Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the 'Effect of password reset on confidential data encryption' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Effect of password reset on confidential data encryption
Authored by: CFQ on Sep 21, '09 08:27:36AM

Hi,

thanks for this tip!

I have recently learned though that the account password on a Mac can be easily reset by making use of the OS X installation DVD. What happens if a thief steals my MacBook and resets my account password? Does the confidential data remain encrypted, or is it still all dencrypted at login, even if there is not account password?

Thanks,
CFQ



[ Reply to This | # ]
Effect of password reset on confidential data encryption
Authored by: cdenesha on Jul 27, '10 10:48:04AM
Awesome tip and very clean writeup. Logical. :) I'd recommend that once you are switched over and are sure everything works, that you delete all backups of the old data on your Time Machine drive. I'm not sure how to do this securely, but perhaps a secure wipe free space program (will need to look for a tip!) can be run on your Time Machine drive as well as your original drive.
I have recently learned though that the account password on a Mac can be easily reset by making use of the OS X installation DVD. What happens if a thief steals my MacBook and resets my account password? Does the confidential data remain encrypted, or is it still all dencrypted at login, even if there is not account password?
When the account password is reset, the login keychain will be opened as well. Be sure to create a new keychain if you wish to store the password for your encrypted sparse bundle, you can even make it the default keychain and it'll still be secure in that instance. Also, your sparse bundle will be using either 128 or 256 bit AES encryption, so as long as you have a strong password the data itself is secure.

chris

[ Reply to This | # ]