Windows 10 How secure is the login screen?

[Soldier]

Hi. I run bitlocker on my system, so everytime I boot the system up, It requires bitlocker. However I often leave my computer with only the Windows login screen showing, which requires a password. If my laptop was seized by authorities for example, while the system was still on the login screen, what would they be able to do? The "Forgotten password" option on the login screen, could this be hacked? Or is there a way to access my data without even logging in? I know the safest way would be to shut down the computer everytime, so that the bitlocker passworded is needed, but its quite inconvenient.

 

[BIGBEARJEDI]

Hi,
Not sure if you mean you are using Bitlocker to encrypt your entire hard drive or all hard drives on your system. The short answer is "Yes", law enforcement can crack your password on a Windows login screen. And they would have full access to your system. And have access to everything you have access to. If you used a separate password for your bitlocker, then that would take them more work to get to it. Also, if your system was seized for any reason it's very easy for them to access your data without logging in, but the separate password encrypted bitlocker files would be more difficult but not impossible to defeat. Hopefully, you are not planning on doing anything illegal with your Computer, as we don't condone that sort of thing on this forum. Shutting down your computer does increase your privacy, but not all that much. A Windows login password will provide some protection say if your home or apartment were broken into and burglars stole your computer; but even script-kiddies in elementary school can crack windows passwords these day. The bitlocker is the next level of protection from those type situations or to keep family and roommates from prying into your private files, but won't stop forensic computer examiners.

<<<BIGBEARJEDI>>>

 

[Soldier]

Hi. I was under the impression Bitlocker could not be cracked as it uses AES 128 by default which is impossible to crack. I have found a guide on how to change it to AES 256 which I plan on doing. I had read articles of people using TrueCrypt and it could not be cracked by authorities, which uses the same encryption as Bitlocker.

Is there another Windows Lock screen application which I can install which will provide more security? I want it setup in a way that whoever looked at my computer, would be forced to restart to be able to do anything on it. If the windows login screen is not secure, then it is not a good solution.

 

[MikeHawthorne]

Hi

There is software that will make the files invisible to anyone looking at it unless you open a hidden program and log in using a password.

This is good to stop a casual snooper but wouldn't fool the FBI.
As soon as you close the program from the task bar the files all disappear again.

If someone did get by your lock screen they wouldn't see any of the files unless they know how t show them and had the password.

There is one called Wise Folder Hider that's free.

Mike

 

[Neemobeer]

On a non-domain joined computer, there is no lockout policy so provided it's on, the only thing they could do is try and guess your password repeatedly. If they wanted to remove the drive and access the data they would need the bitlocker recovery key. In some cases if the computer is logged in and the screen is locked, the same applies that they would need to brute-force the password, however when the computer is logged in the data in memory is decrypted so it is possible that they could power the computer off and if done fast enough they can actually dump what is in memory. This is very advanced though and fairly unlikely. Bitlocker is only data at rest encryption. It doesn't safe guard against data in-use (when you are logged in) or data in transit (transmitting data over the network). Now if you wrote the bitlocker key to a usb drive, the FBI would merely ransack your house and confiscate your computer and probably the usb drive and they could get to your data that way.

 

[Soldier]

Hi. So if I am to leave my computer on the Windows Logic screen, and it was sized during that time, the smart move for them would be to keep it on this login screen and not let it shut down. Because as soon as its shut down there is zero chance of breaking Bitlocker. But they have a small chance of accessing data while its on the login screen?

 

[Neemobeer]

They can still try and brute force from the login screen. It is theoretically possible to power down a system and move the memory and read what was there, but I haven't heard of any real world examples.

 

[Soldier]

What if my computer was connected to another computer while on the login screen. Are there not some tools which can be used from another computer, which could bypass the login screen or read the non encrypted data?

 

[Neemobeer]

Yes

 

[Soldier]

That doesnt really solve my issue then. I am looking for an alternative lock screen app. Or an app which will force the computer to shut down from the login screen based on certain conditions. For example lets say my computer was seized and they decided to keep it on the login screen. Im looking for some kind of app which will force it to shut down, even if its not idle, after a certain amount of time.

 

[Neemobeer]

Doesn't exist, you can't replace winlogin.exe.

 

[Soldier]

There are plenty of lock screen applications. You can just search "lock screen software" on Google. The problem is I dont think any of them have the feature I want. The feature of auto shutting down on Idle is pretty common. But I am looking for a feature that will shut down regardless of the system being Idle or not, which would solve my issue.