top | item 46744838

(no title)

This is a bit tricky as it couples the user's password with the disk encryption key. If a user changes the password they would then need to change the encryption key, or remember the previous (possibly compromised) password. A better option is to force the user to record a complex hash, but that's never going to be user friendly when it comes to the average computer user.

Basically, we need better education about the issue, but as this is the case with almost every contentious issue in the world right now, I can't imagine this particular issue will bubble to the top of the awareness heap.

discuss

winstonwinston|1 month ago

The system handles these changes for the user automatically. The disk key is encrypted by user password, when user changes the password, the system completes disk key rollover automatically. Which means it will decrypt key with old password and then encrypt key with new password.

digiown|1 month ago

Windows also allows you to reset your user password via Microsoft, which complicates things a little

daneel_w|1 month ago

The encryption key for the drive never changes. The key is just re-encrypted when you change your password.