So, everyone have set a password to open your Windows desktop or laptop and you always sign-out or lock the screen when leave the system alone.
Well! This still wouldn't protect your valuable data, if your system is ever stolen and an attacker may physically access your system to gain and the password could not help much.
A Windows password just prevents someone from logging into your user account; however, if the person have the ability to restart the system, i.e., accessing physically, using a Linux Live CD or even through USB drive, he may boot from these devices and access your files from the live environment.
This is only possible if the system's BIOS (Basic Input/Output System), which is built into the PC, is the first software run by a PC when powered on and is set to boot from removable devices. This is default's general setting.
Even the BIOS is set 'not to boot' from removable devices, the computer thief may enter into BIOS and changes the setting to enable booting from removable devices. This could also be prevented by setting a password for BIOS; but few users do this.
And even a password has been arranged for BIOS to prevent the booting from removable devices would not protect your data. The thief may remove the hard drive from the system then attached it into another computer and access your data. An attacker, once, boots your system using a removable device, then he may reset your Windows password, and BIOS settings as well. A Windows password is not fully useless, but you can physically lock-down to prevent the peoples, who mucking on your system.
If you really like to protect your data then not only rely on a Windows password. You should have to use encryption, which is a software, whose main task is encryption and decryption of data, usually in the form of files on (or sectors of) hard drives and removable media, email messages, or in the form of packets sent over computer networks.
Encryption software executes an algorithm that is designed to encrypt computer data in such a way, which can not be recovered without access to the key. The purpose of encryption is to prevent third parties from recovering the original information. This is particularly useful for sensitive data like credit card numbers and other personal info. So, when you using encryption, the files are stored on your system's hard drive in a seemingly scrambled form.
When you boot the system, you'll be prompted to enter encryption key of passphrase, which makes your files to accessible. The encryption will prevent the thief, even he reboots the system into another OS or removes the HD and plugs into another computer, and appears as scrambled unless he know the encryption passphrase.
Want to use Encryption: There were plenty of free encrypting software available on net; so, you may choose and install as for your requirements.
Bitlocker is an encryption software available in Ultimate and Enterprise versions of Windows 7 and Vista, but requires a Trusted Platform Module (TPM) on the system. It helps keep everything from documents to passwords safer by encrypting the entire drive that Windows and your data reside on. Once BitLocker is turned on, any file you save on that drive is encrypted automatically. Bitlocker has a new feature, BitlockerToGoReader, which is an application that provides users read-only access to BitLocker-protected drives on computers running Windows XP or Windows Vista. For Windows 7, it gives a lockdown treatment to the misplaced portable storage devices like USB drives and external hard drives.
Truecrypt is an open source, free encryption software. It never saves any decrypted data on disk, but stores them temporarily in RAM. Even when the volume is mounted, data stored in the volume is still encrypted. When you restart Windows or turn off your system, the volume will be dismounted and files stored in it will be inaccessible (and encrypted). If power supply is interrupted, files stored in the volume are inaccessible (and encrypted). To make them accessible again, you have to mount the volume (and provide the correct password and/or keyfile). When you use this software, you should have to enter the encryption password each time your computer boots. You could also set it up to store your important files in an encrypted container, and leaving the rest in your computer as unencrypted. The encrypted container would still be protected the important files you stored in it.
FolderLock is a full suite solution letting to keep your personal files encrypted and locked, while keeping an automatic and real-time backup of encrypted files to an online storage. It also offers portable security for USB drives and CDs/DVDs. Folder Lock also lets you lock files, folders and drives; save your personal information in Wallets; shred files and clean your Windows History. Folder Lock works under all flavors of 32-bit and 64-bit versions of Windows 7/Vista/XP and later.
A Windows password is still useful; but encryption is more powerful and secured. If your laptop is stolen while powered-on, the thief have chances to open the laptop and access the data, which means the system is already in running mode; so he can access. If the laptop was in a lock screen mode then he required a password to log in, and have to restart the system to try to access. And doing so, he would lock himself because the system forgets the encryption key when its power off!
