sundance-communications.com/forum Forums Computers & Programming Computers, Software, Accessories make it secure???? laptop security!

Since we have had a discussion on cracking passwords....Next question...What can I do to keep the passwords from being cracked??? I have my laptop password protected in the bios and also windows login. I know this won't stop the hard core hackers...but if someone makes off with my laptop, I want them to have a hard time trying to get it to work. Just wondering about ways to make it more secure.

The best way to keep passwords from being cracked is to not use any word you might find in a dictionary, or a simple variant of a dictionary word. You really need to use one of those nonsensical passwords that include small letters, capitals, numbers and symbols, that make no sense at all, and are therefore very hard to remember.

As an alternative, consider using a physical security key in addition to a password. This means something that you have in addition to something you know. This can be something on your keychain or a fingerprint. There are many inexpensive USB fingerprint readers available now.

I also saw advertised a USB proximity detector. This consists of a little dongle you plug into a USB port plus a little fob you put on your keychain. When you move more than 3.7 meters away from your computer, the operating system is locked and cannot be unlocked until you, or your keychain, returns.

If you are interested in protecting the content of your computer, you need to use file encryption.

BIOS-based passwords are great against someone booting up your laptop. But that can be worked around at the hardware level.

Windows log on password is a basic protection for your identity, since most programs identify the individual user based on info stored in that user's registry. With NTFS, data security can be enforced, to an extent. But a user with sufficient administrator rights, can take ownership of the data, and reassign the data security rights. Windows XP Home might not be so great on this, because there's no dedicated administrator accounts.

However, if I just made off with your laptop, and I wanted your data, I'd probably just rip the hard drive out, and load it up in my own 2000 Pro, or XP Pro environment, logged in as the local machine administrator. I should then be able to access the data, taking the ownership as necessary.

This is where a third-party encrypted file system would come in handy. It can be as simple as a password-protected Zip file. But I wouldn't use the encryption offered in Windows, because it's probably just as username oriented as NTFS security is.

The most useful item i have is an offsite backup program. I have a particular folder which i always save to, if it’s important, and make sure it’s backed up daily …remotely. There’s hardly a time when that laptop is not on the internet and usually take less than a couple of minutes.

Encryption is the only way to secure your data, passwords can easily be changed as noted above. More than likely if someone yanks your laptop they are going to reformat and hock on eBay.

Password protection is a joke. I changed two unknowns today. First using a utility from Winternals and second one using a Linux based boot disk that allowed me to change the existing password to whatever I wanted. The best protection today is a 115lb. Rottweiller.

a buddy of mine at another college had his laptop stolen from his unlocked room (first mistake), I asked if he had a lock on it which he did, those can be ripped right off the case...

Not to mention the fact that a pair of "snips" is usually more than adequate to handle the stainless steel cable.

I thought once you ripped the lock off it also ripped something inside the computer that rendered it unusable.
Is that not true?

Could be the case (no pun intended) but I don't know as every laptop is (usually) different.

You could use PGP to encrypt an entire hard disk. I don't believe the software costs too much and PGP has been around a while. That would make it extremely difficult for someone to access your data. I believe this is the type of thing Rob was referring to.

https://www.pgp.com/products/wholediskencryption/index.html