Encryption when Sophos SafeGuard Disk Encryption has been installed without Pre-Boot Authentication (PBA).

  • Article ID: 109286
  • Updated: 28 May 2009


Product
Sophos SafeGuard Disk Encryption 4.60

Client OS

Windows 2000 Professional SP4, Windows XP SP3

Server OS

None

Question

If Sophos SafeGuard Disk Encryption has been installed without PBA. What is encrypted?

Answer

The encryption process is the same whether the "Password at system start"-option is set to "on" or "off". The key management is also absolutely identical.

The main difference is the method of authentication. If the PBA option is set to "off", an "*AUTOUSER" with a random password is created automatically. This function is not recommended.
This random password is split into different parts and stored in the Sophos SafeGuard Disk Encryption kernel. During the boot sequence Sophos SafeGuard Disk Encryption recovers the stored parts to reproduce the password.


keywords: sde autouser

 
If you need more information or guidance, then please contact technical support.

Rate this article

Very poor Excellent

Comments