Solved

User encrypted with Truecrypt. Password does not work

Posted on 2014-11-09
7
180 Views
Last Modified: 2014-11-10
User encrypted some credit card info. I saw her type the password. I typed the confirmation password. When trying to unencrypt, says wrong password? Whaaa??

The old keyboard was defective as we found out. Caps lock was flaky. We tried the password about twenty times. Is there a way to crack Truecrypt? We have the credit card info, that is ok. Just wondering. We did not have the bitlocker option.
Thanks
0
Comment
Question by:dronethought
7 Comments
 
LVL 37

Accepted Solution

by:
Neil Russell earned 500 total points
ID: 40431016
In a word? NO.
There would be no point to TrueCrypt if it was as simple as going online to a forum and asking "Hey, how do I crack TrueCrypt?"

There are of course some "Brute force" "Dictionary" cracking programs for TrueCrypt that will attempt to crack TrueCrypt encrypted disk partitions but that is on the assumption of you having used a simple dictionary password and not a long, strong encryption key.

Besides that, the rules of EE would not allow the discussion of the technicalities of cracking an encryption program.
0
 
LVL 15

Expert Comment

by:cwstad2
ID: 40431087
Unfortunatley its not as simple as you may think. However you can type into google cracking truecrypt and you will have a host of websites and videos that may help you. good luck
0
 
LVL 13

Expert Comment

by:Rizzle
ID: 40431090
This question defeats the object of the encryption in the first place. Bear in mind Truecrypt was deemed insecure by the developers of the software hence why it was shutdown. No doubt someone has cracked the encryption by now but as stated this cannot be discussed here.
0
Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

 
LVL 37

Expert Comment

by:Neil Russell
ID: 40431093
@Roshan Ejaz
" Bear in mind Truecrypt was deemed insecure by the developers of the software hence why it was shutdown"

An often misguided statement.  The actual statement from the development team was this...

"WARNING: Using TrueCrypt is not secure as it may contain unfixed security issues"

That is to say, this product is not being developed anymore and there MAY be security issues that arise in the future that we/nobody is currently aware of.  It does NOT say "We have proved it is insecure and are therefore closing down TrueCrypt.

For further information on this and a good read on the possible resurrection of TrueCrypt pay a visit to www.esecurityplanet.com and read the September 2014 article on there.
0
 
LVL 13

Expert Comment

by:Rizzle
ID: 40431096
So the part where it says "may contain unfixed security issues" doesnt mean it isnt insecure? Of course it mean its insecure hence why they put that!

They closed it down due to being insecure and they also found bitlocker as a better/more secure alternative.

Read this.....
http://krebsonsecurity.com/2014/05/true-goodbye-using-truecrypt-is-not-secure/
0
 
LVL 37

Expert Comment

by:Neil Russell
ID: 40431123
Firstly, understand that there is no such thing as "Secure".  The article you quote is some 3 or 4 months older in time and things change pace quickly in the world of computing as I am sure you know.  It is widely agreed in the security world that no major security holes have to date been discovered/disclosed in TrueCrypt.  The code analysis showed up a few minor to medium "Issues" in the codes strength but when you consider that this include the fact that "The code is not strongly documented" then I am sure that most people using that to protect there private details would not panic and think it "Insecure"

As to bitlocker being secure.....
You can see that this is not exactly true. In the world of computer forensics, nothing is really secure.

Often the most insecure thing in IT Security is physical access. Get that right and you have solved 95% of the problem.  The next 4% is down to users getting wrong information and being led to believe that "Secure" means SECURE!
0
 
LVL 2

Author Closing Comment

by:dronethought
ID: 40434007
Thank you all!!!
0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

I. Introduction There's an interesting discussion going on now in an Experts Exchange Group — Attachments with no extension (http://www.experts-exchange.com/discussions/210281/Attachments-with-no-extension.html). This reminded me of questions tha…
I use more than 1 computer in my office for various reasons. Multiple keyboards and mice take up more than just extra space, they make working a little more complicated. Using one mouse and keyboard for all of my computers makes life easier. This co…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now