Re: Password protecting?

From: Voice of freedom (VoiceFreedom_at_freedom.naa)
Date: 05/14/05

  • Next message: Walter Roberson: "Re: Remotely controlling a PC - How can one tell this is happening?" 
    Date: Fri, 13 May 2005 22:07:46 -0500

    "xpyttl" <xpyttl_NOSPAM@earthling.net> wrote :

    > "Popcorn Lover" <popcorn@N0-SPAM.COM> wrote in message
    > news:Xns9654DC0FD96EpopcornN0TSPAMCOM@216.196.97.142...
    >> I have a Win Xp Home Edition box and would like to have logon
    >> password protection that would REALLy work, in the event that
    >> it was stolen, so no one could have access to my whole
    >> computing life. I have Systemworks, is there anything in
    >> there that might do it? Or in XP itself?
    >>
    >> I don't want the ones that I've been hearing, can be bypassed
    >> by anyone. Something really secure?
    >
    > There are two things to keep in mind. First of all, nothing
    > is totally secure. You need to choose your level of risk.
    > Secondly, I presume you still want to use the system, so the
    > scheme needs to be at least tolerable.
    >
    > First of all, I, and most of the other responders apparently,
    > assume you are interested in protecting the data, rather than
    > the compute resource. No matter what you do in terms of
    > preventing someone from logging on, it's pretty simple
    > business to take out your disk and put it in another machine,
    > so to provide any level of protection for your data, you must
    > encrypt it.
    >
    > So the question is, how do YOU want to balance the hassle in
    > set up and operation against the risk of your data being
    > comprimised?
    >
    > There was a thread on this newsgroup just a few days ago where
    > someone lost the password to an NTFS disk. The data was, for
    > all practical purposes, inaccessible. Now most likely, NTFS
    > encryption isn't the strongest thing in the world, but it's
    > pretty strong. I suspect many state police crime labs could
    > break it, but probably not the local yokels. Is that
    > sufficient? Is what you need to protect sufficiently illegal
    > that the state police might want to spend significant
    > resources getting your data? If not, then probably NTFS
    > encryption, which is pretty simple to implement, will be good
    > enough.
    >
    > If you want something a lot stronger, it is available.
    > However, just from your question, it is unlikely that you
    > could install it in such a way that it would be more secure
    > than simple NTFS. The more sophistocated your encryption, the
    > more uh-oh's and oh-by-the-way's there are. While these
    > things, in theory, might be hard for the NSA to crack, in
    > practice, they need to be installed and maintained by an
    > expert to get that level of certainty.
    >
    > In any case, you will need to get a secure password (long,
    > letters and numbers, mixed case, and no words in any common
    > language, and nothing that anyone could trace to you) and
    > change it frequently. If you don't, you are simply handing
    > your data to anyone who is good at a dictionary attack.
    >
    > Now, you need to have a password that is hard to remember and
    > hard to type, and for heaven's sake you can't write it down,
    > and oh yeah, you should change it every month or so. This is
    > a lot of hassle, even more so when you forget it.
    >
    > If your data is that important that you are willing to put up
    > with that hassle, then go hire a security consultant to
    > implement some serious encryption. But of you're not running
    > illegal drugs, or handing nuclear secrets to the Iranians,
    > then just put the NTFS encryption on and call it good. But
    > still, think hard about your password.

    I heard that putting the entire HD under encryption, makes it so
    you can't do routine maintenance things like defragmenting, is
    that true? 

    -- 
A Voice Of Freedom in the
United States of America
  • Next message: Walter Roberson: "Re: Remotely controlling a PC - How can one tell this is happening?"

    Relevant Pages

    • Re: Secure PDAs - an oxymoron?
      ... > or hardware add-ons which can help secure these devices? ... protection of the database, there are many tools that will keep your data in ... For boot-up security either sign-on ... For application specific encryption, jaws Memo is quite a good example; ...
      (Security-Basics)
    • Re: PST encryption
      ... the solution of setting encryption on NTFS ... permissions will not help if the person who wants to read ... >This is not a secure way to work with your pst-files. ...
      (microsoft.public.outlook)
    • Re: Encryption of application configuration block
      ... your main concern is about applying encryption ... protection for your client application ... I've performed some research on the new config protection feature in .net ... For creating and exporting/importing RSA key and programmatically encrypt ...
      (microsoft.public.dotnet.general)
    • Re: PKI confusion...
      ... tool for software license protection! ... Encryption provides us with provably secure way of reducing the problem ... Software license protection has exactly opposite goal - to spread ...
      (microsoft.public.dotnet.security)
    • Re: NTFS encrypted folders in WindowsXP
      ... >>A file system offering an encryption option (at least on W2k and XP ... neither one of you has the knowledge to figuratively spell NTFS. ... You're talking, it seems, about a thing called EFS, which is an optional ...
      (comp.security.misc)