Technology in terms you understand. Sign up for my weekly newsletter, "Confident Computing", for more solutions you can use to make your life easier. Click here.

Are you ready for your computer to be stolen?

I often talk about computer failures of various sorts and what you should be prepared for: the crash that happens just before you save your document to disk, the failure that renders a disk completely unreadable and unrecoverable, or the computer that dies the true death taking all of your data with it.

You know the drill. Hopefully by now, you’re prepared for that.

But by being prepared for that, you’re actually only ready for one half of a somewhat-related disaster.

What happens when your computer … disappears?

Become a Patron of Ask Leo! and go ad-free!

It’s about more than travel

Typically, what we think of in a scenario like this is the traveler who’s lost his laptop. Perhaps he left it at the security checkpoint1. Or maybe it was stolen out of a hotel room. Or possibly something else happened. The bottom line is that it’s gone.

But that same scenario can play out elsewhere with the same result. Electronics are a popular item for theft and burglary at home and at work. Perhaps you take your portable computer to school or a local coffee house from time to time where it can also be stolen or left behind.

Regardless of the specifics, just about any computer can disappear. Certainly, the portable ones can as well as the desktops.

What then?

Data loss

The loss of the data on the computer is perhaps the most easily dealt with.

One of the other ways that your computer can “disappear” is that it can simply fail catastrophically.  The device may physically still be present, but as it’s no longer functional, that doesn’t help. Everything that was on it is gone. No, not all failures are this disastrous and this one isn’t that likely, but it can still happen – and thus, you must be prepared.

That’s what backups are for.

And by being prepared with a recent backup, you’re also prepared for the loss of your computer by other means.

Like theft.

Replace the computer, grab your data from your backup, and life goes on.

Thief!Data theft

What most people don’t plan on is the theft of the data that’s on their lost or stolen computer.

Be it the thief or the person he sells your hardware to, eventually your computer could come into the hands of someone who might know what they’re doing. Someone who might start poking around and discovering your data.2 Depending on how you use your computer and what you have stored on it, that could be a big deal.

This is where encryption comes in. If you have sensitive personal data on your computer, and especially if that’s on a portable computer of some sort, I would consider using an encryption tool such as VeraCrypt.

VeraCrypt can be used to either:

  • Create virtual encrypted drives; files that are “mounted” to appear as additional drives after you specify the proper passphrase.
  • Perform whole-disk encryption, requiring that you specify the proper passphrase as part of the boot process to unlock the entire contents of the hard drive.

I recommend that you do not rely on password protection in applications, such as Word or Excel, or tools, such as WinZip. While they have improved in recent years, I still believe that they remain ultimately only useful to keep honest people honest. If an intruder is determined, they’re often easily cracked with information found on the internet.

Whether you encrypt your entire drive (which has the benefit of encrypting the paging file, temporary files, and everything else), or just a large volume, it depends on a combination of your paranoia, how you use your computer, and how important the data is that might be stored. Security conscious businesses and government agencies will rely on whole-drive encryption.

Account theft

Depending on how you have your computer configured and how you use it, it’s often possible to extract from it such things as the passwords “remembered” for you by your browser. If your computer is stolen while it’s on or in standby or hibernation, it’s also conceivable that you might leave it signed in to various online accounts.  The thief could quite possibly change your password and steal your account without even needing the password.

This is where two-factor authentication comes into play.

If you have two-factor authentication properly enabled and configured, a thief can’t login to your account even if he has the password. That’s why I have it enabled on all my accounts that support it.

Two-factor authentication is becoming increasingly popular as more account hacks happen. Google is one of the earliest and most complete adopters, and other services are following suit. Check with your online service providers – email, online storage, etc. – to see if two-factor (also called multi-factor) authentication is available.

Mobile devices

In recent years, mobile devices have exploded. It seems like everyone is carrying at least one, if not more than one. Checking email, uploading photos, using social media – mobile is almost everywhere.

And naturally, mobile devices are being lost and stolen.

Mobile devices are a tad harder to secure. The single most important thing that you can do for a mobile device that you carry with you regularly is to lock it with a pin code (or in some cases, a swipe pattern). Yes, you’ll need to tap out that code each time you wake up your phone, but that’s a small inconvenience compared to having a thief have quick and easy access to the treasure trove of personal data that many people keep with them.

