Tom's Guide | Tom's Hardware | Tom's Games
 |
 |
 |
Hi everyone:
I have a laptop that I keep my customer data in - nothing extraordinary like bank accounts, credit cards, etc. - just people's names, addresses and such. All the data is located in My Documents folder in a custom software that does not have any good password protection. I set up a user account in Windows XP that is required to log in to my laptop. Moreover the My Documents folder for that user account is set to private and the laptop's screen saver that kicks in every 5 minutes is password protected. The password for the Windows XP user account is a 6-character combination, that is not a word in a dictionary.I'm just curious, say if someone was to steal my laptop, how easy would it be for a hacker to break into my customer data with all the security measures I have? And, if what I have is not enough, how would you recommend to better protect my data?
Thank you in advance!
0 
If I stole your computer and wanted to get past a password authentication issue it wouldn't be very challenging. There are plenty of tools that allow you to change user passwords (my favorite is Winternal ERD (a bootable CD that has tons of little utilities on it, mainly the Locksmith program that allows you to reset administrator/user passwords)).
If I didn't have that laying around I would just plop in a CD and do a parallel install of Windows on the drive and get to your information that way.
You should really look into some 3rd party encryption/security software if you have sensitive information on your hard drive.
Holy Wow.
0
Thank you for your quick responses. I do keep a back-up of my data, but again the software I use does not have any substantial means to protect the data, thus it sounds like what I will have to use is some third party (and hopefully Microsoft-provided) means to encrypt it. Honestly, I was under impression that the user password in Windows XP was a good security measure until recently someone told me otherwise. That is basically why I'm asking it here.
OK. I did some exploring and found out that if I right click on My Documents folder and then go to Properties and then click Advanced, there's a check box that says, "Encrypt contents to secure data". It is not checked now. I'm curious if I check it, will it help better secure my data? I'm also concerned whether it will significantly slow down my computer or not?
Thanks again.
0
If you lose the password to unlock the data there is no way to recover it. Another issue is if your computer hardware fails and the drive needs to be transferred to another computer you may not be able to access those encrypted files. That is why it is imperative you back them up elsewhere.
I would recommend for those reasons that you NOT encrypt the entire My Documents folder unless all files in there are sensitive. Create a subfolder for any files requiring encryption and apply only to that folder.
0
I agree with OtheHill that a encrypted folder would be a good solution with a strong password. You would need XP PRO as xp home doesnt't include encrypted folders. There are third party applications that may suite your needs also. The user logon is useless to any hacker with physical access.
You may be also subject to privacy laws. You may be required to protect the privacy of users.
Even with encrypted folders you may be allowing access to your computer. Only a group of best practices can prevent data loss. My guess is you run your laptop with an Admin account and have the entire drive shared.
"Best Practices", Event viewer, host file, perfmon, antivirus, anti-spyware, Live CD's, backups, are in my top 10
0
Sure, I'll follow this advice. But I have a couple of questions. OtheHill, when you say, "if your computer hardware fails and the drive needs to be transferred to another computer you may not be able to access those encrypted files" - does it mean the data will be lost even if I remember the encryption password?
Also, jefro, what do you mean by "strong password"?
As for the privacy laws, I know that. I thought my current set-up with the Windows password was complying with it.
And, yes, I do run Windows XP with an administrative account that is protected under password. All of my data is located in My Documents folder that is set to "private". So to answer your question, then no, I do not have my whole drive shared.
0
I can't definitively stat that but I have read posts from others that had problems recovering files that had been encrypted.
When you move a drive from one computer to another files saved under a certain profile are not accessable to just anyone. If the files were not encrypted then taking ownership of the files is all that is usually required. I don't think taking ownership works with encrypted files because the encryption password and the user profile are intertwined. When the drive is no longer the boot drive the profiles are no longer valid.
If others that are reading disagree with this feel free to contribute. As I stated I am not positive about this. I mentioned it simply to warn you to maintain backups. You should do that with all your personal files anyway but even more care needs to be taken with encrypted files. The big issue is lost or forgotten passwords.
0
"I agree with OtheHill " is what I said.
Be sure to read up on how to backup encrypted files. All on the MS site. The newer MS encryption is finally pretty secure and difficult if not impossible to recover.
There is always a problem with data. If you can access it, in theory and practice anyone can. For example. Since you run with admin any hacker could install anything they wanted. They would then be able to access the data. Security is a process not just one thing.
There are also other products such as secure flash drives and very secure hard drives on some laptops. Still a hacked system could expose your system to data theft.(if online)
I have always suggested a data system to NEVER get online or exposed to the web. Use a junky old computer for access to the web that never has important data. It is the only way to be sure.
Strong password is a term that means usually three of four. Upper case, lower case, special characters and numbers."Best Practices", Event viewer, host file, perfmon, antivirus, anti-spyware, Live CD's, backups, are in my top 10
0
Yeah, thanks. I agree going online is a risk, but it's hard to live in this world without doing so. I'm trying to limit myself to a web mail site and a couple of trustworthy sites like America Airlines, YouTube, eBay, etc.
BTW, I tried that Encrypting File System for Windows XP Pro on my ripped music folder. First it took forever to convert it. Then the folder was kinda slow every time I was about to copy or paste anything from/into it. Is it a normal thing with this encryption?
0
Music files are large so encryption would take some time. Why would you choose your music files?
0
>Why would you choose your music files?
I don't know, just to try on something. I want to make sure that this encryption doesn't slow my laptop to a crawl.
You see, I have a bad habbit of leaving some important files on my desktop, thus it has to be encrypted as well. So I thought to encrypt the "C:\Documents and Settings\User Name" folder with EFS, which will include the desktop, my documents, and IE cookies and settings like visited sites, etc.
I understand what you guys said earlier about backing up my system regularly and I will do it religiously :) All I care at this point is security of the data.
0
If you leave your computer turned on and leave for only a few minutes then something as simple as a screen saver password may be enough deterent to keep someone from unauthorized use. Maybe you should consider biometrics.
0
I heard that those finger-print readers are more of a nuisance than help at this stage. I'm using a screen saver password that is set for 5 minutes of inactivity, which is enough time to kick in if I'm off to do something and also not too soon to bug me.
Thanks for your help guys. Now I'm much more educated about Windows XP security than I was a week ago.
0
You should set a hot key so when you leave you hit the key and the screensaver is started immediately.
Even a minute or two is enough time for someone to access your computer.
The fingerprint reader may be easier than typing a password every time you come back to your computer. Also, if someone near you wants to gain access to your computer they could watch you type your password and gain entry that way.
0
The first link explains how to setup a hotkey to activate a screensaver.
The second is how to setup a password protected screensaver.
http://www.windowsbbs.com/windows-x...
0  |
 |
 |
This post is quite old and has been locked from receiving new replies. Please create a new posting instead.
| Ads by Google |