Well! This still wouldn't protect your valuable data, if your system is ever stolen and an attacker may physically access your system to gain and the password could not help much.
A Windows password just prevents someone from logging into your user account; however, if the person have the ability to restart the system, i.e., accessing physically, using a Linux Live CD or even through USB drive, he may boot from these devices and access your files from the live environment.
This is only possible if the system's BIOS (Basic Input/Output System), which is built into the PC, is the first software run by a PC when powered on and is set to boot from removable devices. This is default's general setting.
Even the BIOS is set 'not to boot' from removable devices, the computer thief may enter into BIOS and changes the setting to enable booting from removable devices. This could also be prevented by setting a password for BIOS; but few users do this.
And even a password has been arranged for BIOS to prevent the booting from removable devices would not protect your data. The thief may remove the hard drive from the system then attached it into another computer and access your data. An attacker, once, boots your system using a removable device, then he may reset your Windows password, and BIOS settings as well. A Windows password is not fully useless, but you can physically lock-down to prevent the peoples, who mucking on your system.
If you really like to protect your data then not only rely on a Windows password. You should have to use encryption, which is a software, whose main task is encryption and decryption of data, usually in the form of files on (or sectors of) hard drives and removable media, email messages, or in the form of packets sent over computer networks.
Encryption software executes an algorithm that is designed to encrypt computer data in such a way, which can not be recovered without access to the key. The purpose of encryption is to prevent third parties from recovering the original information. This is particularly useful for sensitive data like credit card numbers and other personal info. So, when you using encryption, the files are stored on your system's hard drive in a seemingly scrambled form.
When you boot the system, you'll be prompted to enter encryption key of passphrase, which makes your files to accessible. The encryption will prevent the thief, even he reboots the system into another OS or removes the HD and plugs into another computer, and appears as scrambled unless he know the encryption passphrase.
Want to use Encryption: There were plenty of free encrypting software available on net; so, you may choose and install as for your requirements.
Bitlocker is an encryption software available in Ultimate and Enterprise versions of Windows 7 and Vista, but requires a Trusted Platform Module (TPM) on the system. It helps keep everything from documents to passwords safer by encrypting the entire drive that Windows and your data reside on. Once BitLocker is turned on, any file you save on that drive is encrypted automatically. Bitlocker has a new feature, BitlockerToGoReader, which is an application that provides users read-only access to BitLocker-protected drives on computers running Windows XP or Windows Vista. For Windows 7, it gives a lockdown treatment to the misplaced portable storage devices like USB drives and external hard drives.
Truecrypt is an open source, free encryption software. It never saves any decrypted data on disk, but stores them temporarily in RAM. Even when the volume is mounted, data stored in the volume is still encrypted. When you restart Windows or turn off your system, the volume will be dismounted and files stored in it will be inaccessible (and encrypted). If power supply is interrupted, files stored in the volume are inaccessible (and encrypted). To make them accessible again, you have to mount the volume (and provide the correct password and/or keyfile). When you use this software, you should have to enter the encryption password each time your computer boots. You could also set it up to store your important files in an encrypted container, and leaving the rest in your computer as unencrypted. The encrypted container would still be protected the important files you stored in it.
FolderLock is a full suite solution letting to keep your personal files encrypted and locked, while keeping an automatic and real-time backup of encrypted files to an online storage. It also offers portable security for USB drives and CDs/DVDs. Folder Lock also lets you lock files, folders and drives; save your personal information in Wallets; shred files and clean your Windows History. Folder Lock works under all flavors of 32-bit and 64-bit versions of Windows 7/Vista/XP and later.
A Windows password is still useful; but encryption is more powerful and secured. If your laptop is stolen while powered-on, the thief have chances to open the laptop and access the data, which means the system is already in running mode; so he can access. If the laptop was in a lock screen mode then he required a password to log in, and have to restart the system to try to access. And doing so, he would lock himself because the system forgets the encryption key when its power off!
No comments:
Post a Comment