January 7th, 2008, 02:52 AM
Microsoft EFS password resets
I'm reading about EFS (from Windows Server 2003 Security A technical Reference - pretty good), anyway a few questions.
1) It says in Windows 2000 if an admin resets a users password they can gain access to the files that the user encrypted. I also read in that book that the encryption is based off the users password. So how can an admin reset the password and be able to view the encrypted data?
2) Also it says on XP if a user forgets his/her password they can use a password reset disk, they then can gain access to their encrypted files. How does this work? It's just the same thing as resetting the password, right?
January 7th, 2008, 11:16 AM
Sounds like the encryption key is stored in the profile of the user who encrypted the files....hence anyone with access to the profile can access the encrypted files
How people treat you is their karma- how you react is yours-Wayne Dyer
By Tiger Shark in forum Microsoft Security Discussions
Last Post: January 14th, 2005, 07:47 PM
By 3rr0r in forum The Security Tutorials Forum
Last Post: May 28th, 2004, 02:19 AM
By gore in forum Newbie Security Questions
Last Post: December 29th, 2003, 07:01 AM
By warl0ck7 in forum Microsoft Security Discussions
Last Post: August 14th, 2003, 12:23 PM