MichaelFaulkner wrote:
> By appyling EFS encryption to an offline Outlook cached OST file,
> is the file "safe" unless somebody can logon with the same
> credentails? I'm questioning if someone
> wipes out the password of the user who created the encrypted file
> with a password reset utility, will they will be able to logon as
> that user and still access the file?, i.e., if a laptop was stolen,
> would EFS sufficiently protect the encrypted data? Is the EFS
> private and public keys related to the both user name and password.
> Thanks all.
If the password on an account using EFS file/folder is changed in any way
other than the built in mechanism provided in Windows *by the user in
question* - and there is no backup of the certificate (accessible) - then
the data is practically gone - other than some massive computing/expense to
crack the EFS encryption.
Reading your question, however - I have to ask... Have you read up on EFS at
all?
Best practices for the Encrypting File System
http://support.microsoft.com/kb/223316
You also want to know that you might have to change other things when using
EFS in order to secure it more fully.
Where Does EFS Fit into your Security Plan?
http://www.windowsecurity.com/articl...rity_Plan.html
What is EFS? How can I use it to protect my files and folders?
http://www.petri.co.il/what's_efs.htm
--
Shenan Stanley
MS-MVP
--
How To Ask Questions The Smart Way
http://www.catb.org/~esr/faqs/smart-questions.html
Linear Mode
