Posted on June 9, 2020 at 11:47 am
To avoid your encrypted disk (Truecrypt, Veracrypt, Bitlocker, etc) from being decrypted your first rule should be to use a strong password, then you need to make sure an attacker cannot access data that was saved in the memory, else he can dump the decryption key that was stored in the memory and then remove the encryption from the encrypted disk.
Here are a few rules to follow:
1) Use a strong 25+ password that uses symbols
2) Disable hibernation on your computer
* To prevent an attacker from stealing a memory image from hiberfil.sys.
3) Always dismount encrypted volumes when not needed
4) Always power off the system
A common software used to decrypt disks is:
https://www.passware.com/kit-forensic/
Other Posts
- Set OpenVPN to Listed on a Specific IP Address
- Bash Trim Leading and Trailing Whitespace from a String
- Bash Get Name of Ethernet Network Interface
- VPN Providers with Dedicated Static IP Address
- OpenVPN Iptables Rules
- WireGuard VPN Iptables Rules
- How to Install WireGuard VPN in Debian 10 Buster
- Bash: No space left on device (inodes issue)
Updated Posts
- Add Desktop shortcut for all Windows PC users
- How to pass custom command-lien parameters in InnoSetup
- Programmatically create desktop icon with InnoSetup
- GeneratePress - a Lightweight WordPress Theme 2021
- InnoSetup disable DesktopIcon via command-line
- Use cURL to authenticate with JWT Bearer tokens
- Detect VMWare Virtual Machine
- Detect Microsoft Virtual PC Virtual Machine