In addition, both Apple (via iCloud‘s Find My iPhone) and Android (through Google’s Android Device Manager) support locating and remote wiping of lost mobile devices, if set up before hand. There are also several apps that will instruct a mobile device to wipe or self-destruct on receipt of a specially formatted text message.

Theft & loss

The risks of losing a computer or mobile device are easy to overlook. Inconvenience and data loss are the first to come to mind, but understanding that your data could end up in the hands of a complete stranger is well worth considering.

And it’s worth preparing for it.

Audio

This is actually an expanded update to a podcast I recorded back in 2005.

Listen:

Download the mp3 (3M)

Footnotes & references

1: Something like 12,000 laptops are lost each week at airports. I have an exceptionally difficult time understanding how that can be. When I travel, my laptop is my life! 🙂

2: Fortunately, my understanding is that this actually isn’t all that common, but the fact is that it can and does happen.

12 comments on “Are you ready for your computer to be stolen?”

  1. Great article! Thanks to previous articles, I keep all of my data files in TrueCrypt, I have NO duplicate passwords, I use the maximum password allowed for each website, and I use KeePass 2 to keep track of those passwords. I have the passwords backed up in an Excel file in case something goes wrong with KeePass. Both the Excel file and the KeePass data file are within TrueCrypt. Fimally, I am using EaseUS Todo backup to backup my entire hard drive (System Backup) because of its ability to restore to dissimilar hardware. I do a system backup several times a month and data file backups every night. I have a local backup hard drive and a copy of that which I keep at my son’s house. If I am missing something, please let me know.
    Bob

  2. Hi Leo,

    Just a quick note to thank you for your invaluable Newsletter and to wish you a great Christmas & New Year !

    Mark & Helen O’Carroll in Dubai

  3. Today I realized that, despite my computer login password, Roboform logins, several backups to two external drives and Mozy online, and printouts of critical info – that if, God forbid, all of the hardware, etc., that I have at home were to go up in smoke, I would still not be able to access my online backup because I had not memorized my login info and the procedure: I had been depending on my Robo password manager to log on to my Mozy account. So today I created a new weekly task in my Outlook Tasks to remind me to access and restore some important file from Mozy online strictly from memory – how to find Mozy online, my login info and the procedure for download. Perhaps you need to do the same.
    Best Wishes, Norm

  4. Hi Leo,

    Now that you’re using Windows 8- can Truecrypt be used with Windows 8/8.1? The documentation I’ve seen doesn’t mention it, and “future” mentions providing full support for Windows 8. Safe to use the current version?
    Thanks!

  5. I know Leo prefers that the external drive remains connected to the computer so that automated backups can occur, but I’ve always been concerned that if someone did break in a steal my computer that they would also steal the hard drive … and there would go my data backups. Then what would I do?

    Instead I store the hard drive in a not so obvious spot nearby, and just get in the habit of pulling it out and doing a backup.

    • That’s another reason why Leo suggests more than one backup method. In your case, a cloud or online solution would complement your external hard drive solution so that in an extreme case like you mentioned with theft or loss of both system and backup, you’d still have an offsite data copy to begin the restoration process with. Cloud backup is not a good first choice due to the extreme speed difference between a local USB-3 external drive and the bandwidth of your internet provider. It has taken “days” to download and restore cloud backup data; which is why some cloud backup solutions include an overnight-ed copy of your data on hard drives, DVD or flash drives. It’s simply faster to wait the day or two for the mail to arrive, then to try to download the whole thing. Local hard drives can be used to restore data in a hour or less in most cases.

  6. First, I’ve leaned lots from your newsletter, Thanks for dedicating your time and effort!
    Second, this particular info was/is one of the most valuable newsletters to me, just wanted ta let ya know that you are appreciated, there will be a little sumthin’ coming for ya as soon as I figger out how to do it again… Happy Holidays, Mac…

  7. Hello Leo:
    Just a few words to say that I have only recently learned of your website, and must say that I am
    very much impressed with it. I know that I will gain a good deal of help from it. Thank you, &
    wishing you a Happy New Year — DWI

    • Is this an older article? I notice you are recommending TrueCrypt. As I understand it TrueCrypt is no longer supported. I have switched to VeraCrypt. It looks and feels much like TrueCrypt and will convert TrueCrypt volumes to VeraCrypt.

Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.