Encryption is the process of encoding messages or information in such a way that only authorized parties can read it. In an encryption scheme, the intended communication information or message, referred to as plaintext, is encrypted using an encryption algorithm, generating ciphertext that can only be read if decrypted. For technical reasons, an encryption scheme usually uses a pseudo-random encryption key generated by an algorithm. An authorized recipient can easily decrypt the message with the key provided by the originator to recipients, but not to unauthorized interceptors.

Share tech news, updates, or what's on your mind.

Sign up to Post

I have Symantec Encryption Desktop on my computer.  When I login at the PGP screen, it accepts my password or PGP passphrase and begins the startup.  But after a minute of seeing the "Starting Windows" screen with the Windows logo, it seems to get stuck in a loop and reboots the computer, taking me right back to the PGP screen again.  I feel like an update was pushed through recently that is causing this.   How can this be fixed?
Exploring SQL Server 2016: Fundamentals
LVL 13
Exploring SQL Server 2016: Fundamentals

Learn the fundamentals of Microsoft SQL Server, a relational database management system that stores and retrieves data when requested by other software applications.

I would like to enable BitLocker through command prompt of my RMM (can run cmd as system).
1. Most of the systems don't have TPM. I would like to use there Password to unlock BitLocker drive.
2. I have couple of systems which have TPM. I would like to use there PIN in addition to TPM to unlock BitLocker drive.
We would like to encrypt with 256 strength, recovery path to be "\\localhost\c$\users\" (I used it in GUI BitLocker).

I found some examples and articles for PowerShell, but could not find anything for systems without TPM.

I tried using:
$SecureString = ConvertTo-SecureString "u7Y1FzJ6D8Wr1" -AsPlainText -Force
Get-BitLockerVolume | Enable-BitLocker -EncryptionMethod Aes256 -RecoveryKeyPath "\\localhost\c$\users\" -PasswordProtector $SecureString -RecoveryKeyProtector $SecureString -SkipHardwareTest
manage-bde but could not get past erros:

"Enable-BitLocker : Parameter set cannot be resolved using the specified named parameters.
At line:1 char:23
+ ... kerVolume | Enable-BitLocker -EncryptionMethod Aes256 -RecoveryKeyPat ...
+                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidArgument: (:) [Enable-BitLocker], ParameterBindingException
    + FullyQualifiedErrorId : AmbiguousParameterSet,Enable-BitLocker


"ERROR: An error occurred (code 0x8028400f):
A compatible Trusted Platform Module (TPM) Security Device cannot be found on this computer.

Tried amending …
A colleagues whatapps history was completely deleted from my iPhone.  A couple of weeks back, I went to text my associate and when opening the chat I noticed that the entire history was deleted; it was empty, only the end-to-end encryption was displayed on the top.  Can someone tell me what happened and if I can recover it.
Morning all. I have a small issue I was hoping you might be able to assist me with. Recently provided a client with an E3 license in order to allow her to use the "Encrypt Only" feature as per a request from a third party. After assigning the license and installing ProPlus to get the "Permissions" button. I am able to select "encrypt only" but it sends the encrypted email as an attachment, either a .eml (to Outlook) or a .rpmsg(gmail,yahoo). This attachment does not have any function.

I also found that in OWA the "Encrypt" button is visible in the new message window but it is greyed out.

I have run these commands in an attempt to resolve as per an article I found on the google to no avail.
Set-IRMConfiguration -ClientAccessServerEnabled $true
Set-IRMConfiguration -SimplifiedClientAccessEnabled $true

I have worked with Microsoft support, also to no avail.
I have Removed the license and reassigned to no avail

Here is the Get-IRMConfiguration, not sure if it will help.
InternalLicensingEnabled : False
ExternalLicensingEnabled : True
AzureRMSLicensingEnabled : False
TransportDecryptionSetting : Optional
JournalReportDecryptionEnabled : True
SimplifiedClientAccessEnabled : True
ClientAccessServerEnabled : True
SearchEnabled : True
EDiscoverySuperUserEnabled : True
DecryptAttachmentFromPortal : False
DecryptAttachmentForEncryptOnly : False
EnablePdfEncryption : False
AutomaticServiceUpdateEnabled : False
RMSOnlineKeySharingLocation :

We use window 10 and set a bit locker password and this password was working fine.
All of suddent it is not accepting this password today.

Please help as how to resolve this.

Thanks and any help would be great.
I am trying to decrypt this file:

6=‘˜žÊ³˜¢®«´¾ž£© ¿Äqq¨ZvŽIFH~³¶¡–»f»œ[²X‘wfXf©iW˜Y
7=‘˜ £©’œ–”ž·¦•¬Ž—¬ ©žqq¨ZvŽIFH~³¶¡–»f»œ[²X‘wfXf©iW
DBMS=MSS Microsoft SQL Server 2012

Open in new window

Still cannot figure out what algorithm has been used. Does anyone have any clue?
I was given public keys by vender , Im trying to connect to server through  WS _FTP utility .  I genertaed a set of keys using putty.  Im trying to import the private key that I created through Putty and receiving an error invalid format when trying to import  as my private keys through WS_FTP.

