Results 1 to 2 of 2

Thread: Microsoft EFS password resets

  1. January 7th, 2008, 03:52 AM #1
    Keith
    Keith is offline
    Member
    Join Date
    Oct 2002
    Posts
    52

    Microsoft EFS password resets

    I'm reading about EFS (from Windows Server 2003 Security A technical Reference - pretty good), anyway a few questions.

    1) It says in Windows 2000 if an admin resets a users password they can gain access to the files that the user encrypted. I also read in that book that the encryption is based off the users password. So how can an admin reset the password and be able to view the encrypted data?

    2) Also it says on XP if a user forgets his/her password they can use a password reset disk, they then can gain access to their encrypted files. How does this work? It's just the same thing as resetting the password, right?
    Reply With Quote Reply With Quote
  2. January 7th, 2008, 12:16 PM #2
    morganlefay
    morganlefay is offline
    AOs Resident Troll
    Join Date
    Nov 2003
    Posts
    3,152
    Sounds like the encryption key is stored in the profile of the user who encrypted the files....hence anyone with access to the profile can access the encrypted files

    MLF
    How people treat you is their karma- how you react is yours-Wayne Dyer
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Similar Threads

  1. Network Security made easy?
    By Tiger Shark in forum Microsoft Security Discussions
    Replies: 5
    Last Post: January 14th, 2005, 08:47 PM
  2. Tcp/ip
    By gore in forum Newbie Security Questions
    Replies: 11
    Last Post: December 29th, 2003, 08:01 AM
  3. Windows 2003 Server Vulnerability
    By warl0ck7 in forum Microsoft Security Discussions
    Replies: 7
    Last Post: August 14th, 2003, 12:23 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules