 |
 |
 |
 |
Administrators can recover lost passwords for encrypted volumes created using branded SafeHouse utilities as described in the previous section. If you lose the password for an unbranded encrypted volume, the password is lost forever. Please do not call PC Dynamics for help when this happens as we do not have any alternative capability to recover your lost passwords.
Before going much further, it is important to note that you cannot actually recover a specific lost password; but rather, you can recover from losing your password by choosing a new one. This subtle distinction is due to the fact that passwords are not actually stored to disk. Instead, SafeHouse stores a mathematical representation of passwords using a popular technique known as MD5 message digests. By using message digests, SafeHouse can determine if you enter the correct password without actually knowing the true password. The most obvious benefit of this technique is that hackers won’t be able to find your passwords using disk scanning utilities. Another important benefit is that administrators cannot secretly snoop out passwords since the recovery process forces a password change, which would in turn alert the primary owner of the encrypted volume.
Password recovery begins by running the Change SafeHouse Password utility. You will find an option on the dialog’s System Menu named Backdoor. Choosing this item displays a message box similar to the one shown above. If this item is dimmed, then the volume is not branded and password recovery is therefore not available.
| TIP: | For Windows 95 and NT 4.0, the System Menu is displayed by right clicking on the caption bar. For Windows 3.1, the menu is displayed by left clicking the small icon located at the far left of the caption bar. |
One of the first things you should notice is that the contact information you entered during the branding process appears within this message box. This makes it easy for stranded users to find out who to call in case of emergency. This same information can also be used to help support personnel determine your administrative domain.
Pressing the button on this message box displays the initial recovery dialog.
SafeHouse supports two modes of password recovery. Local recovery requires that the administrator have direct access to the encrypted volume. This usually means being in close physical proximity to the troubled PC. Remote recovery allows administrators to assist users over the telephone. Both methods have the same result and are equally secure. The primary difference is that remote recovery requires a few extra steps in order to avoid disclosing the administrator’s password over the phone.
Local password recovery requires that the administrator be able to walk up to the PC and type in their administrator’s password. This is by far the most convenient of the two recovery methods.
The dialog shown here is the one displayed when you click the OK button on the Backdoor message box.
Enter the administrator’s passphrase, or password, exactly as specified during the branding process. Then press OK.
Assuming the correct passphrase was provided, a message box is displayed informing you that the volume’s password has successfully been changed to "password" (all lower case) and that you should immediately choose a new password.
That’s it. You’re done.
Please note that if ActivCard authentication for password recovery was specified during the branding process, then the administrator performing the recovery must have a corresponding ActivCard and respond correctly to an additional authentication dialog.
| TIP: | Some people find it convenient to use the Windows clipboard to paste long passwords into the edit field. |
Remote password recovery is used when the administrator is unable to directly access the troubled PC. The remote recovery dialog (below) is displayed by pressing the Remote Recovery button on the initial backdoor dialog as seen in the photo above.
The reason this procedure is slightly more involved than the local recovery method is that it is imperative that the administrator’s password be kept secret. Without this second method, the administrator would have to disclose their password to the troubled user over the phone. It would then be possible for that user to access the encrypted volumes for all other users within their same domain.
The remote recovery procedure incorporated into SafeHouse employs the use of public/private key algorithms. You may already be familiar with these algorithms if you spend a lot of time on the Internet. The primary benefit of this technique is that only public information is openly exchanged. There is no need for secrecy as the troubled user and administrator perform the recovery.
The first step in a remote recovery is to display this dialog window as described above.
The Challenge Sequence numbers are generated automatically by the program and must be communicated to the administrator. These numbers are always formatted as twelve four-digit values. Checksum information is embedded within the challenge to ensure that all the values are communicated correctly.
The administrator responds by providing a corresponding sequence of numbers which are entered into the Response field. Response values are presented as four four-digit values. Press OK to accept the response.
Please note that if ActivCard authentication for password recovery was specified during the branding process, then the administrator performing the recovery must have a corresponding ActivCard and respond correctly to an additional authentication dialog. Since only the troubled user has access to the PC, the ActivCard authentication must be done over the phone by voice between the user and the administrator. This does not present a security breach due to the algorithms employed by the ActivCard.
Remote Recovery from the Administrator’s Perspective
When recovering passwords over the phone, it is necessary for the administrator to use a special utility designed just for this purpose. The SDWULOCK.EXE program is usually invoked using the Remote Password Recovery icon installed automatically by SETUP when administration components are selected. It is not necessary for normal users to have this utility. Further, this utility is completely useless without the administrator’s password.
The administrator begins by entering their administrator’s passphrase into the top edit field. This is the same passphrase selected during the branding process.
Next, the Challenge Sequence field must be filled in with the values communicated by the troubled user. These numbers are always formatted as twelve four-digit values.
Press the Response button to generate the corresponding return codes which will be formatted as four four-digit values. These numbers must be communicated back to the user and input into their open dialog window.
All of the values exchanged between the user and the administrator contain checksum information which allows the programs on both sides to test for valid number sequences. Appropriate error messages are displayed if incorrect values are detected.
| Note: | The challenge digits generated by the user’s program are one-time values. If the dialog window on the user’s side is closed before entering the corresponding response codes, you will need to start over with new challenge sequence numbers. |
|
|
|
|