I had this question after viewing SSH - How to Disable CBC Mode Cipher Encryption and Enable CTR or GCM Cipher MOde Encryption?.

I have the same issue for Server 2012r2. I'd like to disable CBC mode cipher encryption, and enable CTR or GCM cipher mode encryption.
Hi All,

We are currently running our mail server on Zimbra. I would like to implement Secure email service Like Barracuda or proton mail which is encrypted on top of my mail server.

Any suggestions please. Looking for open source only.
Hi All,  

Bit of a strange one here but will explain.

My work Lenovo laptop had Bitlocker on however I planned to upgrade to an SSD, was advised to remove bitlocker first so did and cloned the HDD to ssd and all was great.

Re-enabled bitlocker (right click C drive enable SSD) chose a PIN and it asked where to send the recovery key.. I chose cloud as want sure where else to.

NB. We have a company bitlocker server...

Whilst it was encrypting (about ten mins in) I had some windows updates / bios update so went ahead and did that (probably not my best move)

Bios update finished fine, reboot and asked for PIN which I enter but then asking for recovery ID as hardware changed (probably bios update)

Now, my company are saying the laptop probably didn’t check in to their bitlocker server in time so they don’t have the key stored, and I’ve checked my Microsoft account and that doesn’t have it either. The laptop still accepts my pin but won’t get past the recovery key stage.

Any ideas what to do? I’ve heard stories about going into bios or special UEFI to disable security of some kind?

Literally I’m stuck and this is a totally legitimate issue which I’m not sure if even logging a case with Microsoft can be resolved?

Fundamentals of JavaScript
LVL 13
Fundamentals of JavaScript

Learn the fundamentals of the popular programming language JavaScript so that you can explore the realm of web development.

I have a user who has forgotten the open password on an Excel 2016 spreadsheet; initial searches shows the encryption is now 128bit so cracking it is very nearly impossible - is this right/any suggestions? thanks
How to configure a ipsec tunnel between a Cisco ASA 5520 and a Cisco ASA 5505?
 Network Diagram============================---------------------------remoteasa172-------------------------------=================================
: Hardware:   ASA5520, 2048 MB RAM, CPU Pentium 4 Celeron 2000 MHz
: ASA Version 9.1(7)32
interface GigabitEthernet0/0
 nameif outside
 security-level 0
 ip address
interface GigabitEthernet0/1
 nameif inside
 security-level 100
 ip address
access-list OUTSIDE-IN extended permit ip any any log
access-list OUTSIDE-IN extended permit icmp any any log
access-list OUTSIDE-IN extended permit tcp any any log
access-list OUTSIDE-OUT extended permit ip any any log
access-list OUTSIDE-OUT extended permit icmp any any log
access-list OUTSIDE-OUT extended permit tcp any any log
access-list INSIDE-IN extended permit ip any any log
access-list INSIDE-IN extended permit icmp any any log
access-list INSIDE-IN extended permit tcp any any log
access-list INSIDE-OUT extended permit ip any any log
access-list INSIDE-OUT extended permit icmp any any log
access-list INSIDE-OUT extended permit tcp any any log
access-list LAN_Traffic extended permit ip log
nat (inside,outside) after-auto source dynamic any interface
Hi, I have a digital certificate that I use to encrypt, sign and open encrpted emails from trusted sources such as my DOD customers. I have had no problems for the last couple of years. I have upgraded from Outlook 2010 to Outlook 2016 and I can no longer open encrypted emails. I get a message stating:

Sorry, we're having trouble opening this item. This could be temporary, but if you see it again you might want to restart Outlook. Your digital ID name cannot be found by the underlying security system.

I have verified my cert is installed and I also made sure that the senders cert was installed in their contact. Any help with this would be appreciated.

Thank you
I have a request to give a file/folder encryption software.
I saw Sophos Safeguard but it seems very expensive compare to other softwares.
Anyone knows a better software whch encrypts and password protect the files/folders.
Customer wants to password protect a file and send by email and share the password privately.

Appreciate your advise.
I have multiple users that when trying to send an email encrypted they get the error following recipients had missing or invalid certificates, or conflicting or unsupported encryption capabilities.  One of the users is me however some users can send me encrypted emails.

If the person sending the encrypted emails search for me , right clicks , and adds me to his contact list he then is able to send me an encrypted email. I know this is not normal they should just be able to click reply with out adding me into contacts.

Any ideas?
I need to create a bitlocker and onedrive security policy and need assistace in starting this process.  I checked the SANS website, but it does not contain what I'm really looking for...encryption.  I went to the MS site, but nothing as well.
Hi Experts,

One of my customers is encountering the following error when accessing our site, https://pavement-science.com.au:

This page can't be displayed
Turn on TLS 1.0. TLS 1.1, and TLS 1.2 in Advanced settings and try connecting to https://pavement-science.com.au again. If this error persists, it is possible that this site uses an unsupported protocol or cipher suite such as RC4 Link for the details), which is not considered secure. Please contact your site administrator.

He gets this error using Chrome and Firefox, but not with IE or Edge.

