How secure are Windows 7 document files

Discussion in 'privacy problems' started by buckshee, Jul 10, 2012.

Thread Status:
Not open for further replies.
  1. buckshee

    buckshee Registered Member

    Joined:
    Apr 11, 2006
    Posts:
    134
    Just to give the background. My primary harddrive is partitioned in to C and D drives. While in Windows 7 I right clicked on My Douments (as well as My Pictures and My Music), clicked on "Properties" selected "Location" and moved the My Documents (etc) to the D drive (which I use for all data.
    My Windows 7 (32 bit) is password protected
    Despite this I was able to boot in to DOS and copy files and folders from "My Documents" (which, as I mentioned, are on the D Drive) and also files from inside folders under c:\users\*My name* all on to an external USB stick
    I find this somewhat alarming as I would have thought that I would not have been able to do this. Am I being a bit naive ? Does this not enable some-one to take my Quicken, Word or Excel data and open the file on their own computer - what happened to my privacy ? If this can be done, what is the point of having Windows 7 password protected
     
  2. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
    If there is a possibility of losing control of the machine and the data that it contains is sufficiently sensitive the consider drive encryption. There is a whole range of options in between.
     
  3. PaulyDefran

    PaulyDefran Registered Member

    Joined:
    Dec 1, 2011
    Posts:
    1,163
    Unless the files are encrypted, they are accessible to a variety of tools, as you found out.

    The Win7 password is a zip tie...keeps out people that can't get a hold of scissors.

    Use TrueCrypt to create a container for your sensitive files.

    PD
     
  4. LockBox

    LockBox Registered Member

    Joined:
    Nov 20, 2004
    Posts:
    2,275
    Location:
    Here, There and Everywhere
    I agree. Windows password protection is not like iOS pre-auth encryption. It's just a child's play password - it's not encryption. An even more user-friendly route, you could have used a Linux-based live-cd/usb and had a nice, pretty graphical UI to browse your documents.

    Pauly's right - again. TrueCrypt.
     
  5. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,028
    That's a nice feature when your Windows install gets hosed ;)
     
  6. Tomwa

    Tomwa Registered Member

    Joined:
    Feb 3, 2010
    Posts:
    162
    The windows password is quite honestly not even as strong as a ziptie I'd say it's more like a thin piece of thread. There are literally tools to extract Windows passwords already in existence.

    If you want true security in windows make your login screen a photo of Justin Bieber (Beiber? Beeber!? Whatever..) I wouldn't touch it.

    But in all seriousness:

    1. TrueCrypt or an equivalent
    2. TrueCrypt rescue disk
    3. Always use number to boot into number 1

    Really need a better way to protect from things such as Evil Maid -.-
     
  7. NGRhodes

    NGRhodes Registered Member

    Joined:
    Jun 23, 2003
    Posts:
    2,331
    Location:
    West Yorkshire, UK
    Authentication is not encryption.

    You can encryption your personal data using EFS which is built into Windows 7.
    It may not offer as many features and configuration that trucrypt offers, but if it does what you need, its a low hassle reliable option and why I use it for encrypting subsections of data on a drive.

    http://support.microsoft.com/kb/223316 has some useful info about using EFS.
     
  8. buckshee

    buckshee Registered Member

    Joined:
    Apr 11, 2006
    Posts:
    134
    Thanks Nick, but EFS isn't available on Windows 7 Home or Home Premium - only on Professional, Enterprise etc
     
    Last edited: Jul 17, 2012
  9. TheQuest

    TheQuest Registered Member

    Joined:
    Jun 9, 2003
    Posts:
    2,301
    Location:
    Kent. UK by the sea
    Hi buckshee

    First line of defence, Password protect your BIOS, then set your BIOS to boot your OS HDD, SATA or SSD as as first boot device.

    Take Care
    TheQuest :cool:
     
Loading...
Thread Status:
Not open for further replies.