I'd like to secure the files on our company president's laptop. Encryption
seem to be the way to go to prevent, for instance, someone removing his HD
and putting it in another system as a 2nd drive and just reading the data.
But XP encyption can be beaten just by reseting the logon password and you
have access to all the files. I need something as easy as XP encryption but
which forces the user to enter the encryption password once per logon. Any
ideas?

Thanks,
Tom

"TC2" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> I'd like to secure the files on our company president's laptop. Encryption
> seem to be the way to go to prevent, for instance, someone removing his HD
> and putting it in another system as a 2nd drive and just reading the data.
> But XP encyption can be beaten just by reseting the logon password and you
> have access to all the files. I need something as easy as XP encryption
> but
> which forces the user to enter the encryption password once per logon. Any
> ideas?
>
> Thanks,
> Tom

TC2,

Please read an understand more fully the implications of an administrator
"resetting" a users password to gain access to their account.
This is covered in the Help and Support center.
Basically if an admin resets an end users password that will NOT provide
them access to the end users files if they logon as that user.
You need a deeper understanding of EFS and the impact of the admin account
and recovery agent.
It will suffice for your needs but before using it you need to do some more
reading around the subject.

--

Regards,

Mike
--
Mike Brannigan [Microsoft]

This posting is provided "AS IS" with no warranties, and confers no
rights

Please note I cannot respond to e-mailed questions, please use these
newsgroups

"TC2" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> I'd like to secure the files on our company president's laptop. Encryption
> seem to be the way to go to prevent, for instance, someone removing his HD
> and putting it in another system as a 2nd drive and just reading the data.
> But XP encyption can be beaten just by reseting the logon password and you
> have access to all the files. I need something as easy as XP encryption
> but
> which forces the user to enter the encryption password once per logon. Any
> ideas?
>
> Thanks,
> Tom
>
>

As an addition to Mike's advice, see:

http://www.microsoft.com/windowsxp/u...a/default.mspx

You'll find a number of articles there that will help you to understand the EFS part of the Windows XP file system.

As a matter of fact, if you change the user's password from another account, or via some brute force method, no one will be able to access the encrypted files, not even the user they belonged to.

--
Doug Knox, MS-MVP Windows Media Center\Windows Powered Smart Display
Win 95/98/Me/XP Tweaks and Fixes
http://www.dougknox.com
--------------------------------
Per user Group Policy Restrictions for XP Home and XP Pro
http://www.dougknox.com/xp/utils/xp_securityconsole.htm
--------------------------------
Please reply only to the newsgroup so all may benefit.
Unsolicited e-mail is not answered.

"TC2" <(E-Mail Removed)> wrote in message news:(E-Mail Removed)...
> I'd like to secure the files on our company president's laptop. Encryption
> seem to be the way to go to prevent, for instance, someone removing his HD
> and putting it in another system as a 2nd drive and just reading the data.
> But XP encyption can be beaten just by reseting the logon password and you
> have access to all the files. I need something as easy as XP encryption but
> which forces the user to enter the encryption password once per logon. Any
> ideas?
>
> Thanks,
> Tom
>
>

TC2 wrote:

> I'd like to secure the files on our company president's laptop. Encryption
> seem to be the way to go to prevent, for instance, someone removing his HD
> and putting it in another system as a 2nd drive and just reading the data.
> But XP encyption can be beaten just by reseting the logon password and you
> have access to all the files. I need something as easy as XP encryption but
> which forces the user to enter the encryption password once per logon. Any
> ideas?
Hi

SafeGuard Easy is an option (it is able to encrypt the
complete hard disk and it asks for the encryption password
at bootup of the computer):

http://www.utimaco.com/indexmain.html

We are using this product for local hard disk encryption on all
laptops, and we are very satisfied with the product.


--
torgeir, Microsoft MVP Scripting and WMI, Porsgrunn Norway
Administration scripting examples and an ONLINE version of
the 1328 page Scripting Guide:
http://www.microsoft.com/technet/scr...r/default.mspx

Oh.

Tom


"Doug Knox MS-MVP" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
As an addition to Mike's advice, see:

http://www.microsoft.com/windowsxp/u...a/default.mspx

You'll find a number of articles there that will help you to understand the
EFS part of the Windows XP file system.

As a matter of fact, if you change the user's password from another account,
or via some brute force method, no one will be able to access the encrypted
files, not even the user they belonged to.

--
Doug Knox, MS-MVP Windows Media Center\Windows Powered Smart Display
Win 95/98/Me/XP Tweaks and Fixes
http://www.dougknox.com
--------------------------------
Per user Group Policy Restrictions for XP Home and XP Pro
http://www.dougknox.com/xp/utils/xp_securityconsole.htm
--------------------------------
Please reply only to the newsgroup so all may benefit.
Unsolicited e-mail is not answered.

"TC2" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> I'd like to secure the files on our company president's laptop. Encryption
> seem to be the way to go to prevent, for instance, someone removing his HD
> and putting it in another system as a 2nd drive and just reading the data.
> But XP encyption can be beaten just by reseting the logon password and you
> have access to all the files. I need something as easy as XP encryption
but
> which forces the user to enter the encryption password once per logon. Any
> ideas?
>
> Thanks,
> Tom
>
>