Hi experts.   I have a customer that got an encryption virus and we are dealing with it.   I am looking for any kind of way to setup the network so we don't get those, even if the client did click on the bad email.   We have taught most of our users to forward it to us if  it looks suspicious.  Always check the from address and that will tell you more.   But they still clicked on it and invited it in.,     We have 2 servers and about 25 workstations.  Have a Watchguard firewall and Bitdefender on all the machines.  
Any guidelines would be appreciated.
I had this question after viewing Samsung Galaxy S9 Plus Encryption?.

My s9+ phone does not have a "Security" option under "Settings", only a "Lock Screen and Security" option. Under that the only encryption option is for the SD card, not the Device.
Learn SQL Server Core 2016
LVL 13
Learn SQL Server Core 2016

This course will introduce you to SQL Server Core 2016, as well as teach you about SSMS, data tools, installation, server configuration, using Management Studio, and writing and executing queries.

mongodb SSL encryption with application makes slow.
Can somebody help on this
I have over 200 wireless machines that are currently wpa2 and TKIP.  My old Cisco controller didn't allow wpa2 and AES so we used TKIP.  My new controller a Cisco 5520 doesn't not allow wpa2 and TKIP. I'm stuck in catch 22.  Is there any way to change TKIP on the machines remotely, my users have no rights on the machines and I'd have to take off all the autologin settings and one by one change the encryption.  I don't want to have to create a group policy.  I'd rather use a script if possible
I am using arduino-crypto for my ESP8266. I'm not running into any errors but I do have an issue that I hope you can solve for me.

This code:
#define BLOCK_SIZE 16

uint8_t key[BLOCK_SIZE] = { 0x1C,0x3E,0x4B,0xAF,0x13,0x4A,0x89,0xC3,0xF3,0x87,0x4F,0xBC,0xD7,0xF3, 0x31, 0x31 };
uint8_t iv[BLOCK_SIZE] = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };

char plain_text[] = "1234567890ABCDEF1234567890ABCDEF";

  // encrypt
  int length = 0;
  bufferSize(plain_text, length);
  char encrypted[length];
  encrypt(plain_text, encrypted, length);

  Serial.print("Encrypted: ");


Open in new window

Works just fine and gives me an encryption value of:

Encrypted: y3QzsGi6cYiy3GGs31jXvTY8VI2OrlxsohOasiw4pgP+54gWXtUZPrjuRvOfyRTz

Open in new window

Now if i do both encrypt and decrypt then it decodes it just fine.

However, when i just run the decryption and copy the encrypted value and then run this:

// decrypt
  char* encrypted = "y3QzsGi6cYiy3GGs31jXvTY8VI2OrlxsohOasiw4pgP+54gWXtUZPrjuRvOfyRTz";
  int length = strlen(encrypted);
  char decrypted[length];
  decrypt(encrypted, decrypted, length);
  Serial.print("Decrypted: ");

Open in new window

It outputs this in the console:

Decrypted: ⸮⸮⸮⸮⸮j⸮Ҏ⸮R|;⸮⸮1234567890ABCDEF

Open in new window

It has a few original message letters/numbers in there but not sure why its not decrpting it like it does when you run both back-to-back.

What can be done in order to fix this?
Dear expert,

I have an HP Probook 450 G2 comes with 500GB of HDD and 4GB of memory. The TPM chip version is 1.2. I have formatted it Windows 10 Pro version 1803. I am planning to deploy Bitlocker on it, but I am wondering if I have to change the configuration of the BIOS from legacy to UEFI to avoid any issue in the future. I am also heard that I need to convert the drive from MBR to GPT.

What is the optimal configurations in my case please?
i'm needing some information on accessing data from outside the US.

we  provide a service in which we collect customer data such as, home address, telephone, number, email address,and credit card information (credit card is encrypted and not stored within our data center), we are a PCI environment.

would like to know what the US data protection laws are for granting our Europe support team to access our data center which houses the above client data. remote access would be via a multi factor VPN.

What is the best way to access the Windows 10 advance boot menu, when the drive is encrypted?
I can access Windows 10 after entering the recovery text in the encryption software, I got to the Windows 10 login screen and I had the system powered down abruptly (by the power button until it shutdown) . I am trying to get into Safe Mode so that I can disable the video card driver.

I can login to the system okay, but shortly afterwards, a blue screen appears.
The other things I will try look for a settings in the BIOS to disable the video card.
I do not  have a Windows 10 on a USB stick so that I can perform a repair of the OS.
My last resort would be to decrypt the SSD, and then try to access Windows 10 from the advance boot menu.
I will also look at the encryption vendor for how to enter the advance boot menu.
Maybe there is a Powershell command to disable the video card drivers, my thinking is that if I can boot the system via WinPE, I can disable the drivers from there.


Encryption is the process of encoding messages or information in such a way that only authorized parties can read it. In an encryption scheme, the intended communication information or message, referred to as plaintext, is encrypted using an encryption algorithm, generating ciphertext that can only be read if decrypted. For technical reasons, an encryption scheme usually uses a pseudo-random encryption key generated by an algorithm. An authorized recipient can easily decrypt the message with the key provided by the originator to recipients, but not to unauthorized interceptors.