If my PC is stolen...how vulnerable is my email account

[SammyAxolotl]

Just suppose....

Some low-life steals my pc.
He opens Outlook and now has my email address and my email account send and receive settings.
He then picks a likely site that uses my email address as my login, say PayPal, and clicks 'Forgot password'.
Then the nice people at PayPal email me my password...except it's not going to be me that gets the email is it?

Am I missing something or is it really that easy?
And if it's that easy how can you protect against this?

 

[EvanDavis]

Welcome to the forum.
Yes it is that easy.

I have a password prompt setup on my laptop for Outlook. Have a read of this link for more help setting one up

 

[Abarbarian]

https://secure.wikimedia.org/wikipedia/en/wiki/Full_disk_encryption

https://secure.wikimedia.org/wikipedia/en/wiki/Disk_encryption_software

http://www.myispfinder.org/ispblog/2011/10-freeware-tools-to-encrypt-your-hard-drive/

http://www.ilovefreesoftware.com/21/featured/free-hard-drive-encryption-software.html

Keep everything safe with just the one password. True Crypt is one of the programs I have tried and gets my vote.

 

[Silverhazesurfer]

While not to discount Barbarian up there, I don't like the encryption options all that much. Or at least third party encryption. Remember this, if someone wants your information, they can get to it. There is a saying that locks only keep honest people honest. I also believe that encryption will eventually pose a problem to you getting at your information at some point in time.

There are ways to protect yourself that do not necessarily require you to spend money. Be logical and thorough with your process and you should never have a problem.

Your computer has a BIOS password that will prevent someone from even allowing an OS to start. There are ways around it. Requires a disassembly of the machine, but it can be done. Windows Passwords are only as secure as the OS is. If you do not put a BIOS password on, I can boot your machine with a CD that tells me your password. From that point, I have all of your information that is stored.

In reality, if someone takes your laptop and you have personal information that could allow them to take your identity or otherwise, there is nothing you can do about it. If they are smart enough, they will get what they want. The point is, if it isn't a matter of national security, don't keep important documents there and don't save passwords in websites. If there is no password stored, there is nothing that can be done to acquire your identity. If the laptop is taken, change your email passwords immediately to preven this type of thing.

TL;DR Be smart about your data/password management and you won't really ever have an issue.

 

[V_R]

Skip to about 3 minutes.

 

[Silverhazesurfer]

+1000 Internets for V_R

 

[floppybootstomp]

Nice link V_R, that was well worth watching

Myself, I'm just waiting for the inevitable spam link...

 

[Anon_F]

You not been up to something naughty on the net you dont want anyone to see?

 

[crazylegs]

Great link V R

Thanks for posting..

 

[Ian]

Yep, as others have said it really is that easy .

The truecrypt software that Abarbarian is a free and easy way to solve this - I use it on my laptop in case I ever lost it.

 

[SammyAxolotl]

I have a password prompt setup on my laptop for Outlook. Have a read of this link for more help setting one up

I didn't realise you could do this. The article says it's not particularly secure but, assuming the thief's not a computer wiz, I guess it it would buy a bit of time to change my email account send/receive password(s). So I've done it. Thanks.

 

[SammyAxolotl]

I also believe that encryption will eventually pose a problem to you getting at your information at some point in time.
I'm with you on this one. I'm not averse to encrypting the odd file here and there but I'd be a bit nervous about operating with whole partitions that way.

If the laptop is taken, change your email passwords immediately to preven this type of thing.
Good advice.

Be smart about your data/password management and you won't really ever have an issue.
More good advice. I use a password manager and have a different password for every site. And I keep the various password/login details discretely in an encrypted file on a drive separate from my PC...

...but sadly this wouldn't stop the crime described in my original post. That is, if they have my email details from the stolen PC (before I can change the password because I'm in Hawaii for two weeks vacation), at the logon screen on websites where my username is my email address they only have to click on 'Forgot my password' et voila, 30 seconds later it's in my/their inbox.

 

[EvanDavis]

...but sadly this wouldn't stop the crime described in my original post. That is, if they have my email details from the stolen PC (before I can change the password because I'm in Hawaii for two weeks vacation), at the logon screen on websites where my username is my email address they only have to click on 'Forgot my password' et voila, 30 seconds later it's in my/their inbox.

IN simple, if they want your details they will get them, but chances are, most toe rags that steal your computer are jus after their net fix, so don't really care. Follow the steps I showed or those that Barbarian did.

 

[itsme]

Whoops!!!!

 

[V_R]

You not been up to something naughty on the net you dont want anyone to see?

Nah if that was the case he'd just use the private browsing mode.

Whoops!!!!

Someones not read the thread?