Security Basics mailing list archives
RE: Windows EFS and Changing a Local Account Password
From: "Thomas D." <whistl0r () googlemail com>
Date: Sun, 16 Jul 2006 15:36:11 +0200
Hello,
You are wrong that this is no impact of the user's password. The user's password is used to create a master symmetric key that is used to protect the user's EFS asymmetric private key (among other things). If the administrator resets the user's password, the user will get a new master symmetric key and no longer be able to decrypt their original EFS private key.
Oh, you're right! But it isn't a drawback - it is a kind of security: "The behavior that is described in this article is a security measure taken to protect the security of the user's private information. A malicious administrator that can reset a user's password and thereby gain access to the user's account cannot access encrypted files or authentication materials without the user's knowledge or permissions." http://support.microsoft.com/kb/290260/en-us (MORE INFORMATION) -- Thomas D. --------------------------------------------------------------------------- This list is sponsored by: SensePost Hacking, like any art, will take years of dedicated study and practice to master. We can't teach you to hack. But we can teach you what we've learned so far. Our courses are honest, real, technical and practical. SensePost willl be at Black Hat Vegas in July. To see what we're about, visit us at: http://www.sensepost.com/training.html ---------------------------------------------------------------------------
Current thread:
- Windows EFS and Changing a Local Account Password winshel (Jul 12)
- RE: Windows EFS and Changing a Local Account Password Depp, Dennis M. (Jul 13)
- RE: Windows EFS and Changing a Local Account Password Roger A. Grimes (Jul 13)
- RE: Windows EFS and Changing a Local Account Password David Gillett (Jul 13)
- RE: Windows EFS and Changing a Local Account Password Thomas D. (Jul 13)
- RE: Windows EFS and Changing a Local Account Password Roger A. Grimes (Jul 14)
- RE: Windows EFS and Changing a Local Account Password Thomas D. (Jul 17)
- RE: Windows EFS and Changing a Local Account Password Roger A. Grimes (Jul 14)
- <Possible follow-ups>
- Re: RE: Windows EFS and Changing a Local Account Password winshel (Jul 14)
- Re: Windows EFS and Changing a Local Account Password Derek Schaible (Jul 17)