My college says to lock your computer – will that make it safe? For example
in Windows, pressing the Windows Key + L locks the computer. It seems to me if
you do lock it there are still a few folks know how to unlock it and help
themselves. So should I feel safe locking the computer?
Of course it depends on the situation, but locking your computer is a very
mild form of security. It’ll help keep honest people honest, but the rest? Not
I’ll show you why and how and what you really need to be doing instead.
I liken locking your computer to putting a cheap padlock on a box or door. Most people don’t care and won’t take the trouble to try and defeat it. In that sense it’s pretty cheap and reasonable security.
Unless, of course, someone really wants to get in.
All they need to do is walk up with a bolt cutter of sufficient size and cut the padlock off. It’s very easy and quick – if you have the right tools.
The right tools to break into a locked laptop are not only easy, they’re free.
You might think that guessing your password would be the way to go, since locking the machine requires that you enter your password to regain access. That’s one approach, particularly if you have an easy to guess password. (It’s kinda like picking that padlock above – if it’s a really cheap padlock, or you’re really good at picking, perhaps it’ll work.)
I’d skip that step completely and bring out the equivalent of the bolt cutters right away. Here’s what I’d do:
I’d get a copy of the Offline NT Password and Registry Editor (I’ve discussed it more in a prior article: I’ve lost the password to my Windows Administrator account, how do I get it back?.)
Then I’d force the machine to reboot – turning it off if necessary – and booting into that tool.
I’d reset the administrator password.
I’d reboot the machine and login as administrator.
I’d then have total access to anything on the machine.
Yes, it really is that easy, and is exactly why I so often repeat:
If it’s not physically secure, it’s not secure.
I’m sure that there are other approaches as well, it’s just one example of a virtual bolt cutter I happen to know works well.
So, what to do?
Locking your computer is not a bad idea. As I said, it’ll keep honest people honest, and also keep out those who are less technically competent (i.e. those that don’t know how easy it is to get in).
And it’s possible that in doing so, along with traditional security like not leaving your computer unattended in public places, that it might be enough. Knowing how easy it is for someone to get it, though, that’s a judgment call you’ll have to make based on the importance and privacy of what’s on your computer and the real likelihood that anyone would actually care enough to try and break in.
If you feel you need more security than that, then:
Never, ever let anyone use or borrow your computer.
Never, ever leave your computer somewhere where it can be accessed by someone else – running or not, locked or not.
Strongly consider using encryption to keep your data secure, and only decrypting as needed or making sure to turn on auto-dismount options in tools like TrueCrypt.
Always use a strong password.
Sadly it’s all too easy to walk up to a computer and access everything there is on it. Particularly for laptops, which can of course be easily lost or stolen, there’s a real concern about data loss and data privacy.
Its important you understand the risks, and take steps appropriate to your situation to protect yourself.