-
January 7th, 2008, 03:52 AM
#1
Member
Microsoft EFS password resets
I'm reading about EFS (from Windows Server 2003 Security A technical Reference - pretty good), anyway a few questions.
1) It says in Windows 2000 if an admin resets a users password they can gain access to the files that the user encrypted. I also read in that book that the encryption is based off the users password. So how can an admin reset the password and be able to view the encrypted data?
2) Also it says on XP if a user forgets his/her password they can use a password reset disk, they then can gain access to their encrypted files. How does this work? It's just the same thing as resetting the password, right?
-
January 7th, 2008, 12:16 PM
#2
Sounds like the encryption key is stored in the profile of the user who encrypted the files....hence anyone with access to the profile can access the encrypted files
MLF
How people treat you is their karma- how you react is yours-Wayne Dyer
Similar Threads
-
By Tiger Shark in forum Microsoft Security Discussions
Replies: 5
Last Post: January 14th, 2005, 08:47 PM
-
By 3rr0r in forum The Security Tutorials Forum
Replies: 22
Last Post: May 28th, 2004, 02:19 AM
-
By gore in forum Newbie Security Questions
Replies: 11
Last Post: December 29th, 2003, 08:01 AM
-
By warl0ck7 in forum Microsoft Security Discussions
Replies: 7
Last Post: August 14th, 2003, 12:23 PM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|