Sophos SafeGuard Disk Encryption 4.60
Windows 2000 Professional SP4, Windows XP SP3
If Sophos SafeGuard Disk Encryption has been installed without PBA. What is encrypted?
The encryption process is the same whether the "Password at system start"-option is set to "on" or "off". The key management is also absolutely identical.
The main difference is the method of authentication. If the PBA option is set to "off", an "*AUTOUSER" with a random password is created automatically. This function is not recommended.
This random password is split into different parts and stored in the Sophos SafeGuard Disk Encryption kernel. During the boot sequence Sophos SafeGuard Disk Encryption recovers the stored parts to reproduce the password.
keywords: sde autouser