Forgot password

Discussion in 'Acronis True Image Product Line' started by DMD31842, Dec 25, 2006.

Thread Status:
Not open for further replies.
  1. DMD31842

    DMD31842 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    16
    I cannot seem to recall the password I used when I created my backup using True Image Version 10. Is there a way to bypass that or any other way to find out what it is? Yes, I understand I am a dummy but......
     
  2. foghorne

    foghorne Registered Member

    Joined:
    Sep 27, 2005
    Posts:
    1,389
    Location:
    Leeds, Great Britain

    Unlikely :oops:

    I am assuming this is not an autologon issue but, if the security has been done properly a hash of your password will have been stored with the backup rather than the password itself. The only way to authenticate, is for you to provide the password, which is hashed and the two hashes then get compared to see if the password you provided matches i.e. - the password itself should not be stored with the backup, and the hash is non-reversable.

    F.
     
  3. DMD31842

    DMD31842 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    16
    Not sure what you mean by "hashed". It is not the log on. So if I do not remember the password I am out of luck?
     
  4. jmk94903

    jmk94903 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    3,329
    Location:
    San Rafael, CA
    Sadly, you are. Good security has it's down side.


    The main reason why you would want to password protect a backup is if it contains sensitive information and you believe that someone could gain access to that backup and recover the information. Storing the backup in a secure location means that a password on the backup is not necessary, so that's one option worth considering.
     
  5. foghorne

    foghorne Registered Member

    Joined:
    Sep 27, 2005
    Posts:
    1,389
    Location:
    Leeds, Great Britain
    Password hashes are a common way of carrying out authentication without having to know what the stored password was.

    If you did set a password within True Image, against your backup, your are stuffed :'(

    F.
     
  6. mfabien

    mfabien Registered Member

    Joined:
    Dec 15, 2006
    Posts:
    227
    Location:
    Montreal
    I would create a new backup and upon being asked to enter a password I would either select No Password or use one that I cannot lose memory off.

    And I say this because in the Owner's guide, in the case of the Acronis Secure Zone, one can change the password and not being asked to enter the present one. Could be that creating an archive under password can allow different passwords each time.
     
  7. writedom

    writedom Registered Member

    Joined:
    Feb 7, 2006
    Posts:
    57
    I assume that because Acronis does not advertise that any popular encryption algorithms are used for passwords that they are using a proprietary algorithm.

    Does anyone know how secure the passwords really are?

    For example you can download password crackers for Peachtree Accounting, Microsoft Excel, Word, etc.
     
  8. foghorne

    foghorne Registered Member

    Joined:
    Sep 27, 2005
    Posts:
    1,389
    Location:
    Leeds, Great Britain
    This is an interesting point actually. It is a well establish philosophy in cryptography circles that the only way to prove the security of a new algorithm is to publish its specification for peer review. If it is going to get hacked easily this will happen early on. Security by obfuscation is generally considered to be lame. If you are relying on no one finding out what your algorithm is, then it doesn't say much about the algorithm itself.

    So either Acronis have identified their chosen algorithm (which I hope is a hashing algorithm) and I just haven't seen it, or they are naive enough to think that keeping quiet about their chosen algorithm adds to their security. If they do turn out to be using a proprietary algorithm, the only way to have it accepted is to publish the specification for it.

    I hope they are using an SHA hash or MD5. But I'm not sure why they don't say.

    F.
     
  9. Acronis Support

    Acronis Support Acronis Support Staff

    Joined:
    Apr 28, 2004
    Posts:
    25,885
    Hello DMD31842,

    Thank you for choosing Acronis Disk Backup Software.

    We are sorry for the delayed response.

    Please note that if a password has been set for a backup archive and is now lost or forgotten, then there is no way to retrieve or disable it. You cannot restore such a backup archive or extract files from it without the correct password.

    Thank you.
    --
    Aleksandr Isakov
     
  10. writedom

    writedom Registered Member

    Joined:
    Feb 7, 2006
    Posts:
    57
    re: Aleksandr Isakov's response

    Thank you for clarifying the password issue. As I posted above, how secure is the password? Is it a proprietary algorithm that uses the same type of "Encryption" methods as Microsoft Word or Excel (which is broken in under a second) or does the password protection use real encryption such as AES?
     
  11. foghorne

    foghorne Registered Member

    Joined:
    Sep 27, 2005
    Posts:
    1,389
    Location:
    Leeds, Great Britain
    More typically, password protection uses hashing as opposed to 'encryption' - e.g. Windows NT security, Unix security, SSL etc.

    F.
     
Thread Status:
Not open for further replies.