Is there any point in using a strong password on a laptop if the HDD is not encrypted?

Is there any point in using a strong password on a laptop if the HDD is not encrypted?

I was wondering whether an Admin password like "gW%94Slkx" on a laptop is any safer than, say, "abc" if your HDD is not encrypted. If you lose your laptop or if it gets stolen, all your data is easily accessible anyway. And there are shareware/freeware utilities to recover the password anyway. Any good reason for the finger excersise every time I start up my laptop?

Asked by: Guest | Views: 318

Total answers/comments: 4

Comments display order:

Guest [Entry]

Sure. Tying your bike to a tree with a rope is more secure than not tying it at all. The fact that there are ways around some security-devices doesn't mean you're just as vulnerable without them. Even if you're not encrypting your data, use a strong password because it will still offer some degree of protection. In all honesty, the degree of protection a strong password offers will be sufficient in many cases to protecting your data - not all laptop thiefs are smart enough to pull the HD out, and reconnect it elsewhere.

Guest [Entry]

"Yes, there are benefits.

For one, the casual snooper is prevented from accessing your data.

However, with things like the TRK (http://trinityhomedotorg/Home/index.php?wpid=1&front_id=12) keep in mind that the only real security is full-drive encryption."

Guest [Entry]

"If it gets stolen, not really... but

If it's a complex password it will be harder or impossible to crack - meaning that yes, the data on the laptop is compromised - but as most people re-use passwords and if the thief can crack your password and figure out who you are, the thief may gain access to other resources of yours as well. Like your Faaaacebook! ^^ (I've heard rumours of banks in other countries actually allowing login with only a password - if that was true then this could mean even more trouble ;)

If it isn't stolen though, it sure makes a difference. But perhaps this computer is not connected to any networks? ;)

Keep in mind that password complexity really is about length - the longer the password the better. Special, hard to remember and type characters makes less of a difference than actual length:

I love my underwear!
""Fa#¤!""#D

Guess which one would take less time to crack? And if the second one is mostly based on a word or a name, like L3gol4s, it would go down fast with a hybrid dictionary attack as far as I know."

Guest [Entry]

"In my case, yes. I use Mac OS X and the Keychain feature that comes with it. It stores my passwords to websites and network shares in a secure database that is unlocked when I log in to my laptop.

The passwords in that database are encrypted (Triple DES) and can't be easily exposed just by having physical access to the machine. Likewise, using physical access to reset my account password will disable access to the Keychain database.

http://support.apple.com/kb/HT1631

So if your login is tied to any kind of security or encryption measures, then yes, using a strong password is a very good idea."