Is my data safe in encrypted vault using keychain access?

[pjny]

Hi,

I'm using Agilebits KNOX encrypted vaults for some data. The vault automatically loads because it is linked to my keychain on 10.8.2. My question is:

I don't have filevault 2 encryption so if the laptop is stolen and someone removes the hard drive and accesses the data on the drive(using enclosure) is there any way my data can be accessed in the vaults since keychain is et to remember the vault password?

Thanks.

 

[Ledgem]

Hi,

I'm using Agilebits KNOX encrypted vaults for some data. The vault automatically loads because it is linked to my keychain on 10.8.2. My question is:

I don't have filevault 2 encryption so if the laptop is stolen and someone removes the hard drive and accesses the data on the drive(using enclosure) is there any way my data can be accessed in the vaults since keychain is et to remember the vault password?

Thanks.

If they can gain access to your account (and with it, your default keychain) then yes, they would be able to access the data. If they can only get the Knox volume off, then the data would be inaccessible to them unless they were able to crack the password (the feasibility of which depends on how strong your password is).

In this case, a weak password on your account could negate having a strong password on your Knox volume. An exception to this could be if you have a separate Keychain with the Knox volume password in it. I don't have experience with multiple keychains, but I'm under the impression that each keychain can have a separate password (although I might be wrong). In this case, having a separate keychain with a separate password from your login would represent another layer of security - or at the very least, yet another password to crack. Create a few decoy keychains if you're truly paranoid to waste your assailant's time with more things to crack.

 

[pjny]

Thanks.

If they can gain access to your account (and with it, your default keychain) then yes, they would be able to access the data. If they can only get the Knox volume off, then the data would be inaccessible to them unless they were able to crack the password (the feasibility of which depends on how strong your password is).

In this case, a weak password on your account could negate having a strong password on your Knox volume. An exception to this could be if you have a separate Keychain with the Knox volume password in it. I don't have experience with multiple keychains, but I'm under the impression that each keychain can have a separate password (although I might be wrong). In this case, having a separate keychain with a separate password from your login would represent another layer of security - or at the very least, yet another password to crack. Create a few decoy keychains if you're truly paranoid to waste your assailant's time with more things to crack.

 

[Edie Brickell]

If you are using filevault 2 and has encrypt your drive with this application, there is no need to worry about your data theft as filevault 2 is much secure. This application generates a large password which is not possible to remember.

 

[itickings]

If you are using filevault 2 and has encrypt your drive with this application, there is no need to worry about your data theft as filevault 2 is much secure. This application generates a large password which is not possible to remember.

...which doesn't mean a thing if the account itself is only protected by a weak password.

 

[Edie Brickell]

...which doesn't mean a thing if the account itself is only protected by a weak password.

You will need your login password or a recovery key to access your data. A recovery key generally generates a larger password which is not easy to remember. You have to copy this password or keep remembered in a safer place.