How can I securely lock my Screen?

[TheMozart]

Quote:

Originally Posted by Johnny123

Other than guessing your password I can't imagine any easy way to bypass it. If someone hits the reset button you have the TrueCrypt password to keep them out, so I wouldn't worry too much.

Thank you Johnny, you been a big help

[x942]

Quote:

Originally Posted by TheMozart

Thank you Johnny, you been a big help

A little warning which may not apply to you:

As long as the computer is running it is possible to dump the data. A lock screen may keep the average user out but any one who knows what they are doing can still get data and even possibly the encryption key from ram.

Likely Scenario:

attacker uses software to dump data or bypass the lock screen and thus get access to the data (it is unencrypted in RAM). Metasploit's meterpreter has a function that can bypass it. I believe there is a tool you can have on a flash drive do this as well (it is possible just not sure if anyone has ported it yet.)

Unlikely scenario:

If you have a Firewire port (unlikely) this is a DMA (Direct Memory Access) port which an attacker can use to dump RAM and the key to a disk/drive and later decrypt your data.

Not sure if you are worried about this. If you are the best bet is to hibernate or disable drivers from installing (plenty of guides on this). Honestly as long as the computer is booted past pre-boot authentication an attacker can get the data.

[TheMozart]

Quote:

Originally Posted by x942

..attacker uses software to dump data or bypass the lock screen and thus get access to the data (it is unencrypted in RAM). Metasploit's meterpreter has a function that can bypass it. I believe there is a tool you can have on a flash drive do this as well (it is possible just not sure if anyone has ported it yet.)..,,. Honestly as long as the computer is booted past pre-boot authentication an attacker can get the data.

So what can I do? How can I leave my Laptop running decrypted and password protected screensaver and not be worried that someone may hack and break the screensaver password?

How would they run a program from the USB stick if the screensaver is activated? And if they reboot, then Truecrypt will stop them.

So what shall I do?

[Johnny123]

Quote:

Originally Posted by TheMozart

So what shall I do?

For any solution someone comes up with here at Wilders there is somebody else who says it isn't good enough. You need to weigh risk against probability. The likelihood of some burglar breaking in who just happens to have these exotic tools (and knows how to use them) is almost nil. The more likely scenario is that someone steals it, formats the drive and sells it.

You could put it in a safe to secure it, but someone here would of course tell you that the safe can be opened with C4. What I would do is not worry about it. You've already done more to secure it than what 99% of the population does.

[Keyboard_Commando]

Johnny is right.

Booby trap the place.

[Hungry Man]

lol I was going to post about the RAM but it's just such a silly thing. Don't worry about someone freezing and dumping your RAM unless you're a government spy and you think that's likely. Don't worry really about any of that stuff because you're so unlikely to ever meet someone who even knows what the hell anything in this topic means.

[TheMozart]

Quote:

Originally Posted by Hungry Man

lol I was going to post about the RAM but it's just such a silly thing. Don't worry about someone freezing and dumping your RAM unless you're a government spy...

Well, I am not a spy

My whole hard drive is encrypted. I also have a Notebook BIOS password. So someone would need to know how to open the Notebook and reset the BIOS password. Then they would need to know how to crack my TrueCrypt encrypted hard drive which has a 18 character password. So I guess my Notebook is rather secure?

But what was concerning me was if my Notebook is already logged in and Vista is running that they could sit down and begin copying my sensitive data. So with the password Screensaver, I assume they will not be able to work it out how to bypass it, and instead turn off and reboot the Notebook, which then of course locks them out and they need 2 passwords to proceed, the BIOS and Truecrypt password which they won't have.

I guess that's all I can do...and like you and others have said...what's the chance of someone breaking in while I am out, or someone else being able to break/hack/bypass the password Vista Screenlock? Probably very very slim.

But just in case someone was able to break/hack/bypass the password Vista Screenlock, I have installed AxCrypt and will encrypt a few of my most sensitive text files when I leave the Notebook unattended, so even if they can break/hack/bypass the password Vista Screenlock, they will still not be able to access a few sensitive text files I have which contain very sensitive and private information like banking login details etc.

I am not sure what else I can do to protect myself. I think that's as best I can do.

[x942]

Just to clarify:

1) Dumpy keys from RAM is insanely unlikely even if a government agency was involved. They have about 30-90 seconds after shutdown to either get the key or freeze the RAM. Cold boot attacks work great in the lab but not so well IRL.

2) Bypassing the lock screen doesn't need exotic tools BUT you probably won't have to worry about it either. If this is a laptop I personally would lock it at home or in any safe environment, but if I was in public or a foreign place (coffee shop, business, airport, etc.) I would hibernate it.

Of course it's up to you and depends on how much you worry about it. At home I wouldn't worry too much. In the open I would.

That said. I see you are using an 18 Character password which is good. I use 30 or more but I am also using mine for business and need extra security. 18 characters is great for now (even supercomputers would take a long time to crack it).

[TheMozart]

Quote:

Originally Posted by x942

..

That said. I see you are using an 18 Character password which is good. I use 30 or more but I am also using mine for business and need extra security. 18 characters is great for now (even supercomputers would take a long time to crack it).

I counted again, and my password is actually 20 characters long

By the time someone could crack that, the world would be million years into the future and I wouldn't worry about it

Suffice to say, my whole hard is encrypted and when I leave the house and need my Laptop to be on doing stuff, I will encrypt a few sensitive files, and then lock the screen using the Vista screensaver + password. So if worse come to worse and someone cracks and defeats the Vista password screen lock, then they still cannot access my few sensitive files as they are encrypted in addition to the truecrypt.