EFS is only as strong as your login password

by George Chetcuti [Published on 21 July 2014 / Last Updated on 21 July 2014]

If you think that your sensitive and most important files are adequately protected when stored in an encrypted folder on your hard drive then you’re wrong!

In his blog post Ronnie Flathers writes ‘without full disk encryption (like BitLocker), sensitive system files will always be available to an attacker, and credentials can be compromised. Since Windows file encryption is based on user credentials (either local or AD), once these creds are compromised, an attacker would have full access to all “encrypted” files on the system. I will outline an attack scenario below to stress the importance of full drive encryption.’

Read the full blog post here - http://labs.neohapsis.com/author/ropnop/

Add Review or Comment

See Also

Featured Links