If you purchased a recent laptop with Windows 10, you may have disk encrypted automatically preconfigured. As a precaution, Microsoft will back-up the hard disk encryption key to your WIndows 10 login email address, by default. This does pose some privacy and data security issues, since now you encrypted drive security depends on your Microsoft email account security, the weakest link. Moreover, this information is being sent over the wire, which can be intercepted.
Hackers now just have to guess your email password to break your stolen laptops encrypted hardrive.
The good thing is Microsoft has enabled you to remove that HD Encryption key, add another one not saved to OneDrive, Microsoft Cloud hard drive.
To do this go to https://onedrive.live.com/recoverykey and log in to your Microsoft account – this will be the same username and password that you use to log in to your Windows device. Once you’re in, it will show you a list of recovery keys backed up to your account.
If any of your Windows devices are listed, this means that Microsoft, or anyone that manages to access data in your Microsoft account, is technically able to unlock your encrypted disk, without your consent, as long as they physically have your computer. You can go ahead and delete your recovery key on this page – but you may want to back it up locally first, for example by writing it down on a piece of paper that you keep somewhere safe.
If you don’t see any recovery keys, then you either don’t have an encrypted disk, or Microsoft doesn’t have a copy of your recovery key. This might be the case if you’re using BitLocker and didn’t upload your recovery key when you first turned it on.
Quoted from.....
https://theintercept.com/2015/12/28/recently-bought-a-windows-computer-microsoft-probably-has-your-encryption-key/
Is BitLocker less secure now ? https://theintercept.com/2015/12/28/recently-bought-a-windows-computer-microsoft-probably-has-your-encryption-key/
https://theintercept.com/2015/06/04/microsoft-disk-encryption/
TrueCrpyt lives on as VeraCrpyt but only delivers folder encryption.
https://veracrypt.codeplex.com/
No comments:
Post a Comment