Results 1 to 2 of 2
  1. #1
    Join Date
    Oct 2002

    Microsoft EFS password resets

    I'm reading about EFS (from Windows Server 2003 Security A technical Reference - pretty good), anyway a few questions.

    1) It says in Windows 2000 if an admin resets a users password they can gain access to the files that the user encrypted. I also read in that book that the encryption is based off the users password. So how can an admin reset the password and be able to view the encrypted data?

    2) Also it says on XP if a user forgets his/her password they can use a password reset disk, they then can gain access to their encrypted files. How does this work? It's just the same thing as resetting the password, right?

  2. #2
    AOs Resident Troll
    Join Date
    Nov 2003
    Sounds like the encryption key is stored in the profile of the user who encrypted the files....hence anyone with access to the profile can access the encrypted files

    How people treat you is their karma- how you react is yours-Wayne Dyer

Similar Threads

  1. Network Security made easy?
    By Tiger Shark in forum Microsoft Security Discussions
    Replies: 5
    Last Post: January 14th, 2005, 07:47 PM
  2. Password Cracking with Rainbow Tables
    By 3rr0r in forum The Security Tutorials Forum
    Replies: 22
    Last Post: May 28th, 2004, 02:19 AM
  3. Tcp/ip
    By gore in forum Newbie Security Questions
    Replies: 11
    Last Post: December 29th, 2003, 07:01 AM
  4. Windows 2003 Server Vulnerability
    By warl0ck7 in forum Microsoft Security Discussions
    Replies: 7
    Last Post: August 14th, 2003, 12:23 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts

We have made updates to our Privacy Policy to reflect the implementation of the General Data Protection Regulation.