Security Basics mailing list archives
RE: dual password for file/folder encryption
From: "Prodigi Child" <prodigi.child () gmail com>
Date: Tue, 16 Dec 2008 08:58:37 -0600
If I recall correctly you can use EFS (in the case of Windows) and assign the administrator to be able to still decrypt the files via Group Policy. They are called recovery agents - here is an article: http://www.windowsecurity.com/articles/Controlling-Encrypting-File-System-EF S-Group-Policy.html that way the staff won't even need to remember a password because as long as their user account encrypts the folder they can seamlessly open and view/modify/etc the contents. Hope this helps! -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Tariq Khan Sent: Monday, December 15, 2008 9:24 AM To: security-basics () securityfocus com Subject: dual password for file/folder encryption Hi all I am looking for encryption software. Here's the story (bear with me), we role out laptops and desktops for staff members and we would like by default to have a folder which is encrypted and anything dropped (saved) into that folder is automatically encrypted. Now, the idea is that we set the master password on the folder (which should filter down to the files), so when the users "put and pull" from the folder they are asked for a password which they can set them selves. You may be wondering "why", well in case of an employee leaving "under a cloud" or has not informed us of the password for their files and folders within the default encryption folder we can get to the folder and any files within it with our master password. Apart from the fact that a lot of our staff are forever forgetting their passwords. I have tried some software but they do not have the option for a master password which can override user set passwords. I hope all that made sense. I would really appreciate any help. Thank you Tariq Khan Information Security Analyst Corporate Systems Group Thames Valley University Learning and Information Services DISCLAIMER The information contained in this message may be CONFIDENTIAL and is intended for the addressee only. Any unauthorised use, dissemination of the information, or copying of this message is prohibited. If you are not the addressee, please notify the sender immediately by return e-mail and delete this message. Although this e-mail and any attachments are believed to be free of any virus, or other defect which might affect any computer or system into which they are received and opened, it is the responsibility of the recipient to ensure that they are virus free and no responsibility is accepted by Information Services department (ISD) of Thames Valley University (or any of its associated subsidiaries) for any loss or damage from receipt or use thereof. Please note that the opinion(s) expressed in this email are that of the sender, and does not necessarily represent that of Thames Valley University (or any of its associated subsidiaries).
Current thread:
- dual password for file/folder encryption Tariq Khan (Dec 15)
- Re: dual password for file/folder encryption ArcSighter Elite (Dec 16)
- Re: dual password for file/folder encryption Ali, Saqib (Dec 16)
- Re: dual password for file/folder encryption Alexander Bondarenko (Dec 16)
- Re: dual password for file/folder encryption Michael Lorenzen (Dec 16)
- dual password for file/folder encryption kalgecin kalgecin (Dec 16)
- Re: dual password for file/folder encryption Rob Thompson (Dec 16)
- RE: dual password for file/folder encryption Pete.LeMay (Dec 16)
- Re: dual password for file/folder encryption Kevin Tunison (Dec 16)
- RE: dual password for file/folder encryption Prodigi Child (Dec 16)
- <Possible follow-ups>
- Re: dual password for file/folder encryption chmod1777 (Dec 16)
- RE: dual password for file/folder encryption Mason, Samuel (Dec 17)
- Re: dual password for file/folder encryption Andre Pawlowski (Dec 23)
- RE: dual password for file/folder encryption Mason, Samuel (Dec 17)