mehta
November 28, 2008 4:46 AM

I find this password protection akin to that lock on the door of your home. Enough protection against a casual passerby but pick-able to a seasoned burglar. And of course total annoyance to you when you have forgotten the key.

I totally agree with Leo that encryption is the real protection but would add that do not leave the key on the machine itself. And don't forget it either. Encryption works better when the key is long and not easily guessable and that includes using difficult but words in a common dictionary. That is a real temptation to leave the key somewhere near by defeating the purpose.

Goes on to prove that it is not easy to protect your possessions.

Rich Wingerter
December 2, 2008 12:46 PM

This is one reason I don't leave my passwords for online services (like my e-mail account) on my computer. That means I have to type them in when I access those services, but no one would automatically get access just because they stole my computer.

I have used WinZip to archive things with it's password, and I've had occasion to try to break some of my old, forgotten passwords from those archives. While it is possible to do so, it probably wouldn't have been possible if I hadn't had additional knowledge about what was in the archives. So, I guess it gets a mixed review as a protection scheme.

TrueCrypt sounds like a good option and I'll have to try it.

Thanks for the info, Leo!

Guy
December 2, 2008 2:05 PM

There is a third option, you can install a hard drive drawer (hard drive mobile rack). Envision a drawer in your kitchen. It slides on rails installed in the cabinet. You can remove the drawer from the cabinet and carry it wherever you like. You can slide a different drawer into the cabinet or reinstall the original. You can do the same with your computer. You install the slide rails in an empty bay, install your HD in a removable drawer (insert), and you can remove your HD at will (when the computer is off). Now you can lock your HD, and your encryped data, etc., in your floor safe, or hide it somewhere. Kingwin and others make them; TigerDirect and many others carry them; just google it.

This has other advantages. You can have a Linux HD, a Vista HD, a Win98 HD, etc. Your spouse can have their own HD, each child can have their own HD, your grandkids can have one. Never again will the grandkids mess up your HD when you let them play games on the computer. They'll have their own HD to mess up.

Elvis PunisheR
December 8, 2008 5:43 AM

You can gain access by booting in safe mode and then removing the password.

Jerry K
December 13, 2008 2:14 PM

Identity and password theft is very common those days, bringing loss to individuals and companies. Hackers sit for hours and hours trying to break passwords to log into your private accounts stealing important information such as credit card numbers among others. Now there are sofisticated tools for such tasks making life easier for hackers. It is easy to guard yourself against password and identity theft if you follow some very easy and simple steps.
To avoid identity and password theft, we should use complex and different passwords for all of our accounts. Then comes the importance of a password manager. Use a safe password manager like EXQUIPASS to remember those complex passwords. Also we should keep in practice changing our passwords every week or every fortnight. For that, we definitely need a password manager. I prefer Exquipass since it is straight forward and secure. Link for this is: http://www.exquisysltd.com/productinfo.php?p=DA01EX
With a tool like Exquipass, you can leave your password file everywhere, nobody will be able to get your passwords even if it is left on your computer. It strongly encrypts your private data and the best way to protect sensitive is definitely encryption.

Jerry K
December 13, 2008 2:17 PM

I forgot to add!! With Exquipass, you can even carry your password files on an external media so if your computer is stolen, you can easily retrieve your login details later.

snail
June 16, 2009 8:16 PM

I agree with Guy and add this: for non-Windows OS's you can have your HD as a UFD(flash drive) which is more easily carried around. Not only this, let the kids learn about an operating system that has most of the capabilities they actually need: e-mail, video/audio players, Internet access.
There are limitations, but let them explore the "free" world a bit before they become a close-minded drone of Microswab or Crapintosh.
Of course, there are numerous professional software programs(as well as a large number of entertainment applications) strictly functional and optimized for the paid OS's.
I would like to have the hard drive in my laptops safely and easily(quickly) removed from time to time. Guy's suggestion would allow me to both keep my OS hard disk in safe custody(namely, my own keeping) and to connect it to another for backup purposes.

scooter1
July 23, 2010 9:28 AM

also i believe if the theif knows about the startup menu then they can access if put th computer in safe mode then go in and change the password and restart the computer enter there new password and access anything on that computer

mike
September 21, 2010 4:27 PM

I find it hard to believe that the admin password can be changed from safe mode? But what if the system setup is password protected and booting from anything other than the HD is disabled?
My PC was just recently stolen and I'm hoping that having the system setup pword protected, windows admin pword protected, and most of my folders windows encrypted, will at least make it hard enough that they will give up? My understanding is that if they can't get into setup, then they wont be able to boot from the CD and run anything that will llow them to view files etc???

They could remove the hard drive and place it into a machine that is not BIOS password protected, and then use a administrator password reset utility to gain administrative access to the contents.
Leo
25-Sep-2010

jbl
July 23, 2011 10:53 AM

Quick followup question: Suppose I have legitimate full disk encryption enabled (one way or another) and I step away from my computer for a moment. The screensaver activates. A thief takes the computer and tries to get past the screensaver password prompt.

Is the data still safe in this scenario? I'm guessing this is a bit of a stupid question, but it's because I don't understand some aspects of individual-file vs. whole disk encryption.

Thanks!

Mark J
July 23, 2011 2:55 PM

@JBL
If the thief gets through the screensaver password without turning the computer off,it's possible that he can access your files depending on the encryption settings.

Comments on this entry are closed.

If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.

If you don't find your answer, head out to http://askleo.com/ask to ask your question.