?
Solved

User encrypted with Truecrypt. Password does not work

Posted on 2014-11-09
7
Medium Priority
?
204 Views
Last Modified: 2014-11-10
User encrypted some credit card info. I saw her type the password. I typed the confirmation password. When trying to unencrypt, says wrong password? Whaaa??

The old keyboard was defective as we found out. Caps lock was flaky. We tried the password about twenty times. Is there a way to crack Truecrypt? We have the credit card info, that is ok. Just wondering. We did not have the bitlocker option.
Thanks
0
Comment
Question by:dronethought
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 37

Accepted Solution

by:
Neil Russell earned 2000 total points
ID: 40431016
In a word? NO.
There would be no point to TrueCrypt if it was as simple as going online to a forum and asking "Hey, how do I crack TrueCrypt?"

There are of course some "Brute force" "Dictionary" cracking programs for TrueCrypt that will attempt to crack TrueCrypt encrypted disk partitions but that is on the assumption of you having used a simple dictionary password and not a long, strong encryption key.

Besides that, the rules of EE would not allow the discussion of the technicalities of cracking an encryption program.
0
 
LVL 15

Expert Comment

by:cwstad2
ID: 40431087
Unfortunatley its not as simple as you may think. However you can type into google cracking truecrypt and you will have a host of websites and videos that may help you. good luck
0
 
LVL 13

Expert Comment

by:Rizzle
ID: 40431090
This question defeats the object of the encryption in the first place. Bear in mind Truecrypt was deemed insecure by the developers of the software hence why it was shutdown. No doubt someone has cracked the encryption by now but as stated this cannot be discussed here.
0
Get MySQL database support online, now!

At Percona’s web store you can order your MySQL database support needs in minutes. No hassles, no fuss, just pick and click. Pay online with a credit card.

 
LVL 37

Expert Comment

by:Neil Russell
ID: 40431093
@Roshan Ejaz
" Bear in mind Truecrypt was deemed insecure by the developers of the software hence why it was shutdown"

An often misguided statement.  The actual statement from the development team was this...

"WARNING: Using TrueCrypt is not secure as it may contain unfixed security issues"

That is to say, this product is not being developed anymore and there MAY be security issues that arise in the future that we/nobody is currently aware of.  It does NOT say "We have proved it is insecure and are therefore closing down TrueCrypt.

For further information on this and a good read on the possible resurrection of TrueCrypt pay a visit to www.esecurityplanet.com and read the September 2014 article on there.
0
 
LVL 13

Expert Comment

by:Rizzle
ID: 40431096
So the part where it says "may contain unfixed security issues" doesnt mean it isnt insecure? Of course it mean its insecure hence why they put that!

They closed it down due to being insecure and they also found bitlocker as a better/more secure alternative.

Read this.....
http://krebsonsecurity.com/2014/05/true-goodbye-using-truecrypt-is-not-secure/
0
 
LVL 37

Expert Comment

by:Neil Russell
ID: 40431123
Firstly, understand that there is no such thing as "Secure".  The article you quote is some 3 or 4 months older in time and things change pace quickly in the world of computing as I am sure you know.  It is widely agreed in the security world that no major security holes have to date been discovered/disclosed in TrueCrypt.  The code analysis showed up a few minor to medium "Issues" in the codes strength but when you consider that this include the fact that "The code is not strongly documented" then I am sure that most people using that to protect there private details would not panic and think it "Insecure"

As to bitlocker being secure.....
You can see that this is not exactly true. In the world of computer forensics, nothing is really secure.

Often the most insecure thing in IT Security is physical access. Get that right and you have solved 95% of the problem.  The next 4% is down to users getting wrong information and being led to believe that "Secure" means SECURE!
0
 
LVL 2

Author Closing Comment

by:dronethought
ID: 40434007
Thank you all!!!
0

Featured Post

Get MongoDB database support online, now!

At Percona’s web store you can order your MongoDB database support needs in minutes. No hassles, no fuss, just pick and click. Pay online with a credit card. Handle your MongoDB database support now!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Good afternoon all, We are running a VM infrastructure on a clustered ESX environment with two DELL R710's.  One of our IT Application Support Engineers contacted me and asked if it was possible to extend the partition of a certain Windows 2003 S…
The article will include the best Data Recovery Tools along with their Features, Capabilities, and their Download Links. Hope you’ll enjoy it and will choose the one as required by you.
Finding and deleting duplicate (picture) files can be a time consuming task. My wife and I, our three kids and their families all share one dilemma: Managing our pictures. Between desktops, laptops, phones, tablets, and cameras; over the last decade…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
Suggested Courses
Course of the Month9 days, 20 hours left to enroll

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question