Michael R Mattys
mmattys at rochester.rr.com
Thu Apr 10 06:08:43 CDT 2008
John, Why are you encrypting your entire drive? Or any of it, for that matter? The benefit must outweigh the cost ... Michael R. Mattys MapPoint & Access Dev www.mattysconsulting.com ----- Original Message ----- From: "jwcolby" <jwcolby at colbyconsulting.com> To: "Access Developers discussion and problem solving" <accessd at databaseadvisors.com>; "Tech" <Dba-Tech at databaseadvisors.com> Sent: Thursday, April 10, 2008 12:52 AM Subject: [AccessD] Bitlocker >I am setting up bitlocker to encrypt my entire hard drive using Vista. > Rather an experience as I didn't set it up from the gitgo but it is > progressing once I managed to get the little boot partition set up. My > Dell M90 has the TPM hardware and stuff which is cool. > > One thing I thought you might be interested in is my solution for > storing the "catastrophe" keys required in case the configuration > changes enough to trigger a refusal to boot. Everywhere I turned I saw > comments about the problem of safely storing the key so that it was > available if needed but couldn't be found. > > My solution... a 1 mbyte Truecrypt volume that stores the keys inside. > > Not a perfect solution in that it requires mounting the usb thumb drive > somewhere, running Truecrypt to get the key files out and placed on the > thumbdrive unencrypted. However the keys are encrypted and the little 1 > mbyte bitlocker key volume can be stored right on the bitlocker boot > partition along with Truecrypt itself, as well as on a couple of my USB > thumb drives. > > I have a 22 character password with alpha, numbers and special > characters protecting the Truecrypt volume. > > At least if my laptop is stolen I can sleep at night without worrying > about client data. > > So Vista is chugging away encrypting my hard drive. Off to bed. > -- > AccessD mailing list > AccessD at databaseadvisors.com > http://databaseadvisors.com/mailman/listinfo/accessd > Website: http://www.databaseadvisors.com >