Solved

User encrypted with Truecrypt. Password does not work

Posted on 2014-11-09
7
194 Views
Last Modified: 2014-11-10
User encrypted some credit card info. I saw her type the password. I typed the confirmation password. When trying to unencrypt, says wrong password? Whaaa??

The old keyboard was defective as we found out. Caps lock was flaky. We tried the password about twenty times. Is there a way to crack Truecrypt? We have the credit card info, that is ok. Just wondering. We did not have the bitlocker option.
Thanks
0
Comment
Question by:dronethought
7 Comments
 
LVL 37

Accepted Solution

by:
Neil Russell earned 500 total points
ID: 40431016
In a word? NO.
There would be no point to TrueCrypt if it was as simple as going online to a forum and asking "Hey, how do I crack TrueCrypt?"

There are of course some "Brute force" "Dictionary" cracking programs for TrueCrypt that will attempt to crack TrueCrypt encrypted disk partitions but that is on the assumption of you having used a simple dictionary password and not a long, strong encryption key.

Besides that, the rules of EE would not allow the discussion of the technicalities of cracking an encryption program.
0
 
LVL 15

Expert Comment

by:cwstad2
ID: 40431087
Unfortunatley its not as simple as you may think. However you can type into google cracking truecrypt and you will have a host of websites and videos that may help you. good luck
0
 
LVL 13

Expert Comment

by:Rizzle
ID: 40431090
This question defeats the object of the encryption in the first place. Bear in mind Truecrypt was deemed insecure by the developers of the software hence why it was shutdown. No doubt someone has cracked the encryption by now but as stated this cannot be discussed here.
0
How our DevOps Teams Maximize Uptime

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us. Read the use case whitepaper.

 
LVL 37

Expert Comment

by:Neil Russell
ID: 40431093
@Roshan Ejaz
" Bear in mind Truecrypt was deemed insecure by the developers of the software hence why it was shutdown"

An often misguided statement.  The actual statement from the development team was this...

"WARNING: Using TrueCrypt is not secure as it may contain unfixed security issues"

That is to say, this product is not being developed anymore and there MAY be security issues that arise in the future that we/nobody is currently aware of.  It does NOT say "We have proved it is insecure and are therefore closing down TrueCrypt.

For further information on this and a good read on the possible resurrection of TrueCrypt pay a visit to www.esecurityplanet.com and read the September 2014 article on there.
0
 
LVL 13

Expert Comment

by:Rizzle
ID: 40431096
So the part where it says "may contain unfixed security issues" doesnt mean it isnt insecure? Of course it mean its insecure hence why they put that!

They closed it down due to being insecure and they also found bitlocker as a better/more secure alternative.

Read this.....
http://krebsonsecurity.com/2014/05/true-goodbye-using-truecrypt-is-not-secure/
0
 
LVL 37

Expert Comment

by:Neil Russell
ID: 40431123
Firstly, understand that there is no such thing as "Secure".  The article you quote is some 3 or 4 months older in time and things change pace quickly in the world of computing as I am sure you know.  It is widely agreed in the security world that no major security holes have to date been discovered/disclosed in TrueCrypt.  The code analysis showed up a few minor to medium "Issues" in the codes strength but when you consider that this include the fact that "The code is not strongly documented" then I am sure that most people using that to protect there private details would not panic and think it "Insecure"

As to bitlocker being secure.....
You can see that this is not exactly true. In the world of computer forensics, nothing is really secure.

Often the most insecure thing in IT Security is physical access. Get that right and you have solved 95% of the problem.  The next 4% is down to users getting wrong information and being led to believe that "Secure" means SECURE!
0
 
LVL 2

Author Closing Comment

by:dronethought
ID: 40434007
Thank you all!!!
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

The article will include the best Data Recovery Tools along with their Features, Capabilities, and their Download Links. Hope you’ll enjoy it and will choose the one as required by you.
Today, still in the boom of Apple, PC's and products, nearly 50% of the computer users use Windows as graphical operating systems. If you are among those users who love windows, but are grappling to keep the system's hard drive optimized, then you s…
Finding and deleting duplicate (picture) files can be a time consuming task. My wife and I, our three kids and their families all share one dilemma: Managing our pictures. Between desktops, laptops, phones, tablets, and cameras; over the last decade…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question