Changing Password

Topics: Technical Issues, Users Discussion
Oct 30, 2014 at 1:11 PM
Hi again :)

So I was installing a fresh copy of Windows on my SSD. I wanted to encrypt the system drive right off the bat, to make sure it would work, before spending too much time installing software and running Windows Update.

Therefore, I used a very simple, two character password (and hardly "moved the mouse" around the window) to save time, because I knew I would be doing many system restarts as software installed.

Now that I have the machine loaded, I changed to a much better, longer password, and "moved the mouse" around a lot.

I know to destroy my old rescue disk and create a new one. But other than that, should I have any concerns that my old, two character password might compromise the encrypted drive somehow? This is an SSD, if that matters...I know they have trouble overwriting old data.

Thank you!
Coordinator
Oct 30, 2014 at 8:48 PM
Hi,

When the password is changed and after the destruction of the old rescue disk, the only risk could come from someone who can retrieve your old volume header. That's why when the password is changed, the old header is overwritten many times to ensure that no magnetic trace is left on the hard disk.
Unfortunately, this doesn't hold for SSD drives where data is usually not overwritten to the same physical location but rather to a new location, thus leaving the old header theoretically accessible to a skilled attacker. However, in practice, this is a very difficult task.

My personal opinion is that SSDs are not a good choice for handling sensitive data because of the difficulty of applying strong security policies to their storage handling.
Oct 30, 2014 at 9:16 PM
Good stuff, thank you idrassi.