Unless the laptop is a DC, the user account would not be on that machine so one would be unable to change the EFS owner's password.
-----Original Message----- From: Kent James [mailto:[EMAIL PROTECTED]] Sent: Wednesday, March 13, 2002 9:56 PM To: Security-Basics Subject: Is W2K EFS trivial to crack? In a recent thread here, it was reported how easy it is to gain access to the administrator account on a W2K system. So in the stolen laptop with EFS-encrypted files scenario, someone could just reset the administrator account password, change the password of the user account, log on as that user, then access all of the EFS-encrypted files. Is this correct (which makes EFS useless as a file encryption scheme)? +----------------+ Kent James [EMAIL PROTECTED] +----------